nuclei-templates/misconfiguration/unauthenticated-popup-uploa...

26 lines
475 B
YAML

id: unauthenticated-popup-upload
info:
name: Unauthenticated Popup File Uploader
author: DhiyaneshDk
severity: info
reference:
- https://www.exploit-db.com/ghdb/6671
tags: edb,fileupload,upload
requests:
- method: GET
path:
- "{{BaseURL}}/RichWidgets/Popup_Upload.aspx"
matchers-condition: and
matchers:
- type: word
words:
- "Popup Upload"
part: body
- type: status
status:
- 200