mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-01-31 15:53:33 +08:00
30 lines
1.1 KiB
YAML
30 lines
1.1 KiB
YAML
id: vscode-slnx-sqlite-disclosure
|
|
|
|
info:
|
|
name: Visual Studio Code - Slnx.SQLite File Disclosure
|
|
author: ritikchaddha
|
|
severity: high
|
|
description: |
|
|
Visual Studio Code and Visual Studio may create slnx.sqlite database files that contain solution metadata, project information, and potentially sensitive configuration data. If these files are accessible on a web server, they can expose internal project structure and development environment details.
|
|
metadata:
|
|
max-request: 2
|
|
verified: true
|
|
fofa-query: title="Visual Studio Code"
|
|
tags: vscode,visual-studio,sqlite,disclosure,exposure,file
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/slnx.sqlite"
|
|
- "{{BaseURL}}/.vs/slnx.sqlite"
|
|
|
|
redirects: true
|
|
stop-at-first-match: false
|
|
|
|
matchers:
|
|
- type: dsl
|
|
dsl:
|
|
- 'contains_all(body, "SQLite format", "TABLE", "UPDATE")'
|
|
- 'status_code == 200'
|
|
condition: and
|
|
# digest: 4a0a0047304502205820a233a73c90310ead0218e59e872d0ac7de13064351153cd5a8b551123e88022100d7e9f673faa55e1d164a409bf32d18f624cb1c7b919b0b147d6a6c1dfe11c4d2:922c64590222798bb761d5b6d8e72950 |