daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/misconfiguration/phpmyadmin/phpmyadmin-server-import.yaml

36 lines
984 B
YAML
Raw Blame History

id: pma-server-import
info:
name: PhpMyAdmin Server Import
author: Cristi vlad (@cristivlad25)
severity: high
description: Finds Unauthenticated PhpMyAdmin Server Import Pages.
tags: phpmyadmin,misconfig
requests:
- method: GET
path:
- "{{BaseURL}}/pma/server_import.php"
- "{{BaseURL}}/phpmyadmin/server_import.php"
- "{{BaseURL}}/phpMyAdmin 2/server_import.php"
- "{{BaseURL}}/db/server_import.php"
- "{{BaseURL}}/server_import.php"
- "{{BaseURL}}/PMA/server_import.php"
- "{{BaseURL}}/admin/server_import.php"
- "{{BaseURL}}/admin/pma/server_import.php"
- "{{BaseURL}}/phpMyAdmin/server_import.php"
- "{{BaseURL}}/admin/phpMyAdmin/server_import.php"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
condition: and
words:
- "File to import"
- "Location of the text file"
- type: status
status:
- 200
Reference in New Issue View Git Blame Copy Permalink