Information Disclosure: BSPHP - Information Disclosure¶
Identifier:
bsphp_info
Scanner(s) Support¶
| GraphQL Scanner | REST Scanner | WebApp Scanner | ASM Scanner |
|---|---|---|---|
Description¶
BSPHP Pro information disclosure vulnerabilities can expose user information and unauthorized IP addresses, potentially revealing sensitive details about the system.
How we test: We test for information disclosure vulnerabilities in BSPHP Pro by attempting to access information disclosure endpoints and analyzing responses to detect if user information or IP addresses are exposed.
Reference:
- https://github.com/Threekiii/Awesome-POC/blob/master/CMS%E6%BC%8F%E6%B4%9E/BSPHP%20index.php%20%E6%9C%AA%E6%8E%88%E6%9D%83%E8%AE%BF%E9%97%AE%20%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2%E6%BC%8F%E6%B4%9E.md
- https://github.com/bigblackhat/oFx/blob/main/poc/BSPHP/Info_Disclosure/poc.py
Configuration¶
Example¶
Example configuration:
Reference¶
skip¶
Type : boolean
Skip the test if true.