sap-directory-listing: SAP Directory Listing

漏洞描述

PoC代码[已公开]

id: sap-directory-listing

info:
  name: SAP Directory Listing
  author: dhiyaneshDK
  severity: medium
  description: SAP Directory Listing is enabled.
  metadata:
    max-request: 1
  tags: sap,listing,misconfig,vuln

http:
  - method: GET
    path:
      - '{{BaseURL}}/irj/go/km/navigation/'

    matchers-condition: and
    matchers:
      - type: word
        words:
          - 'title="~system"'
          - 'NetWeaver'
        condition: and

      - type: status
        status:
          - 200

      - type: word
        words:
          - "text/html"
        part: header
# digest: 4a0a00473045022100b7b95acb3eaa10b6b2a21856b4b4f5e25b3496c8cfad5a122c764868fde4bd8f0220386176fbb2a3f064a60cdf53a0dd3024317f5be4b705fd27bd34251d9389aaf9:922c64590222798bb761d5b6d8e72950

相关漏洞推荐

• POC vtigercrm-exposed-directory: Vtiger CRM - Exposed Directory
• CVE-2019-19781: Citrix Application Delivery Controller (ADC) and Gateway Directory Traversal.
• CVE-2019-20085: TVT NVMS 1000 - Directory Traversal
• CVE-2019-3799: Spring Cloud Config Server Directory Traversal
• docker-registry: Docker Registry Listing
• finereport-directory-traversal: Finereport Directory Traversal
• tpshop-directory-traversal: Tpshop Directory Traversal
• WordPress Business Directory 插件 /business-directory SQL 注入漏洞（CVE-2024-4443）
• WordPress Web Directory Free < 1.7.0 /wp-admin/admin-ajax.php SQL 注入漏洞 （CVE-2024-3552）
• POC CVE-2009-5114: WebGlimpse 2.18.7 - Directory Traversal
• POC CVE-2010-0942: Joomla! Component com_jvideodirect - Directory Traversal
• POC CVE-2010-0943: Joomla! Component com_jashowcase - Directory Traversal
• POC CVE-2010-0944: Joomla! Component com_jcollection - Directory Traversal