ace-admin-dashboard: Ace Admin Dashboard - Detect

漏洞描述

Ace Admin dashboard page was detected.

PoC代码[已公开]

id: ace-admin-dashboard

info:
  name: Ace Admin Dashboard - Detect
  author: tess
  severity: medium
  description: Ace Admin dashboard page was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cwe-id: CWE-200
  metadata:
    verified: true
    max-request: 1
    shodan-query: title:"Dashboard - Ace Admin"
  tags: misconfig,exposure,aceadmin,discovery

http:
  - method: GET
    path:
      - '{{BaseURL}}'

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "Dashboard - Ace Admin"
          - "overview & stats"
        condition: and

      - type: word
        part: header
        words:
          - "text/html"

      - type: status
        status:
          - 200
# digest: 4b0a0048304602210083c4f4c1a1c801e7ec324886e34f0629eae9986360d99e3601e1f0165eae1e09022100eead930f9ca6d9b3301c2dae59c9e06de002671ed88264f7343bbf477171c786:922c64590222798bb761d5b6d8e72950

来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/misconfiguration/ace-admin-dashboard.yaml