Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Yii Error Page - Detct" module is a test case designed to detect misconfigurations or vulnerabilities in the Yii framework's error page. Yii is a high-performance PHP framework used for developing web applications. This module focuses on identifying errors that result in a 500 status code and contain the "" string in the response body.
This module has an informative severity level, meaning it provides valuable information but does not pose an immediate threat.
This module was authored by DhiyaneshDk.
If misconfigurations or vulnerabilities are detected in the Yii error page, it could potentially expose sensitive information or allow attackers to exploit the application further. It is important to address any issues identified by this module to ensure the security and stability of the Yii-based application.
The "Yii Error Page - Detct" module works by sending HTTP requests to the target application and analyzing the responses based on predefined matching conditions. It specifically looks for responses with a 500 status code and the "" string in the response body.
Here is an example of an HTTP request that the module might send:
GET /path/to/error/page HTTP/1.1
Host: example.com
User-Agent: Vidoc-Scanner
The module's matching conditions are:
- The response body must contain the "" string. - The response status code must be 500.If both conditions are met, the module will report a potential misconfiguration or vulnerability related to the Yii error page.