filezilla-exposed: Filezilla

日期: 2025-08-01 | 影响软件: Filezilla | POC: 已公开

漏洞描述

Filezilla internal file is exposed.

PoC代码[已公开]

id: filezilla-exposed

info:
  name: Filezilla
  author: amsda
  severity: medium
  description: Filezilla internal file is exposed.
  metadata:
    max-request: 3
  tags: exposure,files,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/filezilla.xml"
      - "{{BaseURL}}/sitemanager.xml"
      - "{{BaseURL}}/FileZilla.xml"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "<FileZilla"
          - "<Servers>"
        condition: and

      - type: word
        words:
          - xml
        part: header

      - type: status
        status:
          - 200
# digest: 490a00463044022056b2979ba91c8afb922a2cf78bc787f48d0f896b4e2e4d45a9a9a268671634e002204d0210ef14fcc473ea91ef489821db105e45b6d0736fc5a540e0e0d52a0e6ad2:922c64590222798bb761d5b6d8e72950

来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/exposures/files/filezilla.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐