Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 22 additions & 0 deletions .appsec-tests/vpatch-CVE-2020-13640/CVE-2020-13640.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
## autogenerated on 2025-10-15 14:07:19
id: CVE-2020-13640
info:
name: CVE-2020-13640
author: crowdsec
severity: info
description: CVE-2020-13640 testing
tags: appsec-testing
http:
- raw:
- |
POST /wp-content/plugins/wpdiscuz/utils/ajax/wpdiscuz-ajax.php HTTP/1.1
Host: {{Host}}
Content-Type: application/x-www-form-urlencoded
Connection: close

action=wpdLoadMoreComments&offset=1&orderBy=comment_date_gmt&order=, (SELECT CASE WHEN (ORD(SUBSTRING((SELECT user_login FROM wp_users LIMIT 0,1),1,1)) > 96) THEN 1 ELSE 1*(SELECT table_name FROM information_schema.tables) END)=1 ASC #&lastParentId=&postId=1
cookie-reuse: true
matchers:
- type: status
status:
- 403
5 changes: 5 additions & 0 deletions .appsec-tests/vpatch-CVE-2020-13640/config.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
## autogenerated on 2025-10-15 14:07:19
appsec-rules:
- ./appsec-rules/crowdsecurity/base-config.yaml
- ./appsec-rules/crowdsecurity/vpatch-CVE-2020-13640.yaml
nuclei_template: CVE-2020-13640.yaml
34 changes: 34 additions & 0 deletions appsec-rules/crowdsecurity/vpatch-CVE-2020-13640.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
## autogenerated on 2025-10-15 14:07:19
name: crowdsecurity/vpatch-CVE-2020-13640
description: 'Detects SQL injection in wpDiscuz plugin via the order parameter in wpdLoadMoreComments action.'
rules:
- and:
- zones:
- URI
transform:
- lowercase
match:
type: contains
value: /wp-content/plugins/wpdiscuz/utils/ajax/wpdiscuz-ajax.php
- zones:
- BODY_ARGS
variables:
- order
transform:
- lowercase
- urldecode
match:
type: contains
value: '('

labels:
type: exploit
service: http
confidence: 3
spoofable: 0
behavior: 'http:exploit'
label: 'WpDiscuz - SQLI'
classification:
- cve.CVE-2020-13640
- attack.T1190
- cwe.CWE-89
1 change: 1 addition & 0 deletions collections/crowdsecurity/appsec-virtual-patching.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,7 @@ appsec-rules:
- crowdsecurity/vpatch-CVE-2022-38627
- crowdsecurity/vpatch-CVE-2025-36604
- crowdsecurity/vpatch-CVE-2025-61882
- crowdsecurity/vpatch-CVE-2020-13640
author: crowdsecurity
contexts:
- crowdsecurity/appsec_base
Expand Down
Loading