Update vulners.nse

Slightly change the description to explicitly mention the usage of the remote service.
Add the script to the "external" category.

vulners.nse

@@ -1,11 +1,17 @@
 description = [[
-For each available cpe it prints the known vulns (links to the correspondent info).
+For each available CPE the script prints out known vulns (links to the correspondent info) and correspondent CVSS scores.
 
 Its work is pretty simple:
 - work only when some software version is identified for an open port
-- take all the known cpe for that software (from the standard nmap output)
-- ask whether some known vulns exist for that cpe
-- print that info out
+- take all the known CPEs for that software (from the standard nmap -sV output)
+- make a request to a remote server (vulners.com API) to learn whether any known vulns exist for that CPE
+ - if no info is found this way - try to get it using the software name alone
+- print the obtained info out
+
+NB:
+Since the size of the DB with all the vulns is more than 250GB there is no way to use a local db. 
+So we do make requests to a remote service. Still all the requests contain just two fields - the 
+software name and its version (or CPE), so one can still have the desired privacy.
 ]]
 
 ---
@@ -28,7 +34,7 @@ Its work is pretty simple:
 
 author = 'gmedian AT vulners DOT com'
 license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
-categories = {"vuln", "safe"}
+categories = {"vuln", "safe", "external"}
 
 
 local http = require "http"
@@ -64,7 +70,7 @@ function make_links(vulns)
     table.insert(vulns_result, v)
   end
 
-	-- Sort the acquired vulns by the CVSS score
+  -- Sort the acquired vulns by the CVSS score
   table.sort(vulns_result, function(a, b)
                               return a._source.cvss.score > b._source.cvss.score
                            end