nuclei-templates/vulnerabilities/wordpress/wp-uploads-listing.yaml

32 lines
834 B
YAML
Raw Normal View History

2021-02-26 05:34:18 +00:00
id: wp-uploads-listing
2021-02-26 05:30:21 +00:00
info:
name: WordPress Upload Directory Listing Enable
author: yashgoti
severity: info
requests:
- method: GET
path:
- "{{BaseURL}}/wp-content/uploads/"
- "{{BaseURL}}/wp-content/uploads/2015/"
- "{{BaseURL}}/wp-content/uploads/2016/"
- "{{BaseURL}}/wp-content/uploads/2017/"
- "{{BaseURL}}/wp-content/uploads/2018/"
- "{{BaseURL}}/wp-content/uploads/2019/"
- "{{BaseURL}}/wp-content/uploads/2020/"
- "{{BaseURL}}/wp-content/uploads/2021/"
2021-02-26 05:51:15 +00:00
- "{{BaseURL}}/wp-content/uploads/cfdb7_uploads/"
2021-02-26 05:34:18 +00:00
matchers-condition: and
2021-02-26 05:30:21 +00:00
matchers:
- type: word
words:
- "Directory listing for"
- "Index of /"
- "[To Parent Directory]"
- "Directory: /"
2021-02-26 05:34:18 +00:00
2021-02-26 05:30:21 +00:00
- type: status
status:
- 200