id: xprober-service info: name: X Prober Server - Information Disclosure author: pdteam severity: medium description: X Prober Server information disclosure was detected. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cwe-id: CWE-200 reference: - https://github.com/kmvan/x-prober - https://twitter.com/bugbounty_tips/status/1339984643517423616 tags: config,exposure requests: - method: GET path: - "{{BaseURL}}/xprober.php" matchers: - type: word words: - '"appName":"X Prober"' - 'X Prober' condition: and # Enhanced by cs on 2023/03/02