Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Concrete5 Install Panel" module is designed to detect the presence of a Concrete5 installation panel. Concrete5 is a content management system (CMS) used for building websites and applications. This module focuses on identifying potential misconfigurations or vulnerabilities related to the installation panel.
This module has a severity level of critical, indicating that any issues found could have a significant impact on the security and functionality of the Concrete5 installation.
Author: osamahamad, princechaddha
If the Concrete5 installation panel is accessible and misconfigured or vulnerable, it could potentially allow unauthorized access or manipulation of the CMS. This could lead to unauthorized modifications to the website, data breaches, or other security risks.
The "Concrete5 Install Panel" module performs a series of HTTP requests and matches the responses against specific conditions to determine if the Concrete5 installation panel is present.
One example of an HTTP request made by this module is:
GET /index.php/install
The module then checks the response for the presence of the following conditions:
- The response body contains the HTML tag<title>Install concrete5</title>
- The HTTP status code is 200 (OK)
If both conditions are met, the module considers the Concrete5 installation panel to be present.
For more information on installing Concrete5, you can refer to the official documentation.
Metadata:
- max-request: 2 - verified: true - shodan-query: http.title:"Install concrete5"