nuclei-templates/vulnerabilities/other/couchdb-adminparty.yaml

id: couchdb-adminparty

info:
  name: CouchDB Admin Party
  author: organiccrap
  severity: high
  description: Requests made against CouchDB is done in the context of an admin user.
  tags: couchdb

requests:
  - method: GET
    path:
      - '{{BaseURL}}/_users/_all_docs'
    headers:
      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55
    matchers-condition: and
    matchers:
      - type: word
        words:
          - CouchDB/
          - Erlang OTP/
        part: header
        condition: and
      - type: word
        words:
          - total_rows
          - offset
        part: body
        condition: and
updates 2020-07-02 13:53:41 +00:00			`id: couchdb-adminparty`
add few descriptions add few descriptions and references on /vulnerabilities/ templates. 2020-08-25 19:43:43 +00:00
updates 2020-07-02 13:53:41 +00:00			`info:`
CouchDB Admin Party update description 2020-08-25 15:29:11 +00:00			`name: CouchDB Admin Party`
updates 2020-07-02 13:53:41 +00:00			`author: organiccrap`
			`severity: high`
CouchDB Admin Party update description 2020-08-25 15:29:11 +00:00			`description: Requests made against CouchDB is done in the context of an admin user.`
Adding tags to vulnerabilities and workflows 2021-02-12 05:53:01 +00:00			`tags: couchdb`
add few descriptions add few descriptions and references on /vulnerabilities/ templates. 2020-08-25 19:43:43 +00:00
updates 2020-07-02 13:53:41 +00:00			`requests:`
			`- method: GET`
			`path:`
			`- '{{BaseURL}}/_users/_all_docs'`
			`headers:`
			`User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55`
			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`words:`
			`- CouchDB/`
			`- Erlang OTP/`
			`part: header`
			`condition: and`
			`- type: word`
			`words:`
			`- total_rows`
			`- offset`
			`part: body`
			`condition: and`