Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Yii Error Page - Detct

By kannthu

Informative
Vidoc logoVidoc Module
#exposure#yii#logs
Description

Yii Error Page - Detct

What is the "Yii Error Page - Detct" module?

The "Yii Error Page - Detct" module is a test case designed to detect misconfigurations or vulnerabilities in the Yii framework's error page. Yii is a high-performance PHP framework used for developing web applications. This module focuses on identifying errors that result in a 500 status code and contain the "" string in the response body.

This module has an informative severity level, meaning it provides valuable information but does not pose an immediate threat.

This module was authored by DhiyaneshDk.

Impact

If misconfigurations or vulnerabilities are detected in the Yii error page, it could potentially expose sensitive information or allow attackers to exploit the application further. It is important to address any issues identified by this module to ensure the security and stability of the Yii-based application.

How does the module work?

The "Yii Error Page - Detct" module works by sending HTTP requests to the target application and analyzing the responses based on predefined matching conditions. It specifically looks for responses with a 500 status code and the "" string in the response body.

Here is an example of an HTTP request that the module might send:

GET /path/to/error/page HTTP/1.1
Host: example.com
User-Agent: Vidoc-Scanner

The module's matching conditions are:

- The response body must contain the "" string. - The response status code must be 500.

If both conditions are met, the module will report a potential misconfiguration or vulnerability related to the Yii error page.

Module preview

Concurrent Requests (0)
Passive global matcher
word: <title>yii\base\ErrorException</title>and
status: 500
On match action
Report vulnerability