2021-02-26 05:34:18 +00:00
|
|
|
id: wp-uploads-listing
|
2021-02-26 05:30:21 +00:00
|
|
|
|
|
|
|
|
info:
|
|
|
|
|
name: WordPress Upload Directory Listing Enable
|
|
|
|
|
author: yashgoti
|
|
|
|
|
severity: info
|
2021-04-06 07:49:32 +00:00
|
|
|
tags: wordpress
|
2021-02-26 05:30:21 +00:00
|
|
|
|
|
|
|
|
requests:
|
|
|
|
|
- method: GET
|
|
|
|
|
path:
|
|
|
|
|
- "{{BaseURL}}/wp-content/uploads/"
|
|
|
|
|
- "{{BaseURL}}/wp-content/uploads/2015/"
|
|
|
|
|
- "{{BaseURL}}/wp-content/uploads/2016/"
|
|
|
|
|
- "{{BaseURL}}/wp-content/uploads/2017/"
|
|
|
|
|
- "{{BaseURL}}/wp-content/uploads/2018/"
|
|
|
|
|
- "{{BaseURL}}/wp-content/uploads/2019/"
|
|
|
|
|
- "{{BaseURL}}/wp-content/uploads/2020/"
|
|
|
|
|
- "{{BaseURL}}/wp-content/uploads/2021/"
|
2021-02-26 05:51:15 +00:00
|
|
|
- "{{BaseURL}}/wp-content/uploads/cfdb7_uploads/"
|
2021-02-26 05:34:18 +00:00
|
|
|
matchers-condition: and
|
2021-02-26 05:30:21 +00:00
|
|
|
matchers:
|
|
|
|
|
- type: word
|
|
|
|
|
words:
|
|
|
|
|
- "Directory listing for"
|
|
|
|
|
- "Index of /"
|
|
|
|
|
- "[To Parent Directory]"
|
|
|
|
|
- "Directory: /"
|
2021-02-26 05:34:18 +00:00
|
|
|
|
2021-02-26 05:30:21 +00:00
|
|
|
- type: status
|
|
|
|
|
status:
|
|
|
|
|
- 200
|
