id: exposed-jquery-file-upload

info:
  name: Exposed jQuery File Upload
  author: dhiyaneshDk
  reference: https://www.exploit-db.com/exploits/45584
  severity: medium
  tags: exposure,jquery

requests:
  - method: GET
    path:
      - "{{BaseURL}}/jquery-file-upload/server/php/"

    matchers-condition: and
    matchers:
      - type: regex
        regex:
          - '^{\"files\":'
        part: body
      - type: word
        words:
          - "text/plain"
        part: header