id: CVE-2019-11248 info: name: exposed_pprof author: 0xceeb severity: medium # https://medium.com/bugbountywriteup/my-first-bug-bounty-21d3203ffdb0 # http://mmcloughlin.com/posts/your-pprof-is-showing requests: - method: GET path: - "{{BaseURL}}/debug/pprof/" matchers: - type: word words: - "Types of profiles available:" - "Profile Descriptions"