> ## Documentation Index
> Fetch the complete documentation index at: https://trickest.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Scan for Outdated Software

> Scan for outdated software with known publicly exploitable vulnerabilities from the CVE and CNVD databases

export const ModuleOverview = ({category, inputs, outputs, author, createdDate, iframeUrl, long_description}) => <div style={{
  backgroundColor: 'var(--background-card)',
  borderRadius: '16px',
  padding: '32px',
  boxShadow: '0 8px 32px rgba(0, 0, 0, 0.08)'
}}>
    <div style={{
  width: '100%',
  height: '600px',
  backgroundColor: 'var(--background-default)',
  borderRadius: '16px',
  overflow: 'hidden',
  border: '1px solid var(--border-default)',
  marginBottom: '24px',
  position: 'relative'
}}>
      <div style={{
  width: '100%',
  height: '100%'
}}>
        <div className="p-2 not-prose relative bg-gray-50/50 rounded-xl overflow-hidden dark:bg-gray-800/25" style={{
  width: '100%',
  height: '100%'
}}>
          <div className="absolute inset-0 bg-grid-neutral-200/20 [mask-image:linear-gradient(0deg,#fff,rgba(255,255,255,0.6))] dark:bg-grid-white/5 dark:[mask-image:linear-gradient(0deg,rgba(255,255,255,0.1),rgba(255,255,255,0.5))]" style={{
  backgroundPosition: '10px 10px'
}}></div>
          <div className="relative rounded-lg overflow-hidden flex justify-center" style={{
  width: '100%',
  height: '100%'
}}>
            <iframe src={iframeUrl} scrolling="no" style={{
  position: 'absolute',
  top: 0,
  left: 0,
  width: '100%',
  height: '100%',
  border: 'none',
  overflow: 'hidden'
}} title="Module Preview" />
          </div>
          <div className="absolute inset-0 pointer-events-none border border-black/5 rounded-xl dark:border-white/5"></div>
        </div>
      </div>
    </div>

    <div style={{
  display: 'flex',
  justifyContent: 'space-between',
  alignItems: 'center',
  marginBottom: '24px'
}}>
      <div style={{
  display: 'flex',
  gap: '16px',
  alignItems: 'center'
}}>
        <span style={{
  background: 'linear-gradient(135deg, #00a3ff, #0065ff)',
  color: 'white',
  padding: '8px 16px',
  borderRadius: '24px',
  fontSize: '0.875rem',
  fontWeight: '600',
  textTransform: 'uppercase'
}}>
          {category}
        </span>
      </div>
      
      <div style={{
  display: 'flex',
  gap: '24px',
  alignItems: 'center'
}}>
        <div>
          <p style={{
  color: 'var(--text-secondary)',
  fontSize: '0.875rem',
  margin: 0
}}>Created by</p>
          <p style={{
  color: 'var(--text-primary)',
  fontWeight: '500',
  margin: 0
}}>{author}</p>
        </div>
        <div style={{
  width: '1px',
  height: '32px',
  backgroundColor: 'var(--border-default)'
}} />
        <div>
          <p style={{
  color: 'var(--text-secondary)',
  fontSize: '0.875rem',
  margin: 0
}}>Last updated</p>
          <p style={{
  color: 'var(--text-primary)',
  fontWeight: '500',
  margin: 0
}}>
            {new Date(createdDate).toLocaleDateString()}
          </p>
        </div>
      </div>
    </div>

    <p style={{
  color: 'rgba(163, 179, 188, 0.8)',
  fontSize: '1rem',
  margin: '0 0 24px 0',
  lineHeight: '1.6'
}}>
      {long_description}
    </p>

    <div style={{
  display: 'grid',
  gridTemplateColumns: '1fr 1fr',
  gap: '32px'
}}>
      <div>
        <h3 style={{
  fontSize: '1.25rem',
  fontWeight: '600',
  color: 'var(--text-primary)',
  marginBottom: '16px',
  display: 'flex',
  alignItems: 'center',
  gap: '8px'
}}>
          <svg width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor">
            <path d="M5 12h14M12 5l7 7-7 7" />
          </svg>
          Input Parameters
        </h3>
        <div style={{
  display: 'flex',
  flexDirection: 'column',
  gap: '12px'
}}>
          {Object.entries(inputs).map(([key, value]) => <div key={key} style={{
  padding: '16px',
  backgroundColor: 'var(--background-default)',
  borderRadius: '12px',
  border: '1px solid var(--border-default)'
}}>
              <ParamField query={key} type={value.type.toLowerCase()} optional={!value.visible} required={value.visible}>
                <span style={{
  fontSize: '0.95rem',
  color: 'var(--text-secondary)',
  lineHeight: '1.5'
}}>
                  {value.description}
                </span>
              </ParamField>
            </div>)}
        </div>
      </div>

      <div>
        <h3 style={{
  fontSize: '1.25rem',
  fontWeight: '600',
  color: 'var(--text-primary)',
  marginBottom: '16px',
  display: 'flex',
  alignItems: 'center',
  gap: '8px'
}}>
          <svg width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor">
            <circle cx="12" cy="12" r="10" /><path d="M8 12h8" />
          </svg>
          Outputs
        </h3>
        <div style={{
  display: 'flex',
  flexWrap: 'wrap',
  gap: '6px'
}}>
          {outputs.map((output, index) => <span key={index} style={{
  background: 'rgba(255, 107, 0, 0.1)',
  borderRadius: '6px',
  padding: '2px 8px',
  fontSize: '0.7rem',
  display: 'inline-flex',
  alignItems: 'center',
  gap: '4px',
  color: '#ff6b00',
  border: '1px solid rgba(255, 107, 0, 0.2)'
}}>
              {output}
            </span>)}
        </div>
      </div>
    </div>
  </div>;

<ModuleOverview
  category="Vulnerability Scanning"
  inputs={ {
"urls": {
"name": "urls",
"type": "FILE",
"visible": true,
"description": "List of web server URLs",
},
"header": {
"name": "header",
"type": "STRING",
"visible": false,
"description": "Header(s) to include in HTTP requests",
},
"rate-limit": {
"name": "rate-limit",
"type": "STRING",
"visible": false,
"description": "Maximum number of requests to send per second per machine",
},
"header-file": {
"name": "header-file",
"type": "FILE",
"visible": false,
"description": "Header(s) to include in HTTP requests",
},
}}
  outputs={[ 
"findings"
]}
  author="mhmdiaa-trickest"
  createdDate="2024-08-12"
  iframeUrl="https://editor.trickest.io/preview?workflow_url=https://trickest-public-workflow.s3.eu-central-1.amazonaws.com/fef049b9-d7cd-4c15-ad73-8ee26a111f76.json"
/>

# Scan for Outdated Software

## Description

Scan for outdated software with known publicly exploitable vulnerabilities from the CVE and CNVD databases.

## Features

* Checks for **vulnerable software listed in the CVE and CNVD databases**.
* Uses proof-of-concept (PoC) scanning to highlight only exploitable vulnerabilities and **minimize false positives**.
* Can scan **thousands of web servers** simultaneously.

## Inputs

### Required

* **urls:** a list of URLs

```
https://foo.example.com
https://bar.example.com
```

### Optional

* **header**: Header(s) to include in HTTP requests
* **header-file**: File with header(s) to include in HTTP requests
* **rate-limit**: Maximum number of requests to send per second per machine (default: 300)

### Outputs

* **findings:** JSONLines records of finding details.

```json theme={null}
{"finding": "WordPress HTML5 Video Player - SQL Injection", "location": "https://foo.example.com/?rest_route=/h5vp/v1/view/1&id=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+-", "severity": "critical", "hostname": "foo.example.com", "domain_name": "example.com", "method": "GET", "description": "WordPress HTML5 Video Player plugin is vulnerable to SQL injection. An unauthenticated attacker can exploit this vulnerability to perform SQL injection attacks"}
{"finding": "Citrix Gateway and Citrix ADC - Cross-Site Scripting", "location": "https://bar.example.com/oauth/idp/logout?post_logout_redirect_uri=%0d%0a%0d%0a<script>alert(document.domain)</script>", "severity": "medium", "hostname": "bar.example.com", "domain_name": "example.com", "method": "GET", "description": "Citrix ADC and Citrix Gateway versions before 13.1 and 13.1-45.61, 13.0 and 13.0-90.11, 12.1 and 12.1-65.35 contain a cross-site scripting vulnerability due to improper input validation."}
```

## Changelog

* v1.0.0
  * Initial release
* v1.1.0
  * Added `header-file` input
* v1.2.0
  * Added recursive scanning to detect vulnerabilities at every level of the input URL paths
* v1.2.1
  * Included the HTTP request that triggered each finding in the `request` field of the `findings` output
* v1.2.2
  * Accuracy improvements
