EspoCRM Installation' - type: status status: - 200 # digest: 4b0a00483046022100f6cf7cdc4e68510f8c1a4808b7e9ec263a30317d83437a3a888ca011977d2880022100801f7ad77b0ef1835e6329d6f4db0c8e5912c4fce349a5c142feb2cb7584e8b6:922c64590222798bb761d5b6d8e72950

id: espocrm-installer

info:
  name: Espocrm Installer
  author: DhiyaneshDk
  severity: high
  description: Espocrm is susceptible to the Installation page exposure due to misconfiguration.
  metadata:
    verified: true
    max-request: 1
    shodan-query: html:"Welcome to Espocrm"
  tags: misconfig,espocrm,install,exposure

http:
  - method: GET
    path:
      - '{{BaseURL}}/install/'

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '<title>EspoCRM Installation'

      - type: status
        status:
          - 200
# digest: 4b0a00483046022100f6cf7cdc4e68510f8c1a4808b7e9ec263a30317d83437a3a888ca011977d2880022100801f7ad77b0ef1835e6329d6f4db0c8e5912c4fce349a5c142feb2cb7584e8b6:922c64590222798bb761d5b6d8e72950