From 630a29f710c1bdf4058390e1530489c652713859 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 31 May 2022 14:48:05 +0530
Subject: [PATCH] Update php-zerodium-backdoor-rce.yaml

---
 vulnerabilities/other/php-zerodium-backdoor-rce.yaml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/vulnerabilities/other/php-zerodium-backdoor-rce.yaml b/vulnerabilities/other/php-zerodium-backdoor-rce.yaml
index bd8a08bd52..8279453a9b 100644
--- a/vulnerabilities/other/php-zerodium-backdoor-rce.yaml
+++ b/vulnerabilities/other/php-zerodium-backdoor-rce.yaml
@@ -4,7 +4,8 @@ info:
   name: PHP 8.1.0-dev - Backdoor Remote Code Execution
   author: dhiyaneshDk
   severity: critical
-  description: PHP 8.1.0-dev contains a backdoor dubbed 'zerodiumvar_dump' which can allow the execution of arbitrary PHP code.
+  description: |
+    PHP 8.1.0-dev contains a backdoor dubbed 'zerodiumvar_dump' which can allow the execution of arbitrary PHP code.
   reference:
     - https://news-web.php.net/php.internals/113838
     - https://flast101.github.io/php-8.1.0-dev-backdoor-rce/
@@ -13,7 +14,7 @@ info:
     cvss-score: 10.0
     cve-id:
     cwe-id: CWE-77
-  tags: php,backdoor
+  tags: php,backdoor,rce,zerodium
 
 requests:
   - method: GET
@@ -27,8 +28,8 @@ requests:
     matchers:
 
       - type: word
+        part: body
         words:
           - "int(54289)"
-        part: body
 
 # Enhanced by mp on 2022/05/30