nuclei-templates/cnvd/CNVD-2019-01348.yaml

id: CNVD-2019-01348

info:
  name: Xiuno BBS CNVD-2019-01348
  author: princechaddha
  severity: medium
  description: The Xiuno BBS system has a system reinstallation vulnerability. The vulnerability stems from the failure to protect or filter the installation directory after the system is installed. Attackers can directly reinstall the system through the installation page.
  reference: https://www.cnvd.org.cn/flaw/show/CNVD-2019-01348
  tags: xiuno,cnvd

requests:
  - method: GET
    path:
      - "{{BaseURL}}/install/"
    headers:
      Accept-Encoding: deflate
    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200
      - type: word
        words:
          - "/view/js/xiuno.js"
          - "Choose Language (选择语言)"
        part: body
        condition: and
moving files around 2021-06-03 16:24:08 +00:00			`id: CNVD-2019-01348`

Create xiuno-bbs-reinstallation.yaml 2021-04-23 13:10:17 +00:00			`info:`
Update xiuno-bbs-reinstallation.yaml 2021-04-23 13:11:15 +00:00			`name: Xiuno BBS CNVD-2019-01348`
Create xiuno-bbs-reinstallation.yaml 2021-04-23 13:10:17 +00:00			`author: princechaddha`
			`severity: medium`
			`description: The Xiuno BBS system has a system reinstallation vulnerability. The vulnerability stems from the failure to protect or filter the installation directory after the system is installed. Attackers can directly reinstall the system through the installation page.`
			`reference: https://www.cnvd.org.cn/flaw/show/CNVD-2019-01348`
moving files around 2021-06-03 16:24:08 +00:00			`tags: xiuno,cnvd`
Create xiuno-bbs-reinstallation.yaml 2021-04-23 13:10:17 +00:00
			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/install/"`
			`headers:`
			`Accept-Encoding: deflate`
			`matchers-condition: and`
			`matchers:`
			`- type: status`
			`status:`
			`- 200`
			`- type: word`
			`words:`
			`- "/view/js/xiuno.js"`
			`- "Choose Language (选择语言)"`
			`part: body`
			`condition: and`