automatic module_metadata_base.json update

2023-05-30 10:27:30 -05:00 · 2023-05-30 10:27:30 -05:00 · 4da004938f
parent 002c575ee1
commit 4da004938f
1 changed files with 61 additions and 1 deletions
--- a/db/modules_metadata_base.json
+++ b/db/modules_metadata_base.json
@ -19604,7 +19604,7 @@
      "https"
    ],
    "targets": null,
-    "mod_time": "2020-10-02 17:38:06 +0000",
+    "mod_time": "2023-05-28 00:29:17 +0000",
    "path": "/modules/auxiliary/gather/ibm_sametime_enumerate_users.rb",
    "is_install_path": true,
    "ref_name": "gather/ibm_sametime_enumerate_users",
@ -28450,6 +28450,66 @@
    "session_types": false,
    "needs_cleanup": false
  },
+  "auxiliary_scanner/http/dolibarr_16_contact_dump": {
+    "name": "Dolibarr 16 pre-auth contact database dump",
+    "fullname": "auxiliary/scanner/http/dolibarr_16_contact_dump",
+    "aliases": [
+
+    ],
+    "rank": 300,
+    "disclosure_date": "2023-03-14",
+    "type": "auxiliary",
+    "author": [
+      "Vladimir TOUTAIN",
+      "Nolan LOSSIGNOL-DRILLIEN"
+    ],
+    "description": "Dolibarr version 16 < 16.0.5 is vulnerable to a pre-authentication contact database dump.\n          An unauthenticated attacker may retreive a company’s entire customer file, prospects, suppliers,\n          and potentially employee information if a contact file exists.\n          Both public and private notes are also included in the dump.",
+    "references": [
+      "URL-https://www.dsecbypass.com/en/dolibarr-pre-auth-contact-database-dump/",
+      "URL-https://github.com/Dolibarr/dolibarr/blob/16.0.5/ChangeLog#L34",
+      "URL-https://github.com/Dolibarr/dolibarr/commit/bb7b69ef43673ed403436eac05e0bc31d5033ff7",
+      "URL-https://github.com/Dolibarr/dolibarr/commit/be82f51f68d738cce205f4ce5b469ef42ed82d9e"
+    ],
+    "platform": "",
+    "arch": "",
+    "rport": 80,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": null,
+    "mod_time": "2023-05-24 09:28:41 +0000",
+    "path": "/modules/auxiliary/scanner/http/dolibarr_16_contact_dump.rb",
+    "is_install_path": true,
+    "ref_name": "scanner/http/dolibarr_16_contact_dump",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+
+      ],
+      "SideEffects": [
+        "ioc-in-logs"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": false
+  },
  "auxiliary_scanner/http/dolibarr_login": {
    "name": "Dolibarr ERP/CRM Login Utility",
    "fullname": "auxiliary/scanner/http/dolibarr_login",