id: grails-database-admin-console info: name: Grails database admin console author: emadshanab severity: medium reference: - https://www.acunetix.com/vulnerabilities/web/grails-database-console/ tags: grails,panel requests: - method: GET path: - '{{BaseURL}}/dbconsole/' - '{{BaseURL}}/h2-console/' matchers-condition: and matchers: - type: word words: - "H2 Console" - type: word words: - "Sorry, remote connections ('webAllowOthers') are disabled on this server" negative: true