2021-03-20 15:17:20 +00:00
|
|
|
id: exposed-sqlite-manager
|
|
|
|
|
|
|
|
info:
|
|
|
|
name: SQLiteManager
|
2022-10-19 15:01:45 +00:00
|
|
|
author: dhiyaneshDK,ritikchaddha
|
2021-03-20 15:17:20 +00:00
|
|
|
severity: medium
|
2022-04-22 10:38:41 +00:00
|
|
|
reference:
|
|
|
|
- https://www.exploit-db.com/ghdb/5003
|
2022-10-19 17:20:51 +00:00
|
|
|
tags: misconfig,sqlite,edb
|
2021-03-20 15:17:20 +00:00
|
|
|
|
|
|
|
requests:
|
|
|
|
- method: GET
|
|
|
|
path:
|
2022-10-19 15:01:45 +00:00
|
|
|
- '{{BaseURL}}'
|
2021-03-20 15:17:20 +00:00
|
|
|
- '{{BaseURL}}/sqlite/'
|
|
|
|
- '{{BaseURL}}/sqlitemanager/'
|
|
|
|
|
2022-10-19 15:01:45 +00:00
|
|
|
stop-at-first-match: true
|
2021-03-20 15:17:20 +00:00
|
|
|
matchers-condition: and
|
|
|
|
matchers:
|
|
|
|
- type: word
|
|
|
|
words:
|
|
|
|
- '<title>SQLiteManager</title>'
|
2022-10-19 15:01:45 +00:00
|
|
|
|
2021-03-20 15:17:20 +00:00
|
|
|
- type: status
|
|
|
|
status:
|
|
|
|
- 200
|