daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

added flow and matchers

patch-4
Ritik Chaddha 2024-07-09 14:17:13 +05:30 committed by GitHub
parent dfe3cde4f1
commit 2f82d89291
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
http/cves/2024/CVE-2024-4836.yaml
View File

@ -11,12 +11,25 @@ info:
- https://github.com/sleep46/CVE-2024-4836_Check
- https://nvd.nist.gov/vuln/detail/CVE-2024-4836
metadata:
verified: "true"
max-request: 1
fofa-query: "Edito CMS"
max-request: 5
fofa-query: icon_hash="1491301339"
tags: cve,cve2024,cms,edito,info-leak
flow: http(1) && http(2)
http:
- method: GET
path:
- "{{BaseURL}}"
matchers:
- type: dsl
dsl:
- 'contains_any(body,"content=\"edito", "www.edito.pl")'
- 'status_code==200'
condition: and
internal: true
- method: GET
path:
- "{{BaseURL}}/config.php"
@ -27,6 +40,6 @@ http:
matchers:
- type: dsl
dsl:
- 'contains(body,"db_password")'
- 'contains_all(body,"db_password", "db_username")'
- 'status_code==200'
condition: and