nuclei-templates/http/misconfiguration/whisparr-dashboard-unauth.yaml

39 lines
953 B
YAML
Raw Permalink Normal View History

2024-08-17 18:28:12 +00:00
id: whisparr-dashboard-unauth
info:
name: Whisparr Dashboard - Unauthenticated
author: ProjectDiscoveryAI
severity: medium
description: |
Exposure of Whisparr dashboard which can lead to sensitive information disclosure.
metadata:
verified: true
max-request: 1
shodan-query: html:"Whisparr"
tags: whisparr,dashboard,unauth,misconfig
http:
- method: GET
path:
- "{{BaseURL}}"
host-redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
part: body
words:
- "<title>Whisparr</title>"
- type: word
part: body
words:
- "Login - Whisparr"
negative: true
- type: status
status:
- 200
2024-08-19 17:19:13 +00:00
# digest: 4a0a004730450220641aab446dd48d7a996dbcbe8bab535bae9752090a0222d9783109ee65cedca1022100bb72944175123848c6c3bcb579e36472147182465afccd6fb1e1092b0942a95f:922c64590222798bb761d5b6d8e72950