codeigniter-errorpage: CodeIgniter - Error Page

日期: 2025-08-01 | 影响软件: CodeIgniter | POC: 已公开

漏洞描述

CodeIgniter error debug are enabled.

PoC代码[已公开]

id: codeigniter-errorpage

info:
  name: CodeIgniter - Error Page
  author: j4vaovo
  severity: low
  description: CodeIgniter error debug are enabled.
  classification:
    cpe: cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: codeigniter
    product: codeigniter
    shodan-query: title:"Error" html:"CodeIgniter"
    fofa-query: title="ErrorException"
  tags: codeigniter,misconfig,error,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "<title>Error</title>"
          - "<title>ErrorException</title>"
          - "<title>Database Error</title>"
        condition: or

      - type: word
        part: body
        words:
          - "CodeIgniter"
        case-insensitive: true

      - type: status
        status:
          - 200
          - 500
        condition: or
# digest: 4a0a00473045022100a73d51c1847c21eff491c6f132959656b436a4432cf05754c965f0dd12e22fe702206e87810e8078d067093a86ee30cb225f4ccf3204eefaea3909eccb01bcb10812:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/misconfiguration/codeigniter-errorpage.yaml

相关漏洞推荐