id: django-debug-exposure info: name: Django Debug Exposure author: geeknik severity: high reference: - https://twitter.com/Alra3ees/status/1397660633928286208 tags: django,exposure metadata: max-request: 1 http: - method: POST path: - "{{BaseURL}}/admin/login/?next=/admin/" matchers-condition: and matchers: - type: status status: - 500 - type: word part: body words: - "DB_HOST" - "DB_NAME" - "DJANGO" - "ADMIN_PASSWORD" condition: and