Update CVE-2022-36537.yaml

2023-01-16 00:39:02 +05:30 · 2023-01-16 00:39:02 +05:30 · cbc0ceed61
parent 3321d8d6f5
commit cbc0ceed61
1 changed files with 6 additions and 6 deletions
--- a/cves/2022/CVE-2022-36537.yaml
+++ b/cves/2022/CVE-2022-36537.yaml
@ -17,7 +17,7 @@ info:
  metadata:
    verified: "true"
    shodan-query: http.title:"Server backup manager"
-  tags: cve,cve2022,sensitive-information,unauth,zk-framework
+  tags: cve,cve2022,zk-framework,exposure,unauth

 requests:
  - raw:
@ -39,14 +39,14 @@ requests:
        /WEB-INF/web.xml
        ------WebKitFormBoundaryCs6yB0zvpfSBbYEp--

-    req-condition: true
    cookie-reuse: true
    matchers-condition: and
    matchers:
-      - type: word
-        part: body_2
-        words:
-          - "display-name"
+      - type: regex
+        part: body
+        regex:
+          - "<display-name>.*</display-name>"
+          - "<welcome-file-list>((.|\n)*)welcome-file-list>"
          - "xml version"
          - "web-app"
        condition: and