:)

007panda · Apr 28, 2022 · a507fd7 · a507fd7
1 parent c98bf61
commit a507fd7
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 3 deletions.
diff --git a/config/msf_cve-db.txt b/config/msf_cve-db.txt
@@ -77,6 +77,7 @@
 /usr/share/metasploit-framework/modules/auxiliary/admin/http/wp_easycart_privilege_escalation.rb:CVE-2015-2673
 /usr/share/metasploit-framework/modules/auxiliary/admin/http/wp_gdpr_compliance_privesc.rb:CVE-2018-19207
 /usr/share/metasploit-framework/modules/auxiliary/admin/http/wp_google_maps_sqli.rb:CVE-2019-10692
+/usr/share/metasploit-framework/modules/auxiliary/admin/http/wp_masterstudy_privesc.rb:CVE-2022-0441
 /usr/share/metasploit-framework/modules/auxiliary/admin/http/wp_symposium_sql_injection.rb:CVE-2015-6522
 /usr/share/metasploit-framework/modules/auxiliary/admin/kerberos/ms14_068_kerberos_checksum.rb:CVE-2014-6324
 /usr/share/metasploit-framework/modules/auxiliary/admin/ldap/vmware_vcenter_vmdir_auth_bypass.rb:CVE-2020-3952
@@ -189,6 +190,7 @@
 /usr/share/metasploit-framework/modules/auxiliary/dos/windows/ftp/winftp230_nlst.rb:CVE-2008-5666
 /usr/share/metasploit-framework/modules/auxiliary/dos/windows/ftp/xmeasy560_nlst.rb:CVE-2008-5626
 /usr/share/metasploit-framework/modules/auxiliary/dos/windows/ftp/xmeasy570_nlst.rb:CVE-2008-5626
+/usr/share/metasploit-framework/modules/auxiliary/dos/windows/http/http_sys_accept_encoding_dos_cve_2021_31166.rb:CVE-2021-31166
 /usr/share/metasploit-framework/modules/auxiliary/dos/windows/http/ms10_065_ii6_asp_dos.rb:CVE-2010-1899
 /usr/share/metasploit-framework/modules/auxiliary/dos/windows/http/pi3web_isapi.rb:CVE-2008-6938
 /usr/share/metasploit-framework/modules/auxiliary/dos/windows/llmnr/ms11_030_dnsapi.rb:CVE-2011-0657
@@ -233,6 +235,8 @@
 /usr/share/metasploit-framework/modules/auxiliary/gather/exchange_proxylogon_collector.rb:CVE-2021-26855
 /usr/share/metasploit-framework/modules/auxiliary/gather/firefox_pdfjs_file_theft.rb:CVE-2015-4495
 /usr/share/metasploit-framework/modules/auxiliary/gather/flash_rosetta_jsonp_url_disclosure.rb:CVE-2014-4671
+/usr/share/metasploit-framework/modules/auxiliary/gather/grandstream_ucm62xx_sql_account_guess.rb:CVE-2020-5723
+/usr/share/metasploit-framework/modules/auxiliary/gather/grandstream_ucm62xx_sql_account_guess.rb:CVE-2020-5724
 /usr/share/metasploit-framework/modules/auxiliary/gather/huawei_wifi_info.rb:CVE-2013-6031
 /usr/share/metasploit-framework/modules/auxiliary/gather/ibm_sametime_enumerate_users.rb:CVE-2013-3975
 /usr/share/metasploit-framework/modules/auxiliary/gather/ibm_sametime_room_brute.rb:CVE-2013-3977
@@ -275,6 +279,7 @@
 /usr/share/metasploit-framework/modules/auxiliary/scanner/chargen/chargen_probe.rb:CVE-1999-0103
 /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:CVE-2017-12635
 /usr/share/metasploit-framework/modules/auxiliary/scanner/db2/db2_auth.rb:CVE-1999-0502
+/usr/share/metasploit-framework/modules/auxiliary/scanner/dcerpc/petitpotam.rb:CVE-2021-36942
 /usr/share/metasploit-framework/modules/auxiliary/scanner/dlsw/dlsw_leak_capture.rb:CVE-2014-7992
 /usr/share/metasploit-framework/modules/auxiliary/scanner/dns/dns_amp.rb:CVE-2006-0987
 /usr/share/metasploit-framework/modules/auxiliary/scanner/dns/dns_amp.rb:CVE-2006-0988
@@ -328,6 +333,7 @@
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/exchange_web_server_pushsubscription.rb:CVE-2019-0724
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/fortimail_login_bypass_detection.rb:CVE-2020-9294
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/gavazzi_em_login_loot.rb:CVE-2017-5146
+/usr/share/metasploit-framework/modules/auxiliary/scanner/http/gitlab_graphql_user_enum.rb:CVE-2021-4191
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/glassfish_login.rb:CVE-2011-0807
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/glassfish_traversal.rb:CVE-2017-1000028
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/goahead_traversal.rb:CVE-2014-9707
@@ -373,6 +379,7 @@
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/nagios_xi_scanner.rb:CVE-2020-35578
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/nagios_xi_scanner.rb:CVE-2020-5791
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/nagios_xi_scanner.rb:CVE-2020-5792
+/usr/share/metasploit-framework/modules/auxiliary/scanner/http/nagios_xi_scanner.rb:CVE-2021-37343
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/netdecision_traversal.rb:CVE-2012-1465
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/nginx_source_disclosure.rb:CVE-2010-2263
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/novell_file_reporter_fsfui_fileaccess.rb:CVE-2012-4958
@@ -428,7 +435,9 @@
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/wp_email_sub_news_sqli.rb:CVE-2019-20361
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/wp_learnpress_sqli.rb:CVE-2020-6010
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/wp_loginizer_log_sqli.rb:CVE-2020-27615
+/usr/share/metasploit-framework/modules/auxiliary/scanner/http/wp_modern_events_calendar_sqli.rb:CVE-2021-24946
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/wp_registrationmagic_sqli.rb:CVE-2021-24862
+/usr/share/metasploit-framework/modules/auxiliary/scanner/http/wp_secure_copy_content_protection_sqli.rb:CVE-2021-24931
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/wp_wps_hide_login_revealer.rb:CVE-2021-24917
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/yaws_traversal.rb:CVE-2011-4350
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/zenworks_assetmanagement_fileaccess.rb:CVE-2012-4933
@@ -676,10 +685,11 @@
 /usr/share/metasploit-framework/modules/exploits/linux/http/goautodial_3_rce_command_injection.rb:CVE-2015-2843
 /usr/share/metasploit-framework/modules/exploits/linux/http/goautodial_3_rce_command_injection.rb:CVE-2015-2845
 /usr/share/metasploit-framework/modules/exploits/linux/http/gpsd_format_string.rb:CVE-2004-1388
-/usr/share/metasploit-framework/modules/exploits/linux/http/grandstream_gxv3175_settimezone_unauth_cmd_exec.rb:CVE-2019-10655
+/usr/share/metasploit-framework/modules/exploits/linux/http/grandstream_gxv31xx_settimezone_unauth_cmd_exec.rb:CVE-2019-10655
 /usr/share/metasploit-framework/modules/exploits/linux/http/grandstream_ucm62xx_sendemail_rce.rb:CVE-2020-5722
 /usr/share/metasploit-framework/modules/exploits/linux/http/gravcms_exec.rb:CVE-2021-21425
 /usr/share/metasploit-framework/modules/exploits/linux/http/groundwork_monarch_cmd_exec.rb:CVE-2013-3502
+/usr/share/metasploit-framework/modules/exploits/linux/http/hikvision_cve_2021_36260_blind.rb:CVE-2021-36260
 /usr/share/metasploit-framework/modules/exploits/linux/http/ibm_drm_rce.rb:CVE-2020-4427
 /usr/share/metasploit-framework/modules/exploits/linux/http/ibm_drm_rce.rb:CVE-2020-4428
 /usr/share/metasploit-framework/modules/exploits/linux/http/ibm_drm_rce.rb:CVE-2020-4429
@@ -708,6 +718,7 @@
 /usr/share/metasploit-framework/modules/exploits/linux/http/mobileiron_mdm_hessian_rce.rb:CVE-2020-15505
 /usr/share/metasploit-framework/modules/exploits/linux/http/multi_ncc_ping_exec.rb:CVE-2015-1187
 /usr/share/metasploit-framework/modules/exploits/linux/http/mutiny_frontend_upload.rb:CVE-2013-0136
+/usr/share/metasploit-framework/modules/exploits/linux/http/nagios_xi_autodiscovery_webshell.rb:CVE-2021-37343
 /usr/share/metasploit-framework/modules/exploits/linux/http/nagios_xi_chained_rce_2_electric_boogaloo.rb:CVE-2018-8733
 /usr/share/metasploit-framework/modules/exploits/linux/http/nagios_xi_chained_rce_2_electric_boogaloo.rb:CVE-2018-8734
 /usr/share/metasploit-framework/modules/exploits/linux/http/nagios_xi_chained_rce_2_electric_boogaloo.rb:CVE-2018-8735
@@ -822,6 +833,8 @@
 /usr/share/metasploit-framework/modules/exploits/linux/local/cve_2021_3490_ebpf_alu32_bounds_check_lpe.rb:CVE-2021-3490
 /usr/share/metasploit-framework/modules/exploits/linux/local/cve_2021_3493_overlayfs.rb:CVE-2021-3493
 /usr/share/metasploit-framework/modules/exploits/linux/local/cve_2021_38648_omigod.rb:CVE-2021-38648
+/usr/share/metasploit-framework/modules/exploits/linux/local/cve_2021_4034_pwnkit_lpe_pkexec.rb:CVE-2021-4034
+/usr/share/metasploit-framework/modules/exploits/linux/local/cve_2022_0847_dirtypipe.rb:CVE-2022-0847
 /usr/share/metasploit-framework/modules/exploits/linux/local/docker_runc_escape.rb:CVE-2019-5736
 /usr/share/metasploit-framework/modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb:CVE-2019-10149
 /usr/share/metasploit-framework/modules/exploits/linux/local/glibc_ld_audit_dso_load_priv_esc.rb:CVE-2010-3847
@@ -938,6 +951,7 @@
 /usr/share/metasploit-framework/modules/exploits/multi/browser/chrome_object_create.rb:CVE-2018-17463
 /usr/share/metasploit-framework/modules/exploits/multi/browser/chrome_simplifiedlowering_overflow.rb:CVE-2020-16040
 /usr/share/metasploit-framework/modules/exploits/multi/browser/firefox_escape_retval.rb:CVE-2009-2477
+/usr/share/metasploit-framework/modules/exploits/multi/browser/firefox_jit_use_after_free.rb:CVE-2020-26950
 /usr/share/metasploit-framework/modules/exploits/multi/browser/firefox_pdfjs_privilege_escalation.rb:CVE-2015-0802
 /usr/share/metasploit-framework/modules/exploits/multi/browser/firefox_pdfjs_privilege_escalation.rb:CVE-2015-0816
 /usr/share/metasploit-framework/modules/exploits/multi/browser/firefox_proto_crmfrequest.rb:CVE-2012-3993
@@ -984,6 +998,8 @@
 /usr/share/metasploit-framework/modules/exploits/multi/ftp/wuftpd_site_exec_format.rb:CVE-2000-0573
 /usr/share/metasploit-framework/modules/exploits/multi/http/activecollab_chat.rb:CVE-2012-6554
 /usr/share/metasploit-framework/modules/exploits/multi/http/apache_activemq_upload_jsp.rb:CVE-2016-3088
+/usr/share/metasploit-framework/modules/exploits/multi/http/apache_apisix_api_default_token_rce.rb:CVE-2020-13945
+/usr/share/metasploit-framework/modules/exploits/multi/http/apache_apisix_api_default_token_rce.rb:CVE-2022-24112
 /usr/share/metasploit-framework/modules/exploits/multi/http/apache_jetspeed_file_upload.rb:CVE-2016-0709
 /usr/share/metasploit-framework/modules/exploits/multi/http/apache_jetspeed_file_upload.rb:CVE-2016-0710
 /usr/share/metasploit-framework/modules/exploits/multi/http/apache_mod_cgi_bash_env_exec.rb:CVE-2014-6271
@@ -1135,6 +1151,7 @@
 /usr/share/metasploit-framework/modules/exploits/multi/http/sonicwall_gms_upload.rb:CVE-2013-1359
 /usr/share/metasploit-framework/modules/exploits/multi/http/sonicwall_scrutinizer_methoddetail_sqli.rb:CVE-2014-4977
 /usr/share/metasploit-framework/modules/exploits/multi/http/splunk_mappy_exec.rb:CVE-2011-4642
+/usr/share/metasploit-framework/modules/exploits/multi/http/spring_cloud_function_spel_injection.rb:CVE-2022-22963
 /usr/share/metasploit-framework/modules/exploits/multi/http/struts2_code_exec_showcase.rb:CVE-2017-9791
 /usr/share/metasploit-framework/modules/exploits/multi/http/struts2_content_type_ognl.rb:CVE-2017-5638
 /usr/share/metasploit-framework/modules/exploits/multi/http/struts2_multi_eval_ognl.rb:CVE-2019-0230
@@ -1232,6 +1249,7 @@
 /usr/share/metasploit-framework/modules/exploits/multi/misc/wireshark_lwres_getaddrbyname_loop.rb:CVE-2010-0304
 /usr/share/metasploit-framework/modules/exploits/multi/misc/wireshark_lwres_getaddrbyname.rb:CVE-2010-0304
 /usr/share/metasploit-framework/modules/exploits/multi/ntp/ntp_overflow.rb:CVE-2001-0414
+/usr/share/metasploit-framework/modules/exploits/multi/php/ignition_laravel_debug_rce.rb:CVE-2021-3129
 /usr/share/metasploit-framework/modules/exploits/multi/php/php_unserialize_zval_cookie.rb:CVE-2007-1286
 /usr/share/metasploit-framework/modules/exploits/multi/php/wp_duplicator_code_inject.rb:CVE-2018-17207
 /usr/share/metasploit-framework/modules/exploits/multi/postgres/postgres_copy_from_program_cmd_exec.rb:CVE-2019-9193
@@ -1252,6 +1270,7 @@
 /usr/share/metasploit-framework/modules/exploits/osx/arkeia/type77.rb:CVE-2005-0491
 /usr/share/metasploit-framework/modules/exploits/osx/browser/adobe_flash_delete_range_tl_op.rb:CVE-2016-4117
 /usr/share/metasploit-framework/modules/exploits/osx/browser/osx_gatekeeper_bypass.rb:CVE-2021-30657
+/usr/share/metasploit-framework/modules/exploits/osx/browser/osx_gatekeeper_bypass.rb:CVE-2022-22616
 /usr/share/metasploit-framework/modules/exploits/osx/browser/safari_file_policy.rb:CVE-2011-3230
 /usr/share/metasploit-framework/modules/exploits/osx/browser/safari_in_operator_side_effect.rb:CVE-2020-9801
 /usr/share/metasploit-framework/modules/exploits/osx/browser/safari_in_operator_side_effect.rb:CVE-2020-9850
@@ -1314,6 +1333,7 @@
 /usr/share/metasploit-framework/modules/exploits/unix/http/laravel_token_unserialize_exec.rb:CVE-2018-15133
 /usr/share/metasploit-framework/modules/exploits/unix/http/lifesize_room.rb:CVE-2011-2763
 /usr/share/metasploit-framework/modules/exploits/unix/http/pfsense_clickjacking.rb:CVE-2017-1000479
+/usr/share/metasploit-framework/modules/exploits/unix/http/pfsense_diag_routes_webshell.rb:CVE-2021-41282
 /usr/share/metasploit-framework/modules/exploits/unix/http/pfsense_graph_injection_exec.rb:CVE-2016-10709
 /usr/share/metasploit-framework/modules/exploits/unix/http/pihole_blocklist_exec.rb:CVE-2020-11108
 /usr/share/metasploit-framework/modules/exploits/unix/http/pihole_dhcp_mac_exec.rb:CVE-2020-8816
@@ -1920,6 +1940,7 @@
 /usr/share/metasploit-framework/modules/exploits/windows/http/ektron_xslt_exec.rb:CVE-2012-5357
 /usr/share/metasploit-framework/modules/exploits/windows/http/ektron_xslt_exec_ws.rb:CVE-2015-0923
 /usr/share/metasploit-framework/modules/exploits/windows/http/ericom_access_now_bof.rb:CVE-2014-3913
+/usr/share/metasploit-framework/modules/exploits/windows/http/exchange_chainedserializationbinder_denylist_typo_rce.rb:CVE-2021-42321
 /usr/share/metasploit-framework/modules/exploits/windows/http/exchange_ecp_dlp_policy.rb:CVE-2020-16875
 /usr/share/metasploit-framework/modules/exploits/windows/http/exchange_ecp_dlp_policy.rb:CVE-2020-17132
 /usr/share/metasploit-framework/modules/exploits/windows/http/exchange_ecp_viewstate.rb:CVE-2020-0688
@@ -2102,9 +2123,12 @@
 /usr/share/metasploit-framework/modules/exploits/windows/local/cve_2020_1313_system_orchestrator.rb:CVE-2020-1313
 /usr/share/metasploit-framework/modules/exploits/windows/local/cve_2020_1337_printerdemon.rb:CVE-2020-1337
 /usr/share/metasploit-framework/modules/exploits/windows/local/cve_2020_17136.rb:CVE-2020-17136
-/usr/share/metasploit-framework/modules/exploits/windows/local/cve_2021_1732_win32k.rb:CVE-2021-1732
 /usr/share/metasploit-framework/modules/exploits/windows/local/cve_2021_21551_dbutil_memmove.rb:CVE-2021-21551
 /usr/share/metasploit-framework/modules/exploits/windows/local/cve_2021_40449.rb:CVE-2021-40449
+/usr/share/metasploit-framework/modules/exploits/windows/local/cve_2022_21882_win32k.rb:CVE-2021-1732
+/usr/share/metasploit-framework/modules/exploits/windows/local/cve_2022_21882_win32k.rb:CVE-2022-21882
+/usr/share/metasploit-framework/modules/exploits/windows/local/cve_2022_21999_spoolfool_privesc.rb:CVE-2022-21999
+/usr/share/metasploit-framework/modules/exploits/windows/local/cve_2022_26904_superprofile.rb:CVE-2022-26904
 /usr/share/metasploit-framework/modules/exploits/windows/local/docker_credential_wincred.rb:CVE-2019-15752
 /usr/share/metasploit-framework/modules/exploits/windows/local/druva_insync_insynccphwnet64_rcp_type_5_priv_esc.rb:CVE-2019-3999
 /usr/share/metasploit-framework/modules/exploits/windows/local/druva_insync_insynccphwnet64_rcp_type_5_priv_esc.rb:CVE-2020-5752
@@ -2180,6 +2204,7 @@
 /usr/share/metasploit-framework/modules/exploits/windows/misc/cloudme_sync.rb:CVE-2018-6892
 /usr/share/metasploit-framework/modules/exploits/windows/misc/commvault_cmd_exec.rb:CVE-2017-18044
 /usr/share/metasploit-framework/modules/exploits/windows/misc/crosschex_device_bof.rb:CVE-2019-12518
+/usr/share/metasploit-framework/modules/exploits/windows/misc/cve_2022_28381_allmediaserver_bof.rb:CVE-2022-28381
 /usr/share/metasploit-framework/modules/exploits/windows/misc/disk_savvy_adm.rb:CVE-2018-6481
 /usr/share/metasploit-framework/modules/exploits/windows/misc/doubletake.rb:CVE-2008-1661
 /usr/share/metasploit-framework/modules/exploits/windows/misc/eiqnetworks_esa.rb:CVE-2006-3838

diff --git a/installer/IF20_cve_search.sh b/installer/IF20_cve_search.sh
@@ -19,7 +19,6 @@
 IF20_cve_search() {
   module_title "${FUNCNAME[0]}"
 
-
   if [[ "$LIST_DEP" -eq 1 ]] || [[ $IN_DOCKER -eq 1 ]] || [[ $DOCKER_SETUP -eq 1 ]] || [[ $CVE_SEARCH -eq 1 ]] || [[ $FULL -eq 1 ]]; then
 
     print_git_info "trickest cve database" "trickest/cve" "Trickest CVE to github exploit database"