formalms-install: Formalms Exposed Installation

日期: 2025-08-01 | 影响软件: Formalms | POC: 已公开

漏洞描述

Formalms Installation is exposed.

PoC代码[已公开]

id: formalms-install

info:
  name: Formalms Exposed Installation
  author: princechaddha
  severity: high
  description: Formalms Installation is exposed.
  metadata:
    max-request: 1
  tags: misconfig,formalms,vuln

http:
  - method: GET
    path:
      - '{{BaseURL}}/install/'

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '<title>forma.lms installer</title>'
          - '<h1>forma.lms - Installation</h1>'
        condition: and

      - type: status
        status:
          - 200
# digest: 4a0a0047304502203c0ad478cbe67ce9a6be5926d82f52ed547a36572b83ab8097f94be6a8d330560221009be61b2ecc9191ce7c1f856e4d375f7e84c22a1f89f0ae98c979d6ada1519685:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/misconfiguration/formalms-install.yaml