> ## Documentation Index
> Fetch the complete documentation index at: https://pentest-tools.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Get all finding templates



## OpenAPI

````yaml https://app.pentest-tools.com/api-schema.yml get /public/finding_templates
openapi: 3.0.3
info:
  title: pentest-tools.com REST API
  version: 1.0.1.1
servers:
  - url: https://app.pentest-tools.com/api/v2
security:
  - bearerAuth: []
tags:
  - name: targets
    x-displayName: Targets
    description: Operations done on Targets
  - name: scans
    x-displayName: Scans
    description: Operations done on Scans
  - name: workspaces
    x-displayName: Workspaces
    description: Operations done on Workspaces
  - name: http_loggers
    x-displayName: HTTP Loggers
    description: Operations done on HTTP Loggers
  - name: wordlists
    x-displayName: Wordlists
    description: Operations done on Wordlists
  - name: finding_templates
    x-displayName: Finding Templates
    description: Operations done on Finding Templates
  - name: vpn_profiles
    x-displayName: VPN Profiles
    description: Operations done on VPN Profiles
  - name: findings
    x-displayName: Findings
    description: Operations done on Findings
  - name: reports
    x-displayName: Reports
    description: Operations done on Reports
paths:
  /public/finding_templates:
    get:
      tags:
        - finding_templates
      summary: Get all finding templates
      operationId: get_finding_templates
      parameters:
        - name: vuln_id_type
          in: query
          description: The vuln_id type of the vulnerability (e.g. "NETSCAN", "WEBSCAN")
          required: false
          schema:
            type: string
            pattern: ^[A-Z]{7}$
            example: NETSCAN
        - name: has_ptt_exploit
          in: query
          description: >-
            Only show vulnerabilities which have/don"t have exploit
            capabilities. Setting this to `false` will only show vulnerabilities
            without any capabilities.
          required: false
          schema:
            type: boolean
            example: true
        - name: limit
          in: query
          description: the maximum number of templates to return
          required: false
          schema:
            type: integer
            example: 100
        - name: offset
          in: query
          description: >-
            the offset to start returning templates from. This does not work
            without the `limit` parameter
          required: false
          schema:
            type: integer
            example: 100
      responses:
        '200':
          description: OK
          headers:
            X-Matched-Count:
              schema:
                type: integer
              description: >-
                The number of templates that matched the query (excluding
                limits)
          content:
            application/json:
              schema:
                type: object
                required:
                  - data
                properties:
                  data:
                    type: array
                    items:
                      $ref: '#/components/schemas/FindingTemplate'
        '400':
          description: Invalid parameters
        '401':
          $ref: '#/components/responses/UnauthorizedError'
        '403':
          $ref: '#/components/responses/ForbiddenError'
        '429':
          $ref: '#/components/responses/TooManyRequestsError'
        '500':
          description: Internal server error
components:
  schemas:
    FindingTemplate:
      type: object
      properties:
        name:
          type: string
          description: The name of the vulnerability
          example: OS Command Injection
        software_type:
          type: string
          nullable: true
          description: The type of software affected by the vulnerability
          example: Web Server
        vendor:
          type: string
          nullable: true
          description: The vendor of the vulnerable software
          example: Microsoft
        product:
          type: string
          nullable: true
          description: The product affected by the vulnerability
          example: Laravel
        date:
          type: string
          nullable: true
          format: date
          description: The date of the vulnerability
          example: '2020-12-25T00:00:00.000Z'
        codename:
          type: string
          nullable: true
          description: The codename of the vulnerability
          example: OMIGOD
        vuln_description:
          type: string
          nullable: true
          description: The description of the vulnerability
          example: >-
            We found that the target F5 BIG-IP server is vulnerable to
            CVE-2020-5902, a Remote Code Execution vulnerability, affecting the
            Traffic Management User Interface (TMUI) component, which is
            publicly accessible.\nThe root cause of this vulnerability consists
            in a broken parser logic in the Tomcat endpoint. This allows an
            unauthenticated malicious attacker to access any file stored on the
            server.\nWe have detected this by sending a HTTP GET request to the
            tmui endpoint, containing the /etc/passwd file, and looking for the
            output of the file in the response.
        how_to_reproduce:
          type: string
          nullable: true
          description: The steps to reproduce the vulnerability
        public_vuln_description:
          type: string
          nullable: true
          description: The public description of the vulnerability
          example: >-
            F5 BIG-IP server is affected by a Remote Code Execution
            vulnerability, located in the Traffic Management User Interface
            (TMUI) component, which is publicly accessible.\nThe root cause of
            this vulnerability consists in a broken parser logic in the Tomcat
            endpoint.\nThis allows an unauthenticated malicious attacker to
            access any file stored on the server or to execute arbitrary
            commands on the server.
        risk_description:
          type: string
          nullable: true
          description: The risk description of the vulnerability
          example: >-
            The risk exists that a remote unauthenticated attacker can fully
            compromise the F5 BIG-IP server in order to steal confidential
            information, install ransomware or pivot to the internal network.
        recommendation:
          type: string
          nullable: true
          description: The recommendation of the vulnerability
          example: We recommend upgrading your F5 BIG-IP server to the latest version.
        public_recommendation:
          type: string
          nullable: true
          description: The public recommendation of the vulnerability
          example: >-
            Upgrade F5 BIG-IP server to the latest version or to a
            non-vulnerable version listed in K52145254.
        references:
          type: string
          nullable: true
          description: The references for the vulnerability
          example: >-
            <a
            href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5902"
            target="_blank">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5902</a><br><a
            href="https://pentest-tools.com/blog/big-ip-tmui-rce/"
            target="_blank">https://pentest-tools.com/blog/big-ip-tmui-rce/</a><br><a
            href="https://www.ptsecurity.com/ww-en/about/news/f5-fixes-critical-vulnerability-discovered-by-positive-technologies-in-big-ip-application-delivery-controller/"
            target="_blank">https://www.ptsecurity.com/ww-en/about/news/f5-fixes-critical-vulnerability-discovered-by-positive-technologies-in-big-ip-application-delivery-controller/</a><br><a
            href="https://research.nccgroup.com/2020/07/12/understanding-the-root-cause-of-f5-networks-k52145254-tmui-rce-vulnerability-cve-2020-5902/"
            target="_blank">https://research.nccgroup.com/2020/07/12/understanding-the-root-cause-of-f5-networks-k52145254-tmui-rce-vulnerability-cve-2020-5902/</a>
        vuln_cvssv3:
          type: number
          nullable: true
          format: float
        cve:
          type: array
          items:
            type: string
          example:
            - CVE-2021-26855
            - CVE-2021-27065
        ptt_exploit_capabilities:
          type: array
          items:
            type: string
          example:
            - RCE
            - File Read
        vuln_id:
          type: string
          nullable: true
          description: A unique vulnerability identifier
          example: NETSCAN-SNIPER-CVE-2021-42013-RCE
        epss_score:
          type: number
          nullable: true
          format: float
        epss_percentile:
          type: number
          nullable: true
          format: float
        in_cisa_catalog:
          type: boolean
          nullable: false
          example: true
          description: >-
            Indicated whether the CVEs are part of the CISA Known Exploited
            Vulnerabilities Catalog
        published:
          type: string
          nullable: true
          description: The published date of module
          example: '2021-08-04T00:00:00.000Z'
        updated:
          type: string
          nullable: true
          description: The updated date when module was modified
          example: '2022-05-25T00:00:00.000Z'
    ErrorResponse:
      type: object
      additionalProperties: false
      properties:
        status:
          type: integer
          example: 401
        message:
          type: string
          example: No API key specified
  responses:
    UnauthorizedError:
      description: API key is missing or invalid
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
    ForbiddenError:
      description: You can"t perform this action.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
    TooManyRequestsError:
      description: Too many requests made in a short period of time
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      description: >-
        Use the "API key" from the [profile
        page](https://app.pentest-tools.com/account/api) as the token

````