nuclei-templates/http/misconfiguration/installer/openemr-setup-installer.yaml

37 lines
1012 B
YAML
Raw Normal View History

2024-05-28 02:14:39 +00:00
id: openemr-setup-installer
info:
name: OpenEMR Setup Installation Page - Exposure
author: DhiyaneshDK
severity: high
description: |
Detects exposed OpenEMR setup installation pages which could allow unauthorized access or information disclosure.
reference:
- https://www.open-emr.org/
2024-09-10 09:08:16 +00:00
classification:
cpe: cpe:2.3:a:open-emr:openemr:*:*:*:*:*:*:*:*
2024-05-28 02:14:39 +00:00
metadata:
verified: true
max-request: 1
2024-09-10 08:22:50 +00:00
vendor: open-emr
2024-09-10 09:08:16 +00:00
product: openemr
shodan-query: title:"OpenEMR Setup Tool"
2024-05-28 02:14:39 +00:00
tags: misconfig,install,exposure,openemr
http:
- method: GET
path:
- "{{BaseURL}}/setup.php"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "<title>OpenEMR Setup Tool</title>"
- type: status
status:
- 200
2024-09-10 09:08:16 +00:00
# digest: 4a0a0047304502202cf66b82cebacca9440cc78fd0922133f4e91b8e86908e5dd2b54aa7a6f278cf022100a35c14528df108de85c35e33149958f93481e5df88b51d5159a9f854c1f6fec5:922c64590222798bb761d5b6d8e72950