forked from Phuong39/2022-HW-POC
-
Notifications
You must be signed in to change notification settings - Fork 0
/
CVE-2017-9841.yaml
33 lines (31 loc) · 1.04 KB
/
CVE-2017-9841.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
id: cve-2017-9841
info:
name: PHPUnit Code Injection
risk: Critical
params:
- root: '{{.BaseURL}}'
variables:
- endpoint: |
sites/all/libraries/mailchimp/vendor/phpunit/phpunit/phpunit
vendor/phpunit/phpunit/phpunit
laravel_api/vendor/phpunit/phpunit/phpunit
api/vendor/phpunit/phpunit/phpunit
apps/vendor/phpunit/phpunit/phpunit
backup/vendor/phpunit/phpunit/phpunit
oldsite/vendor/phpunit/phpunit/phpunit
lib/phpunit/phpunit/phpunit
modules/vendor/phpunit/phpunit/phpunit
old/vendor/phpunit/phpunit/phpunit
zend/vendor/phpunit/phpunit/phpunit
yii/vendor/phpunit/phpunit/phpunit
requests:
- method: GET
url: >-
{{.root}}/{{.endpoint}}
headers:
- User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3984.0 Safari/537.36
detections:
- >-
StatusCode() == 200 && StringSearch("resBody", "this version of phpunit requires php 5")
references:
- https://www.cvebase.com/cve/2017/9841