Domain betacms.ibnkhabar.com
Germany
-
MacOS file listing through .DS_Store file
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
First seen 2023-04-18 08:00
Last seen 2023-12-14 11:06
Open for 240 days-
Severity: medium
Fingerprint: 5f32cf5d6962f09cb1c4b1dfb1c4b1dfdd9de930355449c32a69e8febe81acacFound 61 files trough .DS_Store spidering: /adminer.php /article_upload.txt /Assembly_Elections_2019.json /astro /board_map_data /change_modified_date.php /check-aws-redis.php /composer.json /composer.lock /constant.php /contest-api.php /cric_sql.php /cric_sql1.php /crons /customs /election_article_upload.php /export-data.php /external /failover_redis_data.php /index.php /KHABARN18-nw_web_stroy_category-1.json /KHABARN18-nw_web_stroy_category-2.json /license.txt /light_edit.php /manage_branded_content.php /migration /nw_update_redis.php /php_version.php /predis /readme.html /save_to_redis.php /sharechat_widget /solr-config.php /solr_search_ibnkhabar.php /SolrPhpClient /test-redis.php /test-s3.txt /vendor /webstory_cat_script.php /wp-activate.php /wp-admin /wp-blog-header.php /wp-comments-post.php /wp-config-sample.php /wp-config.php /wp-content /wp-content/audio_upload.php /wp-content/index.php /wp-content/plugins /wp-content/themes /wp-cron.php /wp-includes /wp-links-opml.php /wp-load.php /wp-login.php /wp-mail.php /wp-settings.php /wp-signup.php /wp-trackback.php /xmlrpc.php /yat1.txt
Found on 2023-12-14 11:06 -
Severity: medium
Fingerprint: 5f32cf5d6962f09c7b6beb587b6beb5844bf4aa79104b91a5f2badbd111e3b95Found 57 files trough .DS_Store spidering: /adminer.php /article_upload.txt /Assembly_Elections_2019.json /astro /board_map_data /change_modified_date.php /check-aws-redis.php /composer.json /composer.lock /constant.php /contest-api.php /cric_sql.php /cric_sql1.php /crons /customs /election_article_upload.php /export-data.php /external /failover_redis_data.php /index.php /KHABARN18-nw_web_stroy_category-1.json /KHABARN18-nw_web_stroy_category-2.json /license.txt /light_edit.php /manage_branded_content.php /migration /nw_update_redis.php /php_version.php /predis /readme.html /save_to_redis.php /sharechat_widget /solr-config.php /solr_search_ibnkhabar.php /SolrPhpClient /test-redis.php /test-s3.txt /vendor /webstory_cat_script.php /wp-activate.php /wp-admin /wp-blog-header.php /wp-comments-post.php /wp-config-sample.php /wp-config.php /wp-content /wp-cron.php /wp-includes /wp-links-opml.php /wp-load.php /wp-login.php /wp-mail.php /wp-settings.php /wp-signup.php /wp-trackback.php /xmlrpc.php /yat1.txt
Found on 2023-04-26 08:21
-
-
Git configuration and history exposed
The following URL (usually
/.git/config) is publicly accessible and is leaking source code and repository configuration.Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.
First seen 2023-04-18 08:00
Last seen 2023-12-14 11:06
Open for 240 days-
Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652218ee13ad[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = http://gitdeployment:GitDepL0yment@git.active18.com/news18/hindi_cms.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master
Found on 2023-12-14 11:06297 Bytes
-