Automate Recon and scanning process with Vidoc. All security teams in one place
The "Neos CMS Login Panel - Detect" module is designed to detect the presence of the login panel in the Neos CMS software. Neos CMS is a content management system used for building websites and applications. This module focuses on identifying the login panel, which is an important component for accessing the CMS backend. The severity of this module is classified as informative, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.
This module was authored by k11h-de.
The impact of this module is limited to providing information about the presence of the Neos CMS login panel. It does not indicate any specific vulnerabilities or misconfigurations. The module's purpose is to assist in identifying the login panel for further analysis or testing.
The "Neos CMS Login Panel - Detect" module works by sending an HTTP GET request to the "/neos/login" path of the target website. It then applies two matching conditions to determine if the Neos CMS login panel is present:
If both matching conditions are met, the module reports the detection of the Neos CMS login panel.
For example, the module sends the following HTTP request:
The module then checks if the response body contains the phrase "Neos comes with ABSOLUTELY NO WARRANTY" and if the response status code is 200.
For more information, you can refer to the Neos CMS Configuration/Routes.yaml file.
Metadata: max-request: 1