id: php-composer-binary info: name: PHP Composer Binary - Exposure author: mayank_pandey01 severity: info description: | This Nuclei template checks if the specified endpoints have publically accessible PHP Composer Binary. remediation: | Restrict access to the PHP Composer binary by implementing proper access controls and permissions. metadata: verified: true max-request: 1 tags: php,composer,exposure,misconfig http: - method: GET path: - "{{BaseURL}}/composer" matchers-condition: and matchers: - type: word part: body words: - "/usr/bin/env php" - "