Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "PgHero Dashboard Exposure Panel - Detect" module is designed to detect the presence of the PgHero Dashboard Exposure panel. PgHero is a performance dashboard for Postgres databases that provides insights and monitoring capabilities. This module specifically focuses on identifying the exposure panel, which may indicate potential security risks or misconfigurations.
This module has a medium severity level, indicating that while it may not pose an immediate threat, it should still be addressed to ensure the security and proper configuration of the PgHero dashboard.
Author: DhiyaneshDk
The presence of the PgHero Dashboard Exposure panel may expose sensitive information or provide unauthorized access to the PgHero dashboard. This can potentially lead to data breaches, unauthorized modifications, or other security vulnerabilities.
The module works by sending an HTTP GET request to the "/connections" endpoint of the target system. It then applies matching conditions to determine if the response indicates the presence of the PgHero Dashboard Exposure panel.
Matching conditions:
- The response body must contain the HTML title tag "<title>PgHero / Connections</title>
".
- The response status code must be 200.
If both conditions are met, the module considers the PgHero Dashboard Exposure panel to be detected.
Reference: https://github.com/ankane/pghero
Metadata:
- max-request: 1 - verified: true - shodan-query: title: