nuclei-templates/http/misconfiguration/searchreplacedb2-exposure.yaml

40 lines
1.1 KiB
YAML
Raw Normal View History

2023-11-02 12:44:23 +00:00
id: searchreplacedb2-exposure
info:
name: Safe Search Replace Exposure
author: kazet
severity: high
2024-01-25 11:19:26 +00:00
description: Safe Search Replace is exposed leaking internal info.
2023-11-02 12:44:23 +00:00
reference:
- https://interconnectit.com/search-and-replace-for-wordpress-databases/
2023-11-02 13:58:45 +00:00
- https://github.com/interconnectit/Search-Replace-DB
2023-11-02 12:44:23 +00:00
metadata:
verified: true
max-request: 1
2023-11-02 13:58:45 +00:00
shodan-query: html:"searchreplacedb2.php"
fofa-query: body="searchreplacedb2.php"
2023-11-02 12:44:23 +00:00
tags: misconfig,searchreplacedb2,exposure
http:
- method: GET
path:
- "{{BaseURL}}/searchreplacedb2.php"
matchers-condition: and
matchers:
- type: word
2023-11-02 13:58:45 +00:00
part: body
2023-11-02 12:44:23 +00:00
words:
2023-11-02 13:58:45 +00:00
- "Database details"
- "Safe Search Replace"
condition: and
2023-11-02 12:44:23 +00:00
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200
2024-01-25 11:19:26 +00:00
# digest: 4b0a00483046022100e16464853112c7aa3f75b6f2747ecb37b93000c3defe49c124cb8a71509aae2f022100e057e27dbf7c5c2087e400aa489ac6d64ea70004aae270877c1b56ef473c2721:922c64590222798bb761d5b6d8e72950