Create CVE-2014-4942.yaml

2022-08-04 16:01:33 +05:30 · 2022-08-04 16:01:33 +05:30 · e063e0a998
parent 3c0910818f
commit e063e0a998
1 changed files with 39 additions and 0 deletions
--- a/cves/2014/CVE-2014-4942.yaml
+++ b/cves/2014/CVE-2014-4942.yaml
@ -0,0 +1,39 @@
+id: CVE-2014-4942
+
+info:
+  name: WP EasyCart Information Disclosure
+  author: DhiyaneshDk
+  description: |
+    The EasyCart (wp-easycart) plugin before 2.0.6 for WordPress allows remote attackers to obtain configuration information via a direct request to inc/admin/phpinfo.php, which calls the phpinfo function.
+  severity: low
+  reference:
+      - https://codevigilant.com/disclosure/wp-plugin-wp-easycart-information-disclosure/
+      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4942
+      - https://nvd.nist.gov/vuln/detail/CVE-2014-4942
+      - https://wpscan.com/vulnerability/64ea4135-eb26-4dea-a13f-f4c1deb77150
+  tags: wordpress,wp-plugin,wp,phpinfo
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/wp-easycart/inc/admin/phpinfo.php"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "PHP Extension"
+          - "PHP Version"
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '>PHP Version <\/td><td class="v">([0-9.]+)'