2024-04-16 12:00:14 +00:00
|
|
|
id: phpipam-installer
|
|
|
|
|
|
|
|
info:
|
|
|
|
name: PHP IPAM Installation Page - Exposed
|
|
|
|
author: DhiyaneshDK
|
|
|
|
severity: high
|
|
|
|
description: |
|
|
|
|
PHP IPAM is susceptible to the Installation page exposure due to misconfiguration.
|
|
|
|
metadata:
|
|
|
|
verified: true
|
|
|
|
max-request: 1
|
|
|
|
shodan-query: html:"phpipam installation wizard"
|
|
|
|
tags: misconfig,exposure,install,phpipam
|
|
|
|
|
|
|
|
http:
|
|
|
|
- method: GET
|
|
|
|
path:
|
|
|
|
- "{{BaseURL}}/index.php?page=install"
|
|
|
|
|
|
|
|
matchers-condition: and
|
|
|
|
matchers:
|
|
|
|
- type: word
|
|
|
|
part: body
|
|
|
|
words:
|
|
|
|
- "<title>phpipam installation</title>"
|
|
|
|
|
|
|
|
- type: status
|
|
|
|
status:
|
|
|
|
- 200
|
2024-04-23 10:06:08 +00:00
|
|
|
# digest: 4a0a00473045022100ad58e4bdb9ab9f2cf7c89e9710d2b31b5c4a00e8536ee1d1d133a4249cb8d5ce0220464eec521102934eebfca522811ee5bd2d0a34c5d3b2b2a70f707c776a32c9dc:922c64590222798bb761d5b6d8e72950
|