Route: https://api.kayran.live/AppendVuln
This function allows you to manually Create and Attach a new Vulnerability to one of your Scans.
Roles Required: Admin and User. Private Users can only Add Vulnerabilities to Scans they have created.
Request Syntax
{
"apiKey": "String",
"token": "String",
"vulnName": "String","severity": int,
"key": "String","payload": "String",
"url": "String",
"action": "String",
"method": "String","statusCode": "String",
"img": "String",
"description": "String",
"impact": "String",
"recommendation": "String",
"links": "String",
"cwe": "String",
"cvss": "float",
"details": "String"
}
Request Parameters
Parameters being used in the Request
Parameter Name :
apiKey
Parameter Usage and Options :
Your Kayran given API Key.
How do I get it ? :
Located in the “Profile” section.
Note : by default, the “API Status” is enabled, unless, the Admin has disabled it in the “Server Settings” section.
Type :
String
Is it Optional ? :
No.
Parameter Name :
token
Parameter Usage and Options :
The Token of the Scan you wish the Vulnerability will be Added to.
How do I get it ? :
Simply use the “GetScan” or “GetAllScans” function, or navigate to a certain scan’s page, and in the address bar, you will notice “token=String”, use that String.
Type :
String
Is it Optional ? :
No.
Parameter Name :
vulnName
Parameter Usage and Options :
The Name of the Vulnerability you wish to Add. For example: SQL Injection.
Type :
String
Is it Optional ? :
No.
Parameter Name :
severity
Parameter Usage and Options :
The Severity of the Vulnerability you wish to Add.
Type :
Integer
0 – 3 (Informative-Low-Medium-High)
Is it Optional ? :
No.
Parameter Name :
key
Parameter Usage and Options :
In case you wish to Add a Vulnerable Key/Parameter to the Vulnerability.
Type :
String
Is it Optional ? :
Yes.
Parameter Name :
payload
Parameter Usage and Options :
In case you wish to Add a Payload to the Vulnerability.
Type :
String
Is it Optional ? :
Yes.
Parameter Name :
url
Parameter Usage and Options :
The Main URL of the Target.
Type :
String
Is it Optional ? :
No.
Parameter Name :
action
Parameter Usage and Options :
The Action that was performed for the Vulnerability to occur.
For example: https://example.com/action1/
Type :
String
Is it Optional ? :
No.
Parameter Name :
method
Parameter Usage and Options :
The Type of Method that used for the Vulnerability to occur.
For example: GET, POST etc.
Type :
String
Is it Optional ? :
Yes.
Parameter Name :
statusCode
Parameter Usage and Options :
In case you wish to Add a Status Code to the Vulnerability.
Type :
Integer
Is it Optional ? :
Yes.
Parameter Name :
img
Parameter Usage and Options :
In case Users wish to attach a Screenshot to the Vulnerability. Insert the exact full name of the File as it’s being saved in the Storage.
For example: image1.png –> image1.png.
Type :
String
Is it Optional ? :
Yes.
Parameter Name :
description
Parameter Usage and Options :
The Description of the Vulnerability you wish to Add.
Type :
String
Is it Optional ? :
Yes.
Parameter Name :
impact
Parameter Usage and Options :
The Impact of the Vulnerability you wish to Add.
Type :
String
Is it Optional ? :
Yes.
Parameter Name :
recommendation
Parameter Usage and Options :
The Recommendation of the Vulnerability you wish to Add.
Type :
String
Is it Optional ? :
Yes.
Parameter Name :
links
Parameter Usage and Options :
In case you wish to add References the Vulnerability you wish to Add.
Example: https://example1.com/ , https://example2.com/
Type :
String
Is it Optional ? :
Yes.
Parameter Name :
cwe
Parameter Usage and Options :
In case you wish to add CWEs that the Vulnerability is related to.
Type :
String
Is it Optional ? :
Yes.
Parameter Name :
cvss
Parameter Usage and Options :
In case you wish to add a CVSS Score to the Vulnerability.
Type :
Float/Integer
Is it Optional ? :
Yes.
Parameter Name :
details
Parameter Usage and Options :
In case you wish to add More Details regarding the Vulnerability you wish to Add.
Type :
String
Is it Optional ? :
Yes.
Successful Response
{
“Error”: 0,
“Function”: “AppendVuln”,
“Data”: “Vulnerability has been Successfully Added”
}
Errors and their Possible Causes
For more information, please refer to the General Errors section.