id: exposed-mysql-initial info: name: Exposed mysql.initial author: ELSFA7110 severity: info reference: - https://hackerone.com/reports/1081817 tags: config,exposure requests: - method: GET path: - "{{BaseURL}}/mysql.initial.sql" matchers-condition: and matchers: - type: word words: - "Roundcube Webmail initial database structure" part: body - type: status status: - 200