nuclei-templates/http/misconfiguration/installer/pandora-fms-installer.yaml

37 lines
974 B
YAML

id: pandora-fms-installer
info:
name: Pandora FMS Installation Page - Exposure
author: DhiyaneshDK
severity: high
description: |
Detects exposed Pandora FMS installation page.
reference:
- https://pandorafms.com/en/
metadata:
verified: true
max-request: 1
fofa-query: body="Pandora FMS - Installation Wizard"
product: pandora_fms
vendor: pandorafms
tags: misconfig,install,exposure,pandora-fms
classification:
cpe: cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:*
http:
- method: GET
path:
- "{{BaseURL}}/install.php"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "Pandora FMS - Installation Wizard"
- type: status
status:
- 200
# digest: 4b0a00483046022100fdb6af97358f0ce10670b4ef73349b318f49418f1ba095e0206a5527979a0a07022100f0435e94a7773c296cbf81ceb18e57fab50b9306573b92b83f7db2dac1770716:922c64590222798bb761d5b6d8e72950