id: ioncube-loader-wizard info: name: ioncube Loader Wizard Disclosure author: Mubassirpatel severity: medium description: An ioncube Loader Wizard was discovered. reference: - https://firefart.at/post/multiple-vulnerabilities-in-ioncube-loader-wizard/ classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cwe-id: CWE-200 tags: ioncube,disclosure,exposure metadata: max-request: 2 http: - method: GET path: - "{{BaseURL}}/ioncube/loader-wizard.php" - "{{BaseURL}}/loader-wizard.php" matchers-condition: and matchers: - type: word words: - "ionCube Loader Wizard" part: body - type: status status: - 200 # Enhanced by mp on 2022/04/08