daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

TemplateMan Update [Tue Oct 17 06:25:06 UTC 2023] 🤖

patch-1
GitHub Action 2023-10-17 06:25:06 +00:00
parent c13971b11d
commit 03f99ee405
1 changed files with 1 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
http/misconfiguration/servicenow-widget-misconfig.yaml
View File

@ -9,9 +9,9 @@ info:
- https://twitter.com/ConspiracyProof/status/1713270026046685272
- https://www.enumerated.ie/servicenow-data-exposure
metadata:
verified: true
max-request: 20
shodan-query: title:"servicenow"
verified: true
tags: servicenow,widget,misconfig
http:
@ -19,11 +19,9 @@ http:
- |
GET / HTTP/1.1
Host: {{Hostname}}
- |
GET /login.do HTTP/1.1
Host: {{Hostname}}
- |
POST /api/now/sp/widget/widget-simple-list?t=cmdb_model&f=name HTTP/1.1
Host: {{Hostname}}
@ -32,7 +30,6 @@ http:
Content-Type: application/json
{}
- |
POST /api/now/sp/widget/widget-simple-list?t=cmn_department&f=app_name HTTP/1.1
Host: {{Hostname}}
@ -41,7 +38,6 @@ http:
Content-Type: application/json
{}
- |
POST /api/now/sp/widget/widget-simple-list?t=kb_knowledge&f=text HTTP/1.
Host: {{Hostname}}
@ -50,7 +46,6 @@ http:
Content-Type: application/json
{}
- |
POST /api/now/sp/widget/widget-simple-list?t=licensable_app&f=app_name HTTP/1.1
Host: {{Hostname}}
@ -59,7 +54,6 @@ http:
Content-Type: application/json
{}
- |
POST /api/now/sp/widget/widget-simple-list?t=alm_asset&f=display_name HTTP/1.1
Host: {{Hostname}}
@ -68,7 +62,6 @@ http:
Content-Type: application/json
{}
- |
POST /api/now/sp/widget/widget-simple-list?t=sys_attachment&f=file_name HTTP/1.1
Host: {{Hostname}}
@ -77,7 +70,6 @@ http:
Content-Type: application/json
{}
- |
POST /api/now/sp/widget/widget-simple-list?t=sys_attachment_doc&f=data HTTP/1.1
Host: {{Hostname}}
@ -86,7 +78,6 @@ http:
Content-Type: application/json
{}
- |
POST /api/now/sp/widget/widget-simple-list?t=oauth_entity&f=name HTTP/1.1
Host: {{Hostname}}
@ -95,7 +86,6 @@ http:
Content-Type: application/json
{}
- |
POST /api/now/sp/widget/widget-simple-list?t=cmn_cost_center&f=name HTTP/1.1
Host: {{Hostname}}
@ -104,7 +94,6 @@ http:
Content-Type: application/json
{}
- |
POST /api/now/sp/widget/widget-simple-list?t=cmdb_model&f=name HTTP/1.1
Host: {{Hostname}}
@ -113,7 +102,6 @@ http:
Content-Type: application/json
{}
- |
POST /api/now/sp/widget/widget-simple-list?t=sc_cat_item&f=name HTTP/1.1
Host: {{Hostname}}
@ -122,7 +110,6 @@ http:
Content-Type: application/json
{}
- |
POST /api/now/sp/widget/widget-simple-list?t=sn_admin_center_application&f-name HTTP/1.1
Host: {{Hostname}}
@ -131,7 +118,6 @@ http:
Content-Type: application/json
{}
- |
POST /api/now/sp/widget/widget-simple-list?t=cmn_company&f=name HTTP/1.1
Host: {{Hostname}}
@ -140,7 +126,6 @@ http:
Content-Type: application/json
{}
- |
POST /api/now/sp/widget/widget-simple-list?t=sys_email_attachment&f=email HTTP/1.1
Host: {{Hostname}}
@ -149,7 +134,6 @@ http:
Content-Type: application/json
{}
- |
POST /api/now/sp/widget/widget-simple-list?t=sys_email_attachment&f=attachment HTTP/1.1
Host: {{Hostname}}
@ -158,7 +142,6 @@ http:
Content-Type: application/json
{}
- |
POST /api/now/sp/widget/widget-simple-list?t=cmn_notif_device&f=email_address HTTP/1.1
Host: {{Hostname}}
@ -167,7 +150,6 @@ http:
Content-Type: application/json
{}
- |
POST /api/now/sp/widget/widget-simple-list?t=sys_portal_age&f=display_name HTTP/1.1
Host: {{Hostname}}
@ -176,7 +158,6 @@ http:
Content-Type: application/json
{}
- |
POST /api/now/sp/widget/widget-simple-list?t=incident&f=short_description HTTP/1.1
Host: {{Hostname}}