1. Home
  2. Docs
  3. API Documentation
  4. Vulnerabilities
  5. AppendVuln

AppendVuln

Route: https://api.kayran.live/AppendVuln

This function allows you to manually Create and Attach a new Vulnerability to one of your Scans.

Roles Required: Admin and User. Private Users can only Add Vulnerabilities to Scans they have created.

Request Syntax

{
"apiKey": "String",
"token": "String",
"vulnName": "String",

"severity": int,
"key": "String",

"payload": "String",
"url": "String",
"action": "String",
"method": "String",

"statusCode": "String",
"img": "String",
"description": "String",
"impact": "String",
"recommendation": "String",
"links": "String",
"cwe": "String",
"cvss": "float",
"details": "String"
}


Request Parameters

Parameters being used in the Request

Parameter Name :

apiKey

Parameter Usage and Options :

Your Kayran given API Key.

How do I get it ? :

Located in the “Profile” section.

Note : by default, the “API Status” is enabled, unless, the Admin has disabled it in the “Server Settings” section.

Type :

String

Is it Optional ? :

No.


Parameter Name :

token

Parameter Usage and Options :

The Token of the Scan you wish the Vulnerability will be Added to.

How do I get it ? :

Simply use the “GetScan” or “GetAllScans” function, or navigate to a certain scan’s page, and in the address bar, you will notice “token=String”, use that String.

Type :

String

Is it Optional ? :

No.


Parameter Name :

vulnName

Parameter Usage and Options :

The Name of the Vulnerability you wish to Add. For example: SQL Injection.

Type :

String

Is it Optional ? :

No.


Parameter Name :

severity

Parameter Usage and Options :

The Severity of the Vulnerability you wish to Add.

Type :

Integer

0 – 3 (Informative-Low-Medium-High)

Is it Optional ? :

No.


Parameter Name :

key

Parameter Usage and Options :

In case you wish to Add a Vulnerable Key/Parameter to the Vulnerability.

Type :

String

Is it Optional ? :

Yes.


Parameter Name :

payload

Parameter Usage and Options :

In case you wish to Add a Payload to the Vulnerability.

Type :

String

Is it Optional ? :

Yes.


Parameter Name :

url

Parameter Usage and Options :

The Main URL of the Target.

Type :

String

Is it Optional ? :

No.


Parameter Name :

action

Parameter Usage and Options :

The Action that was performed for the Vulnerability to occur.
For example: https://example.com/action1/

Type :

String

Is it Optional ? :

No.


Parameter Name :

method

Parameter Usage and Options :

The Type of Method that used for the Vulnerability to occur.
For example: GET, POST etc.

Type :

String

Is it Optional ? :

Yes.


Parameter Name :

statusCode

Parameter Usage and Options :

In case you wish to Add a Status Code to the Vulnerability.

Type :

Integer

Is it Optional ? :

Yes.


Parameter Name :

img

Parameter Usage and Options :

In case Users wish to attach a Screenshot to the Vulnerability. Insert the exact full name of the File as it’s being saved in the Storage.
For example: image1.png –> image1.png.

Type :

String

Is it Optional ? :

Yes.


Parameter Name :

description

Parameter Usage and Options :

The Description of the Vulnerability you wish to Add.

Type :

String

Is it Optional ? :

Yes.


Parameter Name :

impact

Parameter Usage and Options :

The Impact of the Vulnerability you wish to Add.

Type :

String

Is it Optional ? :

Yes.


Parameter Name :

recommendation

Parameter Usage and Options :

The Recommendation of the Vulnerability you wish to Add.

Type :

String

Is it Optional ? :

Yes.


Parameter Name :

links

Parameter Usage and Options :

In case you wish to add References the Vulnerability you wish to Add.
Example: https://example1.com/ , https://example2.com/

Type :

String

Is it Optional ? :

Yes.


Parameter Name :

cwe

Parameter Usage and Options :

In case you wish to add CWEs that the Vulnerability is related to.

Type :

String

Is it Optional ? :

Yes.


Parameter Name :

cvss

Parameter Usage and Options :

In case you wish to add a CVSS Score to the Vulnerability.

Type :

Float/Integer

Is it Optional ? :

Yes.


Parameter Name :

details

Parameter Usage and Options :

In case you wish to add More Details regarding the Vulnerability you wish to Add.

Type :

String

Is it Optional ? :

Yes.


Successful Response

{

    “Error”: 0,

    “Function”: “AppendVuln”,

    “Data”: “Vulnerability has been Successfully Added”

}

Errors and their Possible Causes

For more information, please refer to the General Errors section.