id: qdpm-info-leak info: name: qdPM 9.2 - DB Credentials Exposure author: gy741 severity: high description: qdPM 9.2 database credentials were discovered. reference: - https://www.exploit-db.com/exploits/50176 tags: qdpm,exposure,edb metadata: max-request: 1 http: - method: GET path: - '{{BaseURL}}/core/config/databases.yml' matchers-condition: and matchers: - type: word part: body words: - 'dsn:' - 'username:' - 'password:' condition: and - type: status status: - 200