漏洞描述
Multiple phpMyAdmin server import pages were detected.
pma-server-import: PhpMyAdmin Server Import Page - Detect
PoC代码[已公开]
id: pma-server-import
info:
name: PhpMyAdmin Server Import Page - Detect
author: Cristi vlad (@cristivlad25)
severity: high
description: Multiple phpMyAdmin server import pages were detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-200
metadata:
max-request: 10
tags: phpmyadmin,misconfig,vuln
http:
- method: GET
path:
- "{{BaseURL}}{{paths}}"
payloads:
paths:
- "/pma/server_import.php"
- "/phpmyadmin/server_import.php"
- "/db/server_import.php"
- "/server_import.php"
- "/PMA/server_import.php"
- "/admin/server_import.php"
- "/admin/pma/server_import.php"
- "/phpMyAdmin/server_import.php"
- "/admin/phpMyAdmin/server_import.php"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- "File to import"
- type: word
part: body
words:
- "Location of the text file"
- "Browse your computer"
condition: or
- type: status
status:
- 200
# digest: 4a0a00473045022100c4eb0ceddd4f0c5dcce5b74554e2f7a6400b3daf6a6dc998a5294570ba9599a9022014a906930feedb314ef7f7ca695b01fa7fdd5729e8a941130a1fbf2699a270df:922c64590222798bb761d5b6d8e72950