Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Webmodule Login Panel - Detect" module is designed to detect the presence of the Webmodule login panel. This module targets the Webmodule software and helps identify potential misconfigurations or vulnerabilities related to the login panel. The severity of this module is classified as informative, meaning it provides valuable information but does not pose an immediate threat.
This module was authored by pussycat0x and daffainfo.
The impact of the Webmodule login panel detection module is primarily informational. It helps security professionals and administrators identify the presence of the login panel and assess the security posture of the Webmodule software. By detecting the login panel, potential vulnerabilities or misconfigurations can be further investigated and addressed.
The "Webmodule Login Panel - Detect" module works by sending an HTTP GET request to the "/webmodule-ee/login.seam" path. It then applies two matching conditions to determine if the login panel is present:
<title>Webmodule</title>
". This indicates that the login panel page is being returned.
- The module verifies that the HTTP response status code is 200, indicating a successful request.
If both conditions are met, the module reports the detection of the Webmodule login panel.
Classification:
CWE-ID: CWE-200
CVSS-Metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Reference:
- https://www.exploit-db.com/ghdb/7001
Metadata:
max-request: 1
google-query: intitle:"Webmodule" inurl:"/webmod"