automatic module_metadata_base.json update
This commit is contained in:
parent
002c575ee1
commit
4da004938f
|
@ -19604,7 +19604,7 @@
|
|||
"https"
|
||||
],
|
||||
"targets": null,
|
||||
"mod_time": "2020-10-02 17:38:06 +0000",
|
||||
"mod_time": "2023-05-28 00:29:17 +0000",
|
||||
"path": "/modules/auxiliary/gather/ibm_sametime_enumerate_users.rb",
|
||||
"is_install_path": true,
|
||||
"ref_name": "gather/ibm_sametime_enumerate_users",
|
||||
|
@ -28450,6 +28450,66 @@
|
|||
"session_types": false,
|
||||
"needs_cleanup": false
|
||||
},
|
||||
"auxiliary_scanner/http/dolibarr_16_contact_dump": {
|
||||
"name": "Dolibarr 16 pre-auth contact database dump",
|
||||
"fullname": "auxiliary/scanner/http/dolibarr_16_contact_dump",
|
||||
"aliases": [
|
||||
|
||||
],
|
||||
"rank": 300,
|
||||
"disclosure_date": "2023-03-14",
|
||||
"type": "auxiliary",
|
||||
"author": [
|
||||
"Vladimir TOUTAIN",
|
||||
"Nolan LOSSIGNOL-DRILLIEN"
|
||||
],
|
||||
"description": "Dolibarr version 16 < 16.0.5 is vulnerable to a pre-authentication contact database dump.\n An unauthenticated attacker may retreive a company’s entire customer file, prospects, suppliers,\n and potentially employee information if a contact file exists.\n Both public and private notes are also included in the dump.",
|
||||
"references": [
|
||||
"URL-https://www.dsecbypass.com/en/dolibarr-pre-auth-contact-database-dump/",
|
||||
"URL-https://github.com/Dolibarr/dolibarr/blob/16.0.5/ChangeLog#L34",
|
||||
"URL-https://github.com/Dolibarr/dolibarr/commit/bb7b69ef43673ed403436eac05e0bc31d5033ff7",
|
||||
"URL-https://github.com/Dolibarr/dolibarr/commit/be82f51f68d738cce205f4ce5b469ef42ed82d9e"
|
||||
],
|
||||
"platform": "",
|
||||
"arch": "",
|
||||
"rport": 80,
|
||||
"autofilter_ports": [
|
||||
80,
|
||||
8080,
|
||||
443,
|
||||
8000,
|
||||
8888,
|
||||
8880,
|
||||
8008,
|
||||
3000,
|
||||
8443
|
||||
],
|
||||
"autofilter_services": [
|
||||
"http",
|
||||
"https"
|
||||
],
|
||||
"targets": null,
|
||||
"mod_time": "2023-05-24 09:28:41 +0000",
|
||||
"path": "/modules/auxiliary/scanner/http/dolibarr_16_contact_dump.rb",
|
||||
"is_install_path": true,
|
||||
"ref_name": "scanner/http/dolibarr_16_contact_dump",
|
||||
"check": true,
|
||||
"post_auth": false,
|
||||
"default_credential": false,
|
||||
"notes": {
|
||||
"Stability": [
|
||||
"crash-safe"
|
||||
],
|
||||
"Reliability": [
|
||||
|
||||
],
|
||||
"SideEffects": [
|
||||
"ioc-in-logs"
|
||||
]
|
||||
},
|
||||
"session_types": false,
|
||||
"needs_cleanup": false
|
||||
},
|
||||
"auxiliary_scanner/http/dolibarr_login": {
|
||||
"name": "Dolibarr ERP/CRM Login Utility",
|
||||
"fullname": "auxiliary/scanner/http/dolibarr_login",
|
||||
|
|
Loading…
Reference in New Issue