From 19610568a3384d1f9ce38ff68f8c1f2be555669e Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Sat, 24 Jun 2023 23:52:39 +0530
Subject: [PATCH] lint and format fix

---
 http/vulnerabilities/php-arcade-sqli.yaml     | 29 ++++++++++++++++++
 .../vbulletin/arcade-sql-inj.yaml             | 30 -------------------
 2 files changed, 29 insertions(+), 30 deletions(-)
 create mode 100644 http/vulnerabilities/php-arcade-sqli.yaml
 delete mode 100644 http/vulnerabilities/vbulletin/arcade-sql-inj.yaml

diff --git a/http/vulnerabilities/php-arcade-sqli.yaml b/http/vulnerabilities/php-arcade-sqli.yaml
new file mode 100644
index 0000000000..c246a2a961
--- /dev/null
+++ b/http/vulnerabilities/php-arcade-sqli.yaml
@@ -0,0 +1,29 @@
+id: php-arcade-sqli
+
+info:
+  name: PHP QUICK ARCADE 3.0.21 - SQL Injection
+  author: MaStErChO
+  severity: high
+  description: |
+    A vulnerability was found in Jcink PHP-Quick-Arcade 3.0.21 (Programming Language Software). It has been declared as critical. This vulnerability affects an unknown code of the file Arcade.php. The manipulation of the argument id with an unknown input leads to a sql injection vulnerability. The CWE definition for the vulnerability is CWE-89. The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.
+  reference:
+    - https://www.exploit-db.com/exploits/29604
+    - https://vuldb.com/?id.53008
+    - https://github.com/OWASP/vbscan/
+  tags: arcade,sqli
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/arcade.php?act=Arcade&do=stats&comment=a&s_id=1'"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "mySQL error"
+
+      - type: status
+        status:
+          - 200
diff --git a/http/vulnerabilities/vbulletin/arcade-sql-inj.yaml b/http/vulnerabilities/vbulletin/arcade-sql-inj.yaml
deleted file mode 100644
index 31a903225e..0000000000
--- a/http/vulnerabilities/vbulletin/arcade-sql-inj.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-id: arcade-php-sql-injection
-
-info:
-  name: arcade.php SQL Injection
-  author: MaStErChO
-  severity: high
-  description: |
-    The arcade.php script is vulnerable to SQL injection. By exploiting this vulnerability, an attacker can manipulate the SQL queries executed by the script, potentially gaining unauthorized access to the database.
-
-  reference:
-    - https://www.exploit-db.com/exploits/29604
-    - https://github.com/OWASP/vbscan/
-
-
-http:
-  - method: GET
-    path:
-      - "{{BaseURL}}/arcade.php?act=Arcade&do=stats&comment=a&s_id=1'"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - "mySQL error"
-
-      - type: status
-        status:
-          - 200
-