Xibo CMS Login Panel - Detect

What is the "Xibo CMS Login Panel - Detect?"

The "Xibo CMS Login Panel - Detect" module is designed to detect the presence of the Xibo CMS login panel. Xibo CMS is a content management system used for digital signage. This module focuses on identifying the login panel specifically.

This module has an informative severity level, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.

Author: ritikchaddha, daffainfo

Impact

This module does not have a direct impact on the system being scanned. It simply detects the presence of the Xibo CMS login panel, providing information about its existence.

How does the module work?

The "Xibo CMS Login Panel - Detect" module works by sending an HTTP GET request to the "/login" path of the target website. It then applies two matching conditions to determine if the Xibo CMS login panel is present.

The first matching condition checks the response body for the presence of the words "xibo-cms" and "class=\"XiboFormButton\"". If both words are found, the condition is met.

The second matching condition verifies that the HTTP response status is 200, indicating a successful request.

By combining these matching conditions, the module can accurately detect the presence of the Xibo CMS login panel.

Example HTTP request:

GET /login

Matching conditions:

- Response body contains the words "xibo-cms" and "class=\"XiboFormButton\"" - HTTP response status is 200