Create CVE-2018-7662.yaml

patch-1
Ritik Chaddha 2022-04-11 12:14:02 +05:30 committed by GitHub
parent db3b151053
commit 3d173d5925
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 29 additions and 0 deletions

View File

@ -0,0 +1,29 @@
id: CVE-2018-7662
info:
name: CouchCMS Full Path Disclosure
author: ritikchaddha
severity: medium
description: phpmailer.php and mysql2i.func.php disclosure the full path
reference: https://github.com/CouchCMS/CouchCMS/issues/46
tags: couchcms,fullpath,cve,cve2018
requests:
- method: GET
path:
- "{{BaseURL}}/includes/mysql2i/mysql2i.func.php"
- "{{BaseURL}}/addons/phpmailer/phpmailer.php"
matchers-condition: and
matchers:
- type: word
words:
- "mysql2i.func.php on line 10"
- "Fatal error: Cannot redeclare mysql_affected_rows() in"
- "phpmailer.php on line 10"
- "Fatal error: Call to a menber function add_event_listener() on a non-object in"
part: body
- type: status
status:
- 200