mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-01-31 15:53:33 +08:00
39 lines
1.2 KiB
YAML
39 lines
1.2 KiB
YAML
id: lightstreamer-dashboard-exposure
|
|
|
|
info:
|
|
name: Lightstreamer Dashboard Exposure
|
|
author: DhiyaneshDk
|
|
severity: medium
|
|
description: |
|
|
Detected exposed Lightstreamer Server dashboard that may reveal server configuration,real-time monitoring data, session information, and internal infrastructure details.
|
|
reference:
|
|
- https://lightstreamer.com/
|
|
- https://lightstreamer.com/docs/ls-server/latest/Dashboard%20and%20Monitoring.html
|
|
metadata:
|
|
verified: true
|
|
max-request: 2
|
|
shodan-query: html:"lightstreamer"
|
|
tags: exposure,lightstreamer,dashboard,misconfig,unauth
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/dashboard/"
|
|
- "{{BaseURL}}/lightstreamer/dashboard/"
|
|
|
|
stop-at-first-match: true
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- "Lightstreamer Monitoring Dashboard"
|
|
- "performance"
|
|
condition: and
|
|
case-insensitive: true
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
# digest: 490a0046304402206c891fdc23ee28abca66743a32fd2c663a09c6b62eb06e8d4a297ac5bf5ce33002205fefdfc829138fcbafaee5d41c0a69b58cec174189c3285e9e2aca8b44f8eb31:922c64590222798bb761d5b6d8e72950 |