nuclei-templates/http/exposures/logs/php-debug-bar.yaml

33 lines
675 B
YAML

id: php-debug-bar
info:
name: PHP Debug Bar
author: dhiyaneshDk
severity: high
description: The PHP Debug Bar tool was discovered, which allows the attacker to obtain sensitive information, e.g. application configuration.
tags: debug,logs,exposure
http:
- method: GET
path:
- "{{BaseURL}}/_debugbar/open?max=20&offset=0"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- '"id":"'
- '"datetime":'
- '"method"'
condition: and
part: body
- type: word
words:
- "application/json"
part: header