daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

lint and format fix

patch-1
Ritik Chaddha 2023-06-24 23:52:39 +05:30 committed by GitHub
parent 724e350077
commit 19610568a3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 29 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
http/vulnerabilities/php-arcade-sqli.yaml Normal file
View File

@ -0,0 +1,29 @@
id: php-arcade-sqli
info:
name: PHP QUICK ARCADE 3.0.21 - SQL Injection
author: MaStErChO
severity: high
description: |
A vulnerability was found in Jcink PHP-Quick-Arcade 3.0.21 (Programming Language Software). It has been declared as critical. This vulnerability affects an unknown code of the file Arcade.php. The manipulation of the argument id with an unknown input leads to a sql injection vulnerability. The CWE definition for the vulnerability is CWE-89. The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.
reference:
- https://www.exploit-db.com/exploits/29604
- https://vuldb.com/?id.53008
- https://github.com/OWASP/vbscan/
tags: arcade,sqli
http:
- method: GET
path:
- "{{BaseURL}}/arcade.php?act=Arcade&do=stats&comment=a&s_id=1'"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "mySQL error"
- type: status
status:
- 200

30
http/vulnerabilities/vbulletin/arcade-sql-inj.yaml
View File

@ -1,30 +0,0 @@
id: arcade-php-sql-injection
info:
name: arcade.php SQL Injection
author: MaStErChO
severity: high
description: |
The arcade.php script is vulnerable to SQL injection. By exploiting this vulnerability, an attacker can manipulate the SQL queries executed by the script, potentially gaining unauthorized access to the database.
reference:
- https://www.exploit-db.com/exploits/29604
- https://github.com/OWASP/vbscan/
http:
- method: GET
path:
- "{{BaseURL}}/arcade.php?act=Arcade&do=stats&comment=a&s_id=1'"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "mySQL error"
- type: status
status:
- 200