fork-installer: Fork CMS - Installer

漏洞描述

PoC代码[已公开]

id: fork-installer

info:
  name: Fork CMS - Installer
  author: DhiyaneshDk
  severity: critical
  description: |
    Fork CMS installer page was detected.
  metadata:
    verified: true
    max-request: 1
    fofa-query: body="Install Fork CMS"
  tags: misconfig,exposure,fork,cms,install,vuln

http:
  - method: GET
    path:
      - '{{BaseURL}}/install/2'

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "Install Fork CMS"
          - "Settings"
        condition: and

      - type: status
        status:
          - 200
# digest: 4a0a0047304502204ae7edea7f981d558c6419abe98b670d19df80e008188a08111ef0db3549cd0702210084aca7bb0a17ebb23970c5781355c5d64ec3485ef23641aaf2af998e2858f02c:922c64590222798bb761d5b6d8e72950

相关漏洞推荐

• POC roundcube-installer-exposure: Roundcube Webmail Installer - Exposure
• POC metabase-installer-exposure: Metabase Installer - Exposure
• POC churchcrm-installer: ChurchCRM - Setup Exposure
• POC CVE-2017-17736: Kentico - Installer Privilege Escalation
• POC avideo-install: AVideo Installer - Detect
• POC circarlife-installer: CirCarLife - Installer
• POC windows-installer-elevated-privileges: Windows Installer Elevated Privileges Enabled
• POC osticket-install: osTicket Installer Panel - Detect
• POC activecollab-installer: ActiveCollab Installation Page - Exposure
• POC adguard-installer: AdGuard - Installation
• POC akeeba-installer: Akeeba Backup Installer - Exposure
• POC alma-installer: Alma Installation Exposure
• POC ampache-music-installer: Ampache Music Installer