From c137ea3c5ad8ebb4a2d06967bda295759fa0641e Mon Sep 17 00:00:00 2001
From: Sandeep Singh <sandeep@projectdiscovery.io>
Date: Tue, 12 Dec 2023 18:35:26 +0530
Subject: [PATCH] strict matcher for erensoft-sqli (#8808)

---
 http/vulnerabilities/other/erensoft-sqli.yaml | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/http/vulnerabilities/other/erensoft-sqli.yaml b/http/vulnerabilities/other/erensoft-sqli.yaml
index 8b07ce1de9..92c8b20395 100644
--- a/http/vulnerabilities/other/erensoft-sqli.yaml
+++ b/http/vulnerabilities/other/erensoft-sqli.yaml
@@ -19,15 +19,18 @@ http:
       - |
         GET /videoseyret.php?id=95%20AND%20(SELECT%204581%20FROM%20(SELECT(SLEEP(6)))NyiX) HTTP/1.1
         Host: {{Hostname}}
-        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.111 Safari/537.36
-        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
 
+    matchers-condition: and
     matchers:
       - type: dsl
         dsl:
-          - 'duration>=6'
-          - 'status_code == 200'
-          - 'contains(content_type, "text/html") && contains(body, "videoseyret")'
+          - duration >= 6
+          - status_code == 200
+          - contains(content_type, "text/html") && contains(body, "videoseyret")
         condition: and
 
+      - type: word
+        words:
+          - class="entry-title"
+
 # digest: 4b0a00483046022100deb120c3c842006e5c080d9bb63c8b20698646202cfcb924803d0bffe1d64c00022100fc4dab90103a3bfd439cfda4f83e8555d2c8be9b42fb4489af40df23096e7579:922c64590222798bb761d5b6d8e72950