Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Bagisto Installer Exposure

By kannthu

High
Vidoc logoVidoc Module
#misconfig#bagisto#install#exposure
Description

What is the "Bagisto Installer Exposure?"

The "Bagisto Installer Exposure" module is designed to detect a misconfiguration vulnerability in the Bagisto installer. Bagisto is a software platform used for building online marketplaces. This module focuses on identifying instances where the Bagisto installer is exposed and accessible via a specific HTTP path. The severity of this vulnerability is classified as high, indicating the potential for significant security risks.

This module was authored by ritikchaddha.

Impact

If the Bagisto installer is exposed, it can provide unauthorized access to sensitive information and potentially allow malicious actors to exploit the system. This can lead to unauthorized modifications, data breaches, and other security incidents.

How does the module work?

The "Bagisto Installer Exposure" module works by sending an HTTP GET request to the "/installer" path. It then applies matching conditions to determine if the Bagisto Installer is present in the response body and if the HTTP status code is 200 (OK).

For example, the module checks if the response body contains the phrase "Bagisto Installer" and if the HTTP status code is 200. If both conditions are met, the module identifies the presence of the Bagisto installer and reports it as a potential vulnerability.

It is important to note that this module is just one test case within the Vidoc platform, which utilizes multiple modules to perform comprehensive scanning and detection of vulnerabilities, misconfigurations, and software fingerprints.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/installer
Matching conditions
word: Bagisto Installerand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability