id: grails-database-admin-console info: name: Grails Admin Console Panel - Detect author: emadshanab severity: medium description: Grails Admin Console panel was detected. reference: - https://www.acunetix.com/vulnerabilities/web/grails-database-console/ - http://h2database.com/html/quickstart.html#h2_console classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cwe-id: CWE-200 metadata: max-request: 2 tags: grails,panel http: - method: GET path: - '{{BaseURL}}/dbconsole/' - '{{BaseURL}}/h2-console/' matchers-condition: and matchers: - type: word words: - "H2 Console" - type: word words: - "Sorry, remote connections ('webAllowOthers') are disabled on this server" negative: true # digest: 4b0a00483046022100b06502ae7bc6cba0830608fbad56392e9dbb07b0d76d412949abfe73695de8590221008a5bf8458b10d0112dd715acb2e5f535bac122a0056461a055589ea59fe0c439:922c64590222798bb761d5b6d8e72950