Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Joomla! Database File List" module is designed to detect misconfigurations in Joomla! websites. It specifically targets the database directory "/libraries/joomla/database/" and checks if directory indexing is enabled. This module has a medium severity level.
If directory indexing is enabled in the "/libraries/joomla/database/" directory, it can expose sensitive information about the Joomla! website's database structure and potentially lead to unauthorized access or data leakage.
The "Joomla! Database File List" module sends a GET request to the "/libraries/joomla/database/" directory and checks for specific matching conditions. It looks for the presence of the phrases "Index of /libraries/joomla/database" and "Parent Directory" in the response body, indicating that directory indexing is enabled. Additionally, it verifies that the HTTP status code is 200.
By detecting these conditions, the module identifies if the Joomla! website's database directory is exposed and vulnerable to potential attacks. It provides valuable information for website administrators to take necessary actions and secure their Joomla! installations.