nuclei-templates/http/misconfiguration/installer/chamilo-installer.yaml

39 lines
1.1 KiB
YAML

id: chamilo-installer
info:
name: Chamilo Installer Exposure
author: DhiyaneshDk
severity: high
description: Chamilo is susceptible to the Installation page exposure due to misconfiguration.
metadata:
verified: true
max-request: 2
shodan-query: title:"Chamilo has not been installed"
product: chamilo
vendor: chamilo
tags: misconfig,chamilo,install,exposure
classification:
cpe: cpe:2.3:a:chamilo:chamilo:*:*:*:*:*:*:*:*
http:
- method: GET
path:
- '{{BaseURL}}'
- '{{BaseURL}}/main/install/index.php'
stop-at-first-match: true
matchers-condition: or
matchers:
- type: word
part: body
words:
- 'Chamilo installation'
- 'Installation Language'
condition: and
- type: word
part: body
words:
- '<title>Chamilo has not been installed</title>'
# digest: 490a0046304402205b0756c019bb7b1abbd48a0dc259ed7353203f0f8b43c1ab9ea2c23e06c47cc4022076c08eb4ab70f68d187c606b7148288a27ee88f825dd94d9a6133bdca0eda950:922c64590222798bb761d5b6d8e72950