daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/http/exposures/configs/dompdf-config.yaml

39 lines
985 B
YAML
Raw Normal View History

DOMPDF configuration detection
2023-12-01 07:28:27 +00:00
id: dompdf-config
info:
name: DOMPDF Configuration detection
author: kazet
severity: low
description: |
DOMPDF Configuration page was detected, which contains paths, library versions and other potentially sensitive information
classification:
cwe-id: CWE-200
metadata:
max-request: 5
tags: config,exposure,dompdf
http:
- method: GET
path:
.
2023-12-01 07:32:49 +00:00
- "{{BaseURL}}/dompdf/dompdf/www/setup.php"
- "{{BaseURL}}/js/dompdf/www/setup.php"
- "{{BaseURL}}/portal/application/libraries/dompdf/www/setup.php"
- "{{BaseURL}}/sites/all/libraries/dompdf/www/setup.php"
- "{{BaseURL}}/vendor/dompdf/dompdf/www/setup.php"
DOMPDF configuration detection
2023-12-01 07:28:27 +00:00
redirects: true
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'HTML to PDF Converter</title>'
- '<td class="title">DOMPDF_PDF_BACKEND</td>'
condition: and
- type: status
status:
- 200