searchreplacedb2 exposure

http/misconfiguration/searchreplacedb2-exposure.yaml

@@ -0,0 +1,32 @@
+id: searchreplacedb2-exposure
+
+info:
+  name: Safe Search Replace Exposure
+  author: kazet
+  severity: high
+  reference:
+    - https://interconnectit.com/search-and-replace-for-wordpress-databases/
+  metadata:
+    verified: true
+    max-request: 1
+  tags: misconfig,searchreplacedb2,exposure
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/searchreplacedb2.php"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<title>Search and replace DB.</title>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200