diff --git a/http/vulnerabilities/bsphp-info.yaml b/http/vulnerabilities/bsphp-info.yaml new file mode 100644 index 0000000000..0a521fd5c9 --- /dev/null +++ b/http/vulnerabilities/bsphp-info.yaml @@ -0,0 +1,35 @@ +id: bsphp-info + +info: + name: BSPHP - Information Disclosure + author: ritikchaddha + severity: low + description: Information disclosure in BSPHP Pro causing user and unauth IP disclosure. + metadata: + max-request: 1 + verified: true + fofa-query: title="BSPHP" + tags: bsphp,info,disclosure + +http: + - method: GET + path: + - '{{BaseURL}}/admin/index.php?m=admin&c=log&a=table_json&json=get&soso_ok=1&t=user_login_log&page=1&limit=10&bsphptime=1600407394176&soso_id=1&soso=&DESC=0' + + matchers-condition: and + matchers: + - type: word + words: + - '{"data":' + - '"id"' + - '"user"' + condition: and + + - type: word + part: header + words: + - 'application/json' + + - type: status + status: + - 200