daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update wordpress-accessible-wpconfig.yaml

patch-1
Prince Chaddha 2024-04-30 14:47:58 +05:30 committed by GitHub
parent 49b9a833e4
commit 43982f020d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
http/vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml
View File

@ -2,8 +2,8 @@ id: wordpress-accessible-wpconfig
info:
name: WordPress wp-config Detection
author: Kiblyn11,zomsop82,madrobot,geeknik,daffainfo,r12w4n,tess,0xpugazh,mastercho
severity: medium
author: Kiblyn11,zomsop82,madrobot,geeknik,daffainfo,r12w4n,tess,0xpugazh,mastercho,c4sper0
severity: high
description: WordPress `wp-config` was discovered. This file is remotely accessible and its content available for reading.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
@ -49,6 +49,8 @@ http:
- "/config.php.new"
- "/common/config.php.new"
- "/wp-config.php.bk"
- "/home/{{DN}}WORDPRESS.txt"
- "/home/{{DN}}-WORDPRESS.txt"
stop-at-first-match: true
@ -74,4 +76,4 @@ http:
- "DB_USERNAME"
- "DB_PASSWORD"
condition: and
# digest: 4b0a00483046022100e3482e35fafed169b3577d8894756ef07374b332c632601accbb8813b1ff2766022100f03dab57c516384fc14dc867db33cdb8d637b0fe33cf505de63f01c69c67b8f0:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100e3482e35fafed169b3577d8894756ef07374b332c632601accbb8813b1ff2766022100f03dab57c516384fc14dc867db33cdb8d637b0fe33cf505de63f01c69c67b8f0:922c64590222798bb761d5b6d8e72950