Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Tianqing Info Leak" module is designed to detect information leaks in the Tianqing software. It is a vulnerability detection module with a medium severity level. The original author of this module is ritikchaddha.
If the "Tianqing Info Leak" vulnerability is present, it can potentially expose sensitive information stored in the Tianqing software. This can lead to unauthorized access, data breaches, and other security risks.
The "Tianqing Info Leak" module works by sending an HTTP GET request to the "/api/dbstat/gettablessize" endpoint. It then applies several matching conditions to determine if the vulnerability exists:
- The response body must contain the words "schema_name", "table_name", and "table_size". - The response headers must include the word "application/json". - The HTTP status code must be 200.If all of these conditions are met, the module identifies the presence of the "Tianqing Info Leak" vulnerability.
Example HTTP request:
GET /api/dbstat/gettablessize
Note: The above example is a simplified representation of the HTTP request. The actual request may contain additional headers or parameters.