Merge pull request projectdiscovery#3686 from MostInterestingBotInThe…

…World/dashboard Dashboard Updates: Multiple content enhancements
xiaodan11 · Feb 8, 2022 · 4cf3791 · 4cf3791
2 parents c19dcd5 + a459b22
commit 4cf3791
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 7 deletions.
diff --git a/cves/2018/CVE-2018-17254.yaml b/cves/2018/CVE-2018-17254.yaml
@@ -4,6 +4,7 @@ info:
   name: Joomla! JCK Editor SQL Injection
   author: Suman_Kar
   description: The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter.
+  remediation: Update or remove the affected plugin.
   severity: critical
   tags: joomla,sqli,cve,cve2018
   reference:
@@ -28,4 +29,4 @@ requests:
         words:
           - "nuclei-template"
 
-# Enhanced by cs on 2022/02/01
+# Enhanced by mp on 2022/02/08
diff --git a/cves/2020/CVE-2020-14882.yaml b/cves/2020/CVE-2020-14882.yaml
@@ -39,6 +39,4 @@ requests:
         part: interactsh_protocol
         words:
           - "http"
-# Enhanced by mp on 2022/02/04
-
-# Enhanced by mp on 2022/02/04
+# Enhanced by mp on 2022/02/08
diff --git a/cves/2021/CVE-2021-37538.yaml b/cves/2021/CVE-2021-37538.yaml
@@ -4,7 +4,7 @@ info:
   name: PrestaShop SmartBlog SQL Injection
   author: whoever
   severity: critical
-  description: PrestaShop SmartBlog by SmartDataSoft < 4.0.6 is vulnerable to a SQL injection in the blog archive functionality.
+  description: PrestaShop SmartBlog by SmartDataSoft < 4.0.6 is vulnerable to a SQL injection vulnerability in the blog archive functionality.
   tags: cve,cve2021,prestashop,smartblog,sqli
   remediation: Apply the fix.
   reference:
@@ -32,4 +32,4 @@ requests:
           - "c5fe25896e49ddfe996db7508cf00534"
         part: body
 
-# Enhanced by mp on 2022/02/02
+# Enhanced by mp on 2022/02/08
diff --git a/cves/2021/CVE-2021-42237.yaml b/cves/2021/CVE-2021-42237.yaml
@@ -4,7 +4,7 @@ info:
   name: Sitecore Experience Platform Pre-Auth RCE
   author: pdteam
   severity: critical
-  description: Sitecore XP 7.5 Initial Release to Sitecore XP 8.2 Update-7 is vulnerable to an insecure deserialization attack where it is possible to achieve remote command execution on the machine. No authentication or special configuration is required to exploit this vulnerability.
+  description: Sitecore XP 7.5 to Sitecore XP 8.2 Update 7 is vulnerable to an insecure deserialization attack where remote commands can be executed by an attacker with no authentication or special configuration required.
   reference:
     - https://blog.assetnote.io/2021/11/02/sitecore-rce/
     - https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1000776
@@ -117,3 +117,5 @@ requests:
         part: body
         words:
           - "System.ArgumentNullException"
+
+# Enhanced by mp on 2022/02/08
diff --git a/technologies/fingerprinthub-web-fingerprints.yaml b/technologies/fingerprinthub-web-fingerprints.yaml
@@ -2,10 +2,15 @@ id: fingerprinthub-web-fingerprints
 
 info:
   name: FingerprintHub Technology Fingerprint
+  description: FingerprintHub Technology Fingerprint tests run in nuclei.
   author: pdteam
   reference: https://github.com/0x727/FingerprintHub
   severity: info
   tags: tech
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
 
 requests:
   - method: GET
@@ -15058,3 +15063,5 @@ requests:
         name: zzzcms
         words:
           - Powered by <a href='http://zzzcms.com'>ZZZcms</a>
+
+# Enhanced by cs on 2022/02/08