From 6e96771f7895b9215f82f586e7551f1e712096a0 Mon Sep 17 00:00:00 2001
From: pussycat0x <65701233+pussycat0x@users.noreply.github.com>
Date: Thu, 27 Oct 2022 09:44:22 +0530
Subject: [PATCH 1/2] ProcessWire  Installer

---
 misconfiguration/processwire-installer.yaml | 26 +++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 misconfiguration/processwire-installer.yaml

diff --git a/misconfiguration/processwire-installer.yaml b/misconfiguration/processwire-installer.yaml
new file mode 100644
index 0000000000..2f95a15e87
--- /dev/null
+++ b/misconfiguration/processwire-installer.yaml
@@ -0,0 +1,26 @@
+id: processwire-installer
+
+info:
+  name: ProcessWire 3.x Installer Exposure
+  author: pussycat0x
+  severity: high
+  metadata:
+    verified: true
+    shodan-query: title:"ProcessWire 3.x Installer"
+  tags: misconfig,processwire,install,exposure
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+      - '{{BaseURL}}/install.php'
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>ProcessWire 3.x Installer'
+
+      - type: status
+        status:
+          - 200

From a81582cbe15bcf4d8a9df8607d05caf2932888a5 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Fri, 28 Oct 2022 11:44:46 +0530
Subject: [PATCH 2/2] Update processwire-installer.yaml

---
 misconfiguration/processwire-installer.yaml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/misconfiguration/processwire-installer.yaml b/misconfiguration/processwire-installer.yaml
index 2f95a15e87..07f9a0ce55 100644
--- a/misconfiguration/processwire-installer.yaml
+++ b/misconfiguration/processwire-installer.yaml
@@ -3,7 +3,7 @@ id: processwire-installer
 info:
   name: ProcessWire 3.x Installer Exposure
   author: pussycat0x
-  severity: high
+  severity: unknown
   metadata:
     verified: true
     shodan-query: title:"ProcessWire 3.x Installer"
@@ -12,8 +12,10 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/'
+      - '{{BaseURL}}'
       - '{{BaseURL}}/install.php'
+
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word