From e7fb3f4d4e94c1b4d949af8cf484b63d6edc434f Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Wed, 10 Jul 2024 16:57:31 +0530
Subject: [PATCH] minor-update

---
 http/vulnerabilities/other/enjoyrmis-sqli.yaml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/http/vulnerabilities/other/enjoyrmis-sqli.yaml b/http/vulnerabilities/other/enjoyrmis-sqli.yaml
index 23aa923942..5a6407a5ad 100644
--- a/http/vulnerabilities/other/enjoyrmis-sqli.yaml
+++ b/http/vulnerabilities/other/enjoyrmis-sqli.yaml
@@ -5,11 +5,15 @@ info:
   author: securityforeveryone
   severity: high
   description: |
-    EnjoyRMIS is vulnerable to a SQL injection in the GetOAById SOAP endpoint. An attacker can exploit this to execute arbitrary SQL commands.
+    EnjoyRMIS GetOAById has a SQL injection vulnerability, through which an attacker can obtain sensitive database information and even control the server.
   reference:
     - https://github.com/wy876/POC/blob/main/EnjoyRMIS-GetOAById%E5%AD%98%E5%9C%A8SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.md
   metadata:
     fofa-query: body="CheckSilverlightInstalled"
+    verified: true
+    max-request: 1
+  tags: enjoyrmis,sqli
+
 http:
   - raw:
       - |
@@ -31,5 +35,6 @@ http:
       - type: dsl
         dsl:
           - 'contains(body,"qqqzq1qvkqq")'
+          - 'contains(header,"text/xml")'
           - 'status_code == 500'
         condition: and