daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4748 from MostInterestingBotInTheWorld/dashboard 

Dashboard Content Enhancements
patch-1
Prince Chaddha 2022-07-06 15:41:12 +05:30 committed by GitHub
parent 16575f83e7 db760d7dbd
commit a28acd9bc1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
23 changed files with 158 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
cnvd/2018/CNVD-2018-13393.yaml
View File

@ -1,11 +1,17 @@
id: CNVD-2018-13393
info:
name: Metinfo LFI
name: Metinfo - Local File Inclusion
author: ritikchaddha
severity: high
description: Metinfo is susceptible to local file inclusion.
reference:
- https://paper.seebug.org/676/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cve-id:
cwe-id: CWE-22
tags: metinfo,cnvd,cvnd2018,lfi
requests:
@ -23,3 +29,5 @@ requests:
- "<?php"
- "login_met_cookie($metinfo_admin_name);"
condition: and
# Enhanced by mp on 2022/07/05

16
cnvd/2020/CNVD-2020-67113.yaml
View File

@ -1,15 +1,21 @@
id: CNVD-2020-67113
info:
name: H5S CONSOLE Unauthorized Access Vulnerability (CNVD-2020-67113)
name: H5S CONSOLE - Unauthorized Access
author: ritikchaddha
severity: high
description: Zero Vision Technology (Shanghai) Co., Ltd. H5S CONSOLE Exists Unauthorized Access Vulnerability
severity: medium
description: Zero Vision Technology (Shanghai) Co., Ltd. H5S CONSOLE is susceptible to an unauthorized access vulnerability.
reference:
- https://vul.wangan.com/a/CNVD-2020-67113
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cve-id:
cwe-id: CWE-425
metadata:
verified: true
shodan-query: http.title:"H5S CONSOLE"
tags: h5s,unauth,h5sconsole,cnvd,cnvd2020
tags: cnvd,cnvd2020,h5s,unauth,h5sconsole
requests:
- method: GET
@ -42,3 +48,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/05

10
cnvd/2021/CNVD-2021-10543.yaml
View File

@ -1,11 +1,17 @@
id: CNVD-2021-10543
info:
name: EEA Information Disclosure
name: EEA - Information Disclosure
author: pikpikcu
severity: high
description: EEA is susceptible to information disclosure.
reference:
- https://www.cnvd.org.cn/flaw/show/CNVD-2021-10543
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cve-id:
cwe-id: CWE-200
tags: config,exposure,cnvd,cnvd2021
requests:
@ -24,3 +30,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/05

10
cnvd/2021/CNVD-2021-28277.yaml
View File

@ -1,14 +1,20 @@
id: CNVD-2021-28277
info:
name: Landray-OA Arbitrary - Arbitrary File Retrieval
name: Landray-OA - Local File Inclusion
author: pikpikcu,daffainfo
severity: high
description: Landray-OA is susceptible to local file inclusion.
reference:
- https://www.aisoutu.com/a/1432457
- https://mp.weixin.qq.com/s/TkUZXKgfEOVqoHKBr3kNdw
metadata:
fofa-query: app="Landray OA system"
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cve-id:
cwe-id: CWE-22
tags: landray,lfi,cnvd,cnvd2021
requests:
@ -42,3 +48,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/05

12
cnvd/2021/CNVD-2021-30167.yaml
View File

@ -1,13 +1,19 @@
id: CNVD-2021-30167
info:
name: UFIDA NC BeanShell Remote Code Execution
name: UFIDA NC BeanShell Remote Command Execution
author: pikpikcu
severity: high
description: UFIDA NC BeanShell contains a remote command execution vulnerability in the bsh.servlet.BshServlet program.
reference:
- https://mp.weixin.qq.com/s/FvqC1I_G14AEQNztU0zn8A
- https://www.cnvd.org.cn/webinfo/show/6491
tags: beanshell,rce,cnvd,cnvd2021,yonyou
- https://chowdera.com/2022/03/202203110138271510.html
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10.0
cwe-id: CWE-77
tags: cnvd,cnvd2021,beanshell,rce,yonyou
requests:
- raw:
@ -40,3 +46,5 @@ requests:
- type: status
status:
- 200
# Enhanced by cs on 2022/07/05

9
cves/2006/CVE-2006-2842.yaml
View File

@ -1,18 +1,19 @@
id: CVE-2006-2842
info:
name: Squirrelmail 1.4.x - 'Redirect.php' Local File Inclusion
name: Squirrelmail <=1.4.6 - Local File Inclusion
author: dhiyaneshDk
severity: high
description: 'PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter. NOTE: this issue has been disputed by third parties, who state that Squirrelmail provides prominent warnings to the administrator when register_globals is enabled. Since the varieties of administrator negligence are uncountable, perhaps this type of issue should not be included in CVE. However, the original developer has posted a security advisory, so there might be relevant real-world environments under which this vulnerability is applicable.'
description: SquirrelMail 1.4.6 and earlier versions are susceptible to a PHP local file inclusion vulnerability in functions/plugin.php if register_globals is enabled and magic_quotes_gpc is disabled. This allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter.
reference:
- https://www.exploit-db.com/exploits/27948
- http://squirrelmail.cvs.sourceforge.net/squirrelmail/squirrelmail/functions/global.php?r1=1.27.2.16&r2=1.27.2.17&view=patch&pathrev=SM-1_4-STABLE
- http://www.squirrelmail.org/security/issue/2006-06-01
- http://web.archive.org/web/20160915101900/http://secunia.com/advisories/20406/
- https://nvd.nist.gov/vuln/detail/CVE-2006-2842
classification:
cve-id: CVE-2006-2842
tags: cve2006,lfi,squirrelmail,cve
tags: cve,cve2006,lfi,squirrelmail
requests:
- method: GET
@ -29,3 +30,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/05

17
cves/2008/CVE-2008-2650.yaml
View File

@ -5,14 +5,15 @@ info:
author: pussycat0x
severity: high
description: |
Directory traversal vulnerability in cmsimple/cms.php in CMSimple 3.1, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sl parameter to index.php. NOTE: this can be leveraged for remote file execution by including adm.php and then invoking the upload action. NOTE: on 20080601, the vendor patched 3.1 without changing the version number.
CMSimple 3.1 is susceptible to local file inclusion via cmsimple/cms.php when register_globals is enabled, which allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sl parameter to index.php. NOTE: this can be leveraged for remote file execution by including adm.php and then invoking the upload action. NOTE: on 20080601, the vendor patched 3.1 without changing the version number.
reference:
- http://www.cmsimple.com/forum/viewtopic.php?f=2&t=17
- http://web.archive.org/web/20210121182016/https://www.securityfocus.com/bid/29450/
- http://web.archive.org/web/20140729144732/http://secunia.com:80/advisories/30463
- https://nvd.nist.gov/vuln/detail/CVE-2008-2650
classification:
cve-id: CVE-2008-2650
tags: cve,cve2008,lfi
tags: cve,cve2008,lfi,cmsimple
requests:
- raw:
@ -23,10 +24,14 @@ requests:
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- "root:.*:0:0:"
- type: status
status:
- 200
- type: regex
regex:
- "root:.*:0:0:"
part: body
# Enhanced by mp on 2022/07/05

7
cves/2008/CVE-2008-4668.yaml
View File

@ -1,15 +1,16 @@
id: CVE-2008-4668
info:
name: Joomla! Component imagebrowser 0.1.5 rc2 - Directory Traversal
name: Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion
author: daffainfo
severity: high
description: Directory traversal vulnerability in the Image Browser (com_imagebrowser) 0.1.5 component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php.
description: Joomla! Image Browser 0.1.5 rc2 is susceptible to local file inclusion via com_imagebrowser which could allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/6618
- https://www.cvedetails.com/cve/CVE-2008-4668
- http://web.archive.org/web/20210121183742/https://www.securityfocus.com/bid/31458/
- http://securityreason.com/securityalert/4464
- https://nvd.nist.gov/vuln/detail/CVE-2008-4668
classification:
cve-id: CVE-2008-4668
tags: cve,cve2008,joomla,lfi
@ -29,3 +30,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/05

17
cves/2008/CVE-2008-6668.yaml
View File

@ -1,18 +1,18 @@
id: CVE-2008-6668
info:
name: nweb2fax <= 0.2.7 Directory Traversal
name: nweb2fax <=0.2.7- Local File Inclusion
author: geeknik
severity: high
description: Multiple directory traversal vulnerabilities in nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via .. in the id parameter to comm.php and var_filename parameter to viewrq.php.
description: nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via the id parameter submitted to comm.php and the var_filename parameter submitted to viewrq.php (aka local file inclusion).
reference:
- https://www.exploit-db.com/exploits/5856
- https://nvd.nist.gov/vuln/detail/CVE-2008-6668
- http://web.archive.org/web/20210130035550/https://www.securityfocus.com/bid/29804
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43173
- https://nvd.nist.gov/vuln/detail/CVE-2008-6668
classification:
cve-id: CVE-2008-6668
tags: nweb2fax,lfi,cve,cve2008,traversal
tags: cve,cve2008,nweb2fax,lfi,traversal
requests:
- method: GET
@ -22,10 +22,13 @@ requests:
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: regex
part: body
regex:
- "root:.*:0:0:"
- type: status
status:
- 200
# Enhanced by mp on 2022/07/05

4
cves/2018/CVE-2018-12296.yaml
View File

@ -4,7 +4,7 @@ info:
name: Seagate NAS OS 4.3.15.1 - Server Information Disclosure
author: princechaddha
severity: high
description: Insufficient access control in /api/external/7.0/system.System.get_infos in Seagate NAS OS version 4.3.15.1 allows attackers to obtain information about the NAS without authentication via empty POST requests.
description: Seagate NAS OS version 4.3.15.1 has insufficient access control which allows attackers to obtain information about the NAS without authentication via empty POST requests in /api/external/7.0/system.System.get_infos.
reference:
- https://blog.securityevaluators.com/invading-your-personal-cloud-ise-labs-exploits-the-seagate-stcr3000101-ecf89de2170
- https://nvd.nist.gov/vuln/detail/CVE-2018-12296
@ -36,3 +36,5 @@ requests:
group: 1
regex:
- '"version": "([0-9.]+)"'
# Enhanced by mp on 2022/07/05

9
cves/2022/CVE-2022-26134.yaml
View File

@ -1,11 +1,11 @@
id: CVE-2022-26134
info:
name: Confluence - Remote Code Execution via OGNL template injection
name: Confluence - Remote Code Execution
author: pdteam,jbertman
severity: critical
description: |
Critical severity unauthenticated remote code execution vulnerability in Confluence Server and Data Center.
Confluence Server and Data Center is susceptible to an unauthenticated remote code execution vulnerability.
reference:
- https://attackerkb.com/topics/BH1D56ZEhs/cve-2022-26134/rapid7-analysis
- https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html
@ -17,6 +17,7 @@ info:
cve-id: CVE-2022-26134
cwe-id: CWE-74
metadata:
verified: true
shodan-query: http.component:"Atlassian Confluence"
tags: cve,cve2022,confluence,rce,ognl,oast,cisa
@ -44,4 +45,6 @@ requests:
- type: kval
part: header
kval:
- "x_cmd_response"
- "x_cmd_response"
# Enhanced by mp on 2022/07/04

10
cves/2022/CVE-2022-26960.yaml
View File

@ -1,23 +1,23 @@
id: CVE-2022-26960
info:
name: elFinder - Path Traversal
name: elFinder <=2.1.60 - Local File Inclusion
author: pikpikcu
severity: critical
description: |
Connector.minimal.php in std42 elFinder through 2.1.60 is affected by path traversal. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths.
elFinder through 2.1.60 is affected by local file inclusion via connector.minimal.php. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths.
reference:
- https://www.synacktiv.com/publications/elfinder-the-story-of-a-repwning.html
- https://nvd.nist.gov/vuln/detail/CVE-2022-26960
- https://github.com/Studio-42/elFinder/commit/3b758495538a448ac8830ee3559e7fb2c260c6db
- https://www.synacktiv.com/publications.html
- https://nvd.nist.gov/vuln/detail/CVE-2022-26960
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
cvss-score: 9.1
cve-id: CVE-2022-26960
cwe-id: CWE-22
metadata:
verified: "true"
verified: true
tags: cve,cve2022,lfi,elfinder
requests:
@ -36,3 +36,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/05

12
cves/2022/CVE-2022-27927.yaml
View File

@ -1,23 +1,23 @@
id: CVE-2022-27927
info:
name: Microfinance Management System 1.0 - 'customer_number' SQLi
name: Microfinance Management System 1.0 - SQL Injection
author: lucasljm2001,ekrause
severity: critical
description: |
Detects an SQL Injection vulnerability in Microfinance Management System.
Microfinance Management System 1.0 is susceptible to SQL Injection.
reference:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27927
- https://nvd.nist.gov/vuln/detail/CVE-2022-27927
- https://www.sourcecodester.com/sites/default/files/download/oretnom23/mims_0.zip
- https://www.exploit-db.com/exploits/50891
- https://nvd.nist.gov/vuln/detail/CVE-2022-27927
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2022-27927
cwe-id: CWE-89
metadata:
verified: "true"
tags: cve,cve2022,sqli
verified: true
tags: cve,cve2022,sqli,microfinance
variables:
num: "999999999"
@ -39,3 +39,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/04

13
cves/2022/CVE-2022-28219.yaml
View File

@ -1,18 +1,17 @@
id: CVE-2022-28219
info:
name: Zoho ManageEngine ADAudit Plus - Unauthenticated XXE to RCE
name: Zoho ManageEngine ADAudit Plus <7600 - XML Entity Injection/Remote Code Execution
author: dwisiswant0
severity: critical
description: |
Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an
unauthenticated XXE attack that leads to Remote Code Execution.
This template supports the detection part only, to achieve an
XXE to RCE, see reference[2].
Zoho ManageEngine ADAudit Plus before version 7060 is vulnerable to an
unauthenticated XML entity injection attack that can lead to remote code execution.
reference:
- https://www.manageengine.com/products/active-directory-audit/cve-2022-28219.html
- https://www.horizon3.ai/red-team-blog-cve-2022-28219/
- https://manageengine.com
- https://nvd.nist.gov/vuln/detail/CVE-2022-28219
remediation: |
Update to ADAudit Plus build 7060 or later, and ensure ADAudit Plus
is configured with a dedicated service account with restricted privileges.
@ -22,8 +21,8 @@ info:
cve-id: CVE-2022-28219
cwe-id: CWE-611
metadata:
verified: true
shodan-query: http.title:"ADAudit Plus" || http.title:"ManageEngine - ADManager Plus"
verified: "true"
tags: cve,cve2022,xxe,rce,zoho,manageengine,unauth
requests:
@ -55,3 +54,5 @@ requests:
part: body
words:
- "ManageEngine"
# Enhanced by mp on 2022/07/04

9
cves/2022/CVE-2022-29383.yaml
View File

@ -5,18 +5,17 @@ info:
author: elitebaz
severity: critical
description: |
NETGEAR ProSafe SSL VPN multiple firmwares were discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi.
NETGEAR ProSafe SSL VPN multiple firmware versions were discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi.
reference:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-29383
- https://nvd.nist.gov/vuln/detail/CVE-2022-29383
- https://github.com/badboycxcc/Netgear-ssl-vpn-20211222-CVE-2022-29383
- https://github.com/badboycxcc/Netgear-ssl-vpn-20211222
- https://nvd.nist.gov/vuln/detail/CVE-2022-29383
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2022-29383
metadata:
verified: "true"
verified: true
tags: cve,cve2022,sqli,netgear,router
requests:
@ -42,3 +41,5 @@ requests:
- contains(body_1, "User authentication Failed")
- contains(body_2, "User Login Failed for SSLVPN User.")
condition: and
# Enhanced by mp on 2022/07/04

9
default-logins/openwrt/openwrt-default-login.yaml
View File

@ -1,14 +1,15 @@
id: openwrt-default-login
info:
name: Opentwrt Default Login
name: Opentwrt - Admin Login Page
author: For3stCo1d
severity: high
description: An Opentwrt admin login page was discovered.
reference:
- https://forum.archive.openwrt.org/viewtopic.php?id=16611
metadata:
shodan-query: http.title:"OpenWrt - LuCI"
tags: openwrt,default-login
tags: default-login,openwrt
requests:
- method: GET
@ -18,4 +19,6 @@ requests:
matchers:
- type: word
words:
- 'cgi-bin/luci/admin/system/admin'
- 'cgi-bin/luci/admin/system/admin'
# Enhanced by mp on 2022/07/04

7
default-logins/others/inspur-clusterengine-default-login.yaml
View File

@ -1,14 +1,15 @@
id: inspur-clusterengine-default-login
info:
name: Inspur Clusterengine V4 Default Login
name: Inspur Clusterengine 4 - Default Admin Login
author: ritikchaddha
severity: high
description: Inspur Clusterengine version 4 default admin login credentials were successful.
reference:
- https://blog.csdn.net/qq_36197704/article/details/115665793
metadata:
fofa-query: title="TSCEV4.0"
tags: inspur,clusterengine,default-login
tags: default-login,inspur,clusterengine
requests:
- raw:
@ -43,3 +44,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/04

9
default-logins/others/panabit-ixcache-default-login.yaml
View File

@ -1,12 +1,13 @@
id: panabit-ixcache-default-login
info:
name: Panabit iXCache Default Login
name: Panabit iXCache - Default Admin Login
author: ritikchaddha
severity: high
description: Panabit iXCache default admin login credentials were successful.
reference:
- http://forum.panabit.com/thread-10830-1-1.html
tags: ixcache,default-login,panabit
tags: default-login,ixcache,panabit
requests:
- raw:
@ -16,12 +17,12 @@ requests:
username={{username}}&password={{password}}
attack: pitchfork
payloads:
username:
- admin
password:
- ixcache
attack: pitchfork
matchers-condition: and
matchers:
@ -34,3 +35,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/04

8
default-logins/others/secnet-ac-default-login.yaml
View File

@ -1,13 +1,13 @@
id: secnet-ac-default-password
info:
name: secnet-ac-default-password
name: secnet ac - Default Admin Login
author: ritikchaddha
severity: high
description: secnet ac default admin credentials were discovered.
description: secnet ac default admin credentials were successful.
reference:
- https://bbs.secnet.cn/post/t-30
tags: secnet,default-login
tags: default-login,secnet
requests:
- raw:
@ -40,3 +40,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/04

8
default-logins/others/telecom-gateway-default-login.yaml
View File

@ -1,10 +1,11 @@
id: telecom-gateway-default-login
info:
name: Telecom Gateway Default Login
name: Telecom Gateway - Default Admin Login
author: ritikchaddha
severity: high
tags: telecom,default-login,gateway
description: Telecom Gateway default admin login credentials were successful.
tags: default-login,telecom,gateway
requests:
- raw:
@ -20,6 +21,7 @@ requests:
- admin
password:
- admin
redirects: true
max-redirects: 2
matchers-condition: and
@ -35,3 +37,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/04

10
default-logins/rainloop/rainloop-default-login.yaml
View File

@ -1,14 +1,16 @@
id: rainloop-default-login
info:
name: Rainloop WebMail Default Login
name: Rainloop WebMail - Default Admin Login
author: For3stCo1d
severity: high
description: Rainloop WebMail default admin login credentials were successful.
reference:
- https://github.com/RainLoop/rainloop-webmail/issues/28
metadata:
verified: true
fofa-query: app="RAINLOOP-WebMail"
tags: rainloop,webmail,default-login,foss
tags: default-login,rainloop,webmail,foss
requests:
- raw:
@ -50,4 +52,6 @@ requests:
- type: status
status:
- 200
- 200
# Enhanced by mp on 2022/07/04

5
default-logins/supermicro/supermicro-default-login.yaml
View File

@ -1,9 +1,10 @@
id: supermicro-default-login
info:
name: Supermicro Ipmi Default Login
name: Supermicro Ipmi - Default Admin Login
author: For3stCo1d
severity: high
description: Supermicro Ipmi default admin login credentials were successful.
reference:
- https://www.gearprimer.com/wiki/supermicro-ipmi-default-username-pasword/
tags: supermicro,default-login
@ -39,3 +40,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/04

6
default-logins/wildfly/wildfly-default-login.yaml Executable file → Normal file
View File

@ -1,11 +1,11 @@
id: wildfly-default-login
info:
name: Wildfly Default Login
name: Wildfly - Default Admin Login
author: s0obi
severity: high
description: |
Wildfly default login was discovered
Wildfly default admin login credentials were successful.
reference:
- https://docs.wildfly.org/26.1/#administrator-guides
tags: wildfly,default-login
@ -36,3 +36,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/04