commit
8fbfc14ad5
|
@ -4,6 +4,7 @@ info:
|
|||
name: PHP Source - Backup File Information Disclosure
|
||||
author: StreetOfHackerR007,pwnhxl,mastercho,0xpugazh
|
||||
severity: medium
|
||||
description: PHP Source File is disclosed to external users.
|
||||
metadata:
|
||||
max-request: 1222
|
||||
tags: exposure,backup,php,disclosure,fuzz
|
||||
|
|
|
@ -79,8 +79,8 @@ http:
|
|||
matchers:
|
||||
- type: binary
|
||||
binary:
|
||||
- "7573746172202000" #tar
|
||||
- "7573746172003030" #tar
|
||||
- "7573746172202000" # tar
|
||||
- "7573746172003030" # tar
|
||||
- "377ABCAF271C" # 7z
|
||||
- "314159265359" # bz2
|
||||
- "53514c69746520666f726d6174203300" # SQLite format 3.
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Apache License File
|
||||
author: DhiyaneshDk
|
||||
severity: low
|
||||
description: Apache License file is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Apdisk - File Disclosure
|
||||
author: DhiyaneshDk
|
||||
severity: low
|
||||
description: Apdisk internal file is exposed.
|
||||
reference:
|
||||
- https://discussions.apple.com/thread/250354761
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Auth.json File - Disclosure
|
||||
author: DhiyaneshDk
|
||||
severity: high
|
||||
description: auth.json file is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Azure Pipelines Configuration File Disclosure
|
||||
author: DhiyaneshDk
|
||||
severity: medium
|
||||
description: Azure Pipelines internal critical file is disclosed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 2
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Azure Resource Manager Template - File Exposure
|
||||
author: DhiyaneshDk
|
||||
severity: medium
|
||||
description: Azure Resource Manager deploy file is disclosed.
|
||||
reference:
|
||||
- https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files
|
||||
- https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/template-tutorial-use-template-reference?tabs=CLI
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Cloud Config File Exposure
|
||||
author: DhiyaneshDK,Hardik-Solanki
|
||||
severity: medium
|
||||
description: Cloud Config file is exposed.
|
||||
reference: https://www.exploit-db.com/ghdb/7959
|
||||
metadata:
|
||||
verified: true
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Discover Cold Fusion cfcache.map Files
|
||||
author: geeknik
|
||||
severity: low
|
||||
description: Adobe Cold Fusion cfcache.map file is exposed.
|
||||
reference:
|
||||
- https://securiteam.com/windowsntfocus/5bp081f0ac/
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Composer-auth Json File Disclosure
|
||||
author: DhiyaneshDK
|
||||
severity: low
|
||||
description: Composer Auth Josn file is disclosed.
|
||||
reference: https://www.exploit-db.com/ghdb/5768
|
||||
metadata:
|
||||
verified: true
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Exposed Core Dump - File Disclosure
|
||||
author: kazet
|
||||
severity: medium
|
||||
description: Exposed Core Dump internal file is disclosed.
|
||||
reference:
|
||||
- https://github.com/hannob/snallygaster/blob/4c5a9b54501f64da96787c2a2e3a12ce2e09c1ab/snallygaster#L295
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Credentials File Disclosure
|
||||
author: ritikchaddha
|
||||
severity: medium
|
||||
description: Internal secret file is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 2
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Database Credentials File Exposure
|
||||
author: Hardik-Solanki,geeknik
|
||||
severity: low
|
||||
description: Internal file exposed containing database credentials.
|
||||
reference:
|
||||
- https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Docker Cloud Yaml - File Disclosure
|
||||
author: DhiyaneshDK
|
||||
severity: medium
|
||||
description: Docker cloud internal yaml file is exposed.
|
||||
reference: https://www.exploit-db.com/ghdb/7959
|
||||
metadata:
|
||||
verified: true
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Lotus Domino Configuration Page
|
||||
author: gevakun
|
||||
severity: low
|
||||
description: Lotus Domino configuration file is exposed.
|
||||
reference:
|
||||
- https://twitter.com/Wh11teW0lf/status/1295594085445709824
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Drupal Install
|
||||
author: NkxxkN
|
||||
severity: low
|
||||
description: Drupal Install panel exposed.
|
||||
metadata:
|
||||
max-request: 2
|
||||
shodan-query: http.component:"drupal"
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Environment Ruby File Disclosure
|
||||
author: DhiyaneshDK
|
||||
severity: medium
|
||||
description: Ruby environment file is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 3
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Exposed Spring Data REST Application-Level Profile Semantics (ALPS)
|
||||
author: dwisiswant0
|
||||
severity: medium
|
||||
description: Exposed Spring Data profile semantics is exposed.
|
||||
reference:
|
||||
- https://niemand.com.ar/2021/01/08/exploiting-application-level-profile-semantics-apls-from-spring-data-rest/
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Filezilla
|
||||
author: amsda
|
||||
severity: medium
|
||||
description: Filezilla internal file is exposed.
|
||||
metadata:
|
||||
max-request: 3
|
||||
tags: exposure,files
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Google Cloud Access Token
|
||||
author: DhiyaneshDK
|
||||
severity: medium
|
||||
description: Internal Google Cloud access tokens are exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 2
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Google Cloud Credentials
|
||||
author: DhiyaneshDK
|
||||
severity: medium
|
||||
description: Google Cloud Crdentials file is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 2
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Get Access Token Json
|
||||
author: DhiyaneshDK
|
||||
severity: low
|
||||
description: Internal file is exposed in Constant Contact Forms wordpress plugin.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 2
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Git Mailmap File Disclosure
|
||||
author: geeknik,DhiyaneshDK
|
||||
severity: low
|
||||
description: Git Mailmap file is exposed.
|
||||
reference: https://man7.org/linux/man-pages/man5/gitmailmap.5.html
|
||||
metadata:
|
||||
verified: true
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Go.mod Disclosure
|
||||
author: DhiyaneshDk
|
||||
severity: low
|
||||
description: go.mod internal file is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Google Api Private Key
|
||||
author: DhiyaneshDK
|
||||
severity: medium
|
||||
description: Google API private keys are exposed in files.
|
||||
reference: https://www.exploit-db.com/ghdb/6037
|
||||
metadata:
|
||||
verified: true
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Google Service Json
|
||||
author: DhiyaneshDK
|
||||
severity: low
|
||||
description: google-services.json internal file is exposed.
|
||||
reference: https://www.exploit-db.com/ghdb/6886
|
||||
metadata:
|
||||
verified: true
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: ICEFlow VPN Disclosure
|
||||
author: pikpikcu
|
||||
severity: low
|
||||
description: ICEFlow VPN internal log file is exposed.
|
||||
metadata:
|
||||
max-request: 8
|
||||
tags: exposure,files,iceflow,logs
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: JsAPI Ticket Json
|
||||
author: DhiyaneshDK
|
||||
severity: low
|
||||
description: JsAPI Ticket internal file is exposed.
|
||||
reference: https://www.exploit-db.com/ghdb/6070
|
||||
metadata:
|
||||
verified: true
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Kubernetes etcd Keys - Exposure
|
||||
author: Hardik-Solanki
|
||||
severity: medium
|
||||
description: Kubernetes private etcd keys are exposed.
|
||||
reference:
|
||||
- https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Lazy File Manager
|
||||
author: amsda
|
||||
severity: medium
|
||||
description: lfm.php file in exposed in Lazy File Manager.
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: exposure
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: NPM Anonymous CLI Metrics Json
|
||||
author: DhiyaneshDK
|
||||
severity: low
|
||||
description: anonymous-cli-metrics.json internal file in NPM is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 2
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Oauth Credentials Json
|
||||
author: DhiyaneshDK
|
||||
severity: low
|
||||
description: Oauth Credentials file is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: OpenStack User Secrets Exposure
|
||||
author: geeknik
|
||||
severity: high
|
||||
description: Internal user_secrets.yml file is exposed in OpenStack.
|
||||
reference:
|
||||
- https://docs.openstack.org/project-deploy-guide/openstack-ansible/stein/configure.html
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: PHP-CS-Fixer Cache - File Disclosure
|
||||
author: DhiyaneshDk
|
||||
severity: medium
|
||||
description: PHP CS fixer cache internal file is disclosed.
|
||||
reference:
|
||||
- https://www.acunetix.com/vulnerabilities/web/php-cs-fixer-cache-file-publicly-accessible-php_cs-cache/
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Php.ini File Disclosure
|
||||
author: geeknik,DhiyaneshDK
|
||||
severity: low
|
||||
description: php.ini file is exposed.
|
||||
reference: https://www.php.net/manual/en/configuration.file.php
|
||||
metadata:
|
||||
verified: true
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Php User.ini Disclosure
|
||||
author: dhiyaneshDk
|
||||
severity: medium
|
||||
description: PHP user.ini file is exposed.
|
||||
reference:
|
||||
- https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/php-user-ini-disclosure.json
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: PHPUnit Result Cache File Exposure
|
||||
author: DhiyaneshDk
|
||||
severity: low
|
||||
description: PHPUnit cache file is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Putty Private Key Disclosure
|
||||
author: DhiyaneshDk,geeknik
|
||||
severity: medium
|
||||
description: Putty internal user key file is exposed.
|
||||
reference:
|
||||
- https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/putty-private-key-disclosure.json
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Ruby on Rails Secret Token Disclosure
|
||||
author: dhiyaneshDk
|
||||
severity: medium
|
||||
description: Ruby on Rals Secret Token file is exposed.
|
||||
reference:
|
||||
- https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/ruby-on-rails-secret-token-disclosure.json
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Ruby on Rails storage.yml File Disclosure
|
||||
author: DhiyaneshDK
|
||||
severity: low
|
||||
description: Ruby on Rails storage.yml file is disclosed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 4
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Secret Token Ruby - File Disclosure
|
||||
author: DhiyaneshDK
|
||||
severity: medium
|
||||
description: Ruby Secret token is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 3
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Ruby on Rails secrets.yml File Exposure
|
||||
author: DhiyaneshDK
|
||||
severity: high
|
||||
description: Ruby on Rails internal secret file is exposed.
|
||||
reference: https://www.exploit-db.com/ghdb/6283
|
||||
metadata:
|
||||
verified: true
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: SendGrid Env File Exposure
|
||||
author: DhiyaneshDk
|
||||
severity: medium
|
||||
description: SendGrid file is exposed containing environment variables.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Service Account Credentials File Disclosure
|
||||
author: ritikchaddha
|
||||
severity: medium
|
||||
description: Service Account Credentials internal file is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 2
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Public shellscripts
|
||||
author: panch0r3d
|
||||
severity: low
|
||||
description: This template checks exposure of bash scripts.
|
||||
metadata:
|
||||
max-request: 23
|
||||
tags: bash,exposure,files
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: SVN wc.db File Exposure
|
||||
author: Hardik-Solanki,R12W4N
|
||||
severity: medium
|
||||
description: SVN wc.db file is exposed.
|
||||
reference:
|
||||
- https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt
|
||||
- https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/http/svn_wcdb_scanner.rb
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Token Json File Disclosure
|
||||
author: DhiyaneshDK
|
||||
severity: low
|
||||
description: Internal token.json file is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 2
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Vagrantfile Exposure
|
||||
author: DhiyaneshDk
|
||||
severity: low
|
||||
description: Vagrantfile is exposed to external users.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: WS FTP File Disclosure
|
||||
author: DhiyaneshDK
|
||||
severity: low
|
||||
description: WS FTP file is disclosed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: XAMPP Environment Variables Exposure
|
||||
author: melbadry9,DhiyaneshDK
|
||||
severity: low
|
||||
description: printenv.pl file is exposed in XAMPP leaking environment variables.
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: exposure,xampp,files
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Publicly accessible NPM Log file
|
||||
author: sheikhrishad,DhiyaneshDk
|
||||
severity: low
|
||||
description: NPM log file is exposed to external users.
|
||||
reference:
|
||||
- https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: FCM Server Key
|
||||
author: absshax
|
||||
severity: high
|
||||
description: FCM Server Key is leaked.
|
||||
reference:
|
||||
- https://abss.me/posts/fcm-takeover
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Loqate API Key
|
||||
author: realexp3rt
|
||||
severity: low
|
||||
description: Loqate API Key is leaked.
|
||||
reference:
|
||||
- https://www.loqate.com/en-gb/home/
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Mapbox Token Disclosure
|
||||
author: Devang-Solanki
|
||||
severity: medium
|
||||
description: Mapbox secret token is exposed to external users.
|
||||
reference:
|
||||
- https://docs.gitguardian.com/secrets-detection/detectors/specifics/mapbox_token
|
||||
- https://github.com/zricethezav/gitleaks/blob/master/cmd/generate/config/rules/mapbox.go
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Razorpay Client ID Disclosure
|
||||
author: Devang-Solanki
|
||||
severity: high
|
||||
description: Razorpay Client ID is exposed to external users.
|
||||
reference:
|
||||
- https://github.com/streaak/keyhacks#Razorpay-keys
|
||||
- https://docs.gitguardian.com/secrets-detection/detectors/specifics/razorpay_apikey
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: HP Device Info Detection
|
||||
author: pussycat0x
|
||||
severity: low
|
||||
description: Internal info is disclosed to external users in HP Device.
|
||||
reference: https://www.exploit-db.com/ghdb/6905
|
||||
metadata:
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Adobe Connect Username Exposure
|
||||
author: dhiyaneshDk
|
||||
severity: low
|
||||
description: Adobe Connect Username is exposed.
|
||||
reference:
|
||||
- https://packetstormsecurity.com/files/161345/Adobe-Connect-10-Username-Disclosure.html
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Adobe AEM ACS Common Exposure
|
||||
author: dhiyaneshDk
|
||||
severity: medium
|
||||
description: Adobe AEM ACS Common pages exposed.
|
||||
reference:
|
||||
- https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Invalidate / Flush Cached Pages on AEM
|
||||
author: hetroublemakr
|
||||
severity: low
|
||||
description: Cached Pages on AEM can be Flushed.
|
||||
reference:
|
||||
- https://twitter.com/AEMSecurity/status/1244965623689609217
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Adobe AEM CRX Namespace Editor Exposure
|
||||
author: dhiyaneshDk
|
||||
severity: low
|
||||
description: Adobe AEM CRX Namespace Editor is exposed.
|
||||
reference:
|
||||
- https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Adobe AEM Disk Usage Information Disclosure
|
||||
author: dhiyaneshDk
|
||||
severity: low
|
||||
description: Adobe AEM Disk Usage Information is exposed.
|
||||
reference:
|
||||
- https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: AEM Dump Content Node Properties
|
||||
author: DhiyaneshDK
|
||||
severity: medium
|
||||
description: Node Properties are exposed in AEM Dump.
|
||||
reference:
|
||||
- https://www.slideshare.net/0ang3el/hacking-aem-sites
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Adobe AEM Explorer NodeTypes Exposure
|
||||
author: dhiyaneshDk
|
||||
severity: high
|
||||
description: Adobe AEM Explorer NodeTypes is exposed.
|
||||
reference:
|
||||
- https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: AEM GQLServlet
|
||||
author: dhiyaneshDk,prettyboyaaditya
|
||||
severity: low
|
||||
description: AEM GQLServlet is exposed.
|
||||
reference:
|
||||
- https://helpx.adobe.com/experience-manager/6-3/sites/developing/using/reference-materials/javadoc/index.html?org/apache/jackrabbit/commons/query/GQL.html
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Query hashed password via QueryBuilder Servlet
|
||||
author: DhiyaneshDk
|
||||
severity: medium
|
||||
description: AEM hased password can be queried via QueryBuilder Servlet.
|
||||
reference:
|
||||
- https://twitter.com/AEMSecurity/status/1372392101829349376
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Adobe AEM Misc Admin Dashboard Exposure
|
||||
author: dhiyaneshDk
|
||||
severity: high
|
||||
description: Adobe AEM Misc Admin Dashboard is exposed.
|
||||
reference:
|
||||
- https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Adobe AEM Offloading Browser
|
||||
author: dhiyaneshDk
|
||||
severity: medium
|
||||
description: Adobe AEM Offloading Browser is exposed.
|
||||
reference:
|
||||
- https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Adobe AEM Installed OSGI Bundles
|
||||
author: dhiyaneshDk
|
||||
severity: low
|
||||
description: Adobe AEM Installed OSGI Bundles leaked.
|
||||
reference:
|
||||
- https://www.slideshare.net/0ang3el/hacking-aem-sites
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: AEM QueryBuilder Internal Path Read
|
||||
author: DhiyaneshDk
|
||||
severity: medium
|
||||
description: AEM QueryBuilder is vulnerable to LFI.
|
||||
reference:
|
||||
- https://speakerdeck.com/0ang3el/aem-hacker-approaching-adobe-experience-manager-webapps-in-bug-bounty-programs?slide=91
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Adobe AEM Security Users Exposure
|
||||
author: dhiyaneshDk
|
||||
severity: medium
|
||||
description: Adobe AEM Security Users are exposed.
|
||||
reference:
|
||||
- https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: AEM WCM Suggestions Servlet
|
||||
author: DhiyaneshDk
|
||||
severity: low
|
||||
description: AEM WCM Suggestions Servlet is exposed.
|
||||
reference:
|
||||
- https://speakerdeck.com/0ang3el/hunting-for-security-bugs-in-aem-webapps?slide=96
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Airflow Debug Trace
|
||||
author: pdteam
|
||||
severity: low
|
||||
description: Airflow Debug Trace enabled.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Unauthenticated Airflow Instance
|
||||
author: dhiyaneshDK
|
||||
severity: high
|
||||
description: Airflow Instance is exposed.
|
||||
metadata:
|
||||
max-request: 2
|
||||
shodan-query: title:"Airflow - DAGs"
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Ampache Update Page Exposure
|
||||
author: ritikchaddha
|
||||
severity: low
|
||||
description: Ampache update page is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Android Debug Manager
|
||||
author: dhiyaneshDK
|
||||
severity: low
|
||||
description: Android Debug Manger is exposed.
|
||||
metadata:
|
||||
max-request: 1
|
||||
shodan-query: http.title:"Android Debug Database"
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Apache Drill Exposure
|
||||
author: DhiyaneshDK
|
||||
severity: low
|
||||
description: Apache Drill is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Apache Druid Unauth
|
||||
author: DhiyaneshDk
|
||||
severity: low
|
||||
description: Apache Druid is exposed to external users.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Apache Impala - Exposure
|
||||
author: DhiyaneshDk
|
||||
severity: medium
|
||||
description: Apache Impala is exposed.
|
||||
reference:
|
||||
- https://www.facebook.com/photo/?fbid=627585602745296&set=pcb.627585619411961
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Apache Struts - ShowCase Application Exposure
|
||||
author: DhiyaneshDK
|
||||
severity: low
|
||||
description: Apache Structs ShowCase Application is exposed.
|
||||
reference:
|
||||
- https://github.com/PortSwigger/j2ee-scan/blob/master/src/main/java/burp/j2ee/issues/impl/ApacheStrutsWebConsole.java
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Apache CouchDB - Unauthenticated Access
|
||||
author: SleepingBag945
|
||||
severity: high
|
||||
description: Apache CouchDB is exposed to external users.
|
||||
reference:
|
||||
- https://github.com/ax1sX/SecurityList/blob/main/Database/CouchDB.md
|
||||
- https://github.com/taomujian/linbing/blob/master/python/app/plugins/http/CouchDB/Couchdb_Unauthorized.py
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Apache Hbase Unauth
|
||||
author: pikpikcu
|
||||
severity: medium
|
||||
description: Apache Hbase is exposed.
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: apache,unauth,misconfig
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Apache Storm Unauth
|
||||
author: pikpikcu
|
||||
severity: medium
|
||||
description: Apache Storm instance is exposed.
|
||||
reference:
|
||||
- https://storm.apache.org/releases/current/STORM-UI-REST-API.html
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: APCu service information leakage
|
||||
author: koti2
|
||||
severity: low
|
||||
description: APCu service is vulnerable to information leakage.
|
||||
metadata:
|
||||
max-request: 2
|
||||
tags: config,service,apcu,misconfig
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Artifactory anonymous deploy
|
||||
author: panch0r3d
|
||||
severity: high
|
||||
description: Artifactory anonymous repo is exposed.
|
||||
reference:
|
||||
- https://www.errno.fr/artifactory/Attacking_Artifactory.html
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: AWS bucket with Object listing
|
||||
author: pdteam
|
||||
severity: low
|
||||
description: Object listing is enabled in AWS bucket.
|
||||
reference:
|
||||
- https://mikey96.medium.com/cloud-based-storage-misconfigurations-critical-bounties-361647f78a29
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Atlassian Bitbucket Public Repository Exposure
|
||||
author: DhiyaneshDk
|
||||
severity: low
|
||||
description: Bitbucket Public Repository is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 2
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: BRAVIA Signage - Exposure
|
||||
author: DhiyaneshDK
|
||||
severity: medium
|
||||
description: Bravia Signage is exposed.
|
||||
reference:
|
||||
- https://twitter.com/WhiteOakSec/status/1667197552461004800
|
||||
- https://www.whiteoaksecurity.com/blog/sony-bravia-remote-code-execution-disclosure/
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Casdoor get-users Account Password Disclosure
|
||||
author: DhiyaneshDk
|
||||
severity: high
|
||||
description: Casdoor get-users Account Password is exposed.
|
||||
reference:
|
||||
- https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Casbin%20get-users%20%E8%B4%A6%E5%8F%B7%E5%AF%86%E7%A0%81%E6%B3%84%E6%BC%8F%E6%BC%8F%E6%B4%9E.md?plain=1
|
||||
- https://github.com/qingchenhh/qc_poc/blob/main/Goby/Casbin_get_users.go
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: ChatGPT Web - Unauthorized Access
|
||||
author: SleepingBag945
|
||||
severity: high
|
||||
description: ChatGPT Web is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: ClickHouse API Database Interface - Improper Authorization
|
||||
author: DhiyaneshDk
|
||||
severity: high
|
||||
description: Clickhouse API Database is exposed.
|
||||
reference:
|
||||
- https://github.com/luck-ying/Library-POC/blob/master/ClickHouse%E6%95%B0%E6%8D%AE%E5%BA%93/ClickHouse%E6%95%B0%E6%8D%AE%E5%BA%93%208123%E7%AB%AF%E5%8F%A3%E7%9A%84%E6%9C%AA%E6%8E%88%E6%9D%83%E8%AE%BF%E9%97%AE.py
|
||||
- https://github.com/PeiQi0/PeiQi-WIKI-Book/blob/main/docs/redteam/vulnerability/unauthorized/ClickHouse%208123%E7%AB%AF%E5%8F%A3.md?plain=1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Clockwork Dashboard Exposure
|
||||
author: dhiyaneshDk
|
||||
severity: high
|
||||
description: Clockwork Dashboard is exposed.
|
||||
reference:
|
||||
- https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/clockwork-dashboard-exposure.json
|
||||
metadata:
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: GCP/AWS Metadata Disclosure
|
||||
author: DhiyaneshDk
|
||||
severity: low
|
||||
description: GCP/AWS Metadata is exposed.
|
||||
reference: https://www.facebook.com/ExWareLabs/photos/pcb.5605494709514357/5605493856181109/
|
||||
metadata:
|
||||
verified: true
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Cluster Overview - Unauthenticated Dashboard Exposure
|
||||
author: tess
|
||||
severity: medium
|
||||
description: Cluster Overview dashboard is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: CodeIgniter - Error Page
|
||||
author: j4vaovo
|
||||
severity: low
|
||||
description: CodeIgniter error debug are enabled.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: CodeMeter Webadmin Dashboard
|
||||
author: DhiyaneshDk
|
||||
severity: low
|
||||
description: CodeMeter Webadmin Dashboard is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Codis Dashboard Exposure
|
||||
author: tess
|
||||
severity: low
|
||||
description: Codis Dashboard is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Collectd Exporter Metrics
|
||||
author: DhiyaneshDk
|
||||
severity: low
|
||||
description: Collectd Exporter Metrics is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Confluence Dashboard Exposed
|
||||
author: tess
|
||||
severity: low
|
||||
description: Confluence Dashboard is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Flask Werkzeug Debugger Exposure
|
||||
author: DhiyaneshDk
|
||||
severity: low
|
||||
description: Flask Werkzeug Debugger is exposed.
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
|
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Django Debug Method Enabled
|
||||
author: dhiyaneshDK,hackergautam
|
||||
severity: medium
|
||||
description: Django Debug Method is enabled.
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: django,debug,misconfig
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue