Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "mysql.initial Config - Detect" module is designed to detect misconfigurations in the mysql.initial configuration file. It targets the Roundcube Webmail initial database structure and checks for the presence of this specific configuration file. The severity of this module is classified as informative.
This module was authored by ELSFA7110.
This module does not have a direct impact on the system. It is used to identify potential misconfigurations in the mysql.initial configuration file, which could lead to security vulnerabilities if not properly secured.
The "mysql.initial Config - Detect" module works by sending an HTTP GET request to the "/mysql.initial.sql" path. It then performs two matching conditions:
If both conditions are met, the module considers the mysql.initial configuration file to be detected.
For example, the module sends the following HTTP request:
GET /mysql.initial.sql
The matching conditions ensure that the response body contains the specific phrase and the HTTP status is 200.
For more information, you can refer to the HackerOne report related to this module.