nuclei-templates/http/technologies/payloadcms-detect.yaml

id: payloadcms-detect

info:
  name: PayloadCMS - Detect
  author: Shivam Kamboj
  severity: info
  description: |
    PayloadCMS panel was detected. PayloadCMS is an open-source, headless CMS and application framework built with Node.js, React, and TypeScript.
  reference:
    - https://payloadcms.com/
    - https://github.com/payloadcms/payload
  metadata:
    verified: true
    max-request: 2
    vendor: payloadcms
    product: payload
    shodan-query:
      - http.html:"payload__modal"
      - http.html:"@layer payload-default"
    google-query: intitle:"Payload" inurl:"/admin"
  tags: tech,detect,payloadcms,cms

http:
  - method: GET
    path:
      - "{{BaseURL}}"
      - "{{BaseURL}}/admin/login"

    stop-at-first-match: true
    redirects: true

    matchers:
      - type: dsl
        dsl:
          - "contains_any(body, '<title>Login - Payload', '<title>Payload Admin')"
          - 'status_code == 200'
        condition: and
# digest: 4a0a00473045022100de3bdb4a12e086b5681fbe4d92eca81ab58fd02539a9e4cf5bf86a491a1bcce4022036bab36189047c0fddb19690a5a0100c681db482ad7dd6fad494d348747a1876:922c64590222798bb761d5b6d8e72950