28 lines
508 B
YAML
28 lines
508 B
YAML
|
id: horde-unauthenticated
|
||
|
|
|
||
|
|
info:
|
||
|
|
name: Horde Groupware Unauthenticated
|
||
|
|
author: pikpikcu
|
||
|
|
severity: critical
|
||
|
|
|
||
|
|
requests:
|
||
|
|
- method: GET
|
||
|
|
path:
|
||
|
|
- "{{BaseURL}}/horde/admin/user.php"
|
||
|
|
- "{{BaseURL}}/admin/user.php"
|
||
|
|
headers:
|
||
|
|
Content-Type: text/html
|
||
|
|
cooki-reuse: true
|
||
|
|
|
||
|
|
matchers-condition: and
|
||
|
|
matchers:
|
||
|
|
|
||
|
|
- type: word
|
||
|
|
words:
|
||
|
|
- "<title>Horde :: User Administration</title>"
|
||
|
|
condition: and
|
||
|
|
|
||
|
|
- type: status
|
||
|
|
status:
|
||
|
|
- 200
|