daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

minor-update

patch-4
Dhiyaneshwaran 2024-07-04 12:44:02 +05:30 committed by GitHub
parent aa31bae34d
commit c6ad0cd05e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
http/vulnerabilities/other/azon-dominator-sqli.yaml
View File

@ -4,7 +4,8 @@ info:
name: Azon Dominator - SQL Injection name: Azon Dominator - SQL Injection
author: securityforeveryone author: securityforeveryone
severity: high severity: high
description: Azon Dominator software is vulnerable to a sql attack at /fetch_products.php. description: |
Azon Dominator software is vulnerable to a sql attack at /fetch_products.php.
reference: reference:
- https://www.exploit-db.com/exploits/52059 - https://www.exploit-db.com/exploits/52059
- https://www.codester.com/items/12775/azon-dominator-affiliate-marketing-script - https://www.codester.com/items/12775/azon-dominator-affiliate-marketing-script
@ -17,7 +18,7 @@ info:
http: http:
- raw: - raw:
- | - |
@timeout 20sn @timeout 20s
POST /fetch_products.php HTTP/2 POST /fetch_products.php HTTP/2
Host: {{Hostname}} Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded Content-Type: application/x-www-form-urlencoded
@ -27,7 +28,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- 'contains_all(body,"id","name")' - 'contains_all(body,"id","name","save_lists.php")'
- 'duration>=6' - 'duration>=6'
- 'status_code==500' - 'status_code==500'
condition: and condition: and