The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
Fingerprint: 407cf4363b0e62fafca67e07fba57b24fba57b24fba57b24fba57b24fba57b24
Symfony profiler enabled: http://137.184.121.194/_profiler/empty/search/results
MongoDB is currently open without authentication.
This results in all the database data made available publicly.
Severity: medium
Fingerprint: 436d217a47ab4258fc75df94e9b383964ce909204e6f39da5748fae5dae2ada0
Collections: 3, document count: 2, size: 432 B HTTP/1.0 200 OK Connection: close Content-Type: text/plain Content-Length: 85 It looks like you are trying to access MongoDB over HTTP on the native driver port. Found collection READ__ME_TO_RECOVER_YOUR_DATA.README with 1 documents (373 B) Found collection admin.system.version with 1 documents (59 B) Found collection config.system.sessions with 0 documents (0 B)
Severity: high
Fingerprint: 436d217a47ab4258af24c8dec51224a0ffd0007a9c3262a885b5efcf57f4e91e
Collections: 3, document count: 2, size: 782 B HTTP/1.0 200 OK Connection: close Content-Type: text/plain Content-Length: 85 It looks like you are trying to access MongoDB over HTTP on the native driver port. Found collection READ_ME_TO_RECOVER_YOUR_DATA.README with 1 documents (723 B) Found collection admin.system.version with 1 documents (59 B) Found collection config.system.sessions with 0 documents (0 B)
Severity: high
Fingerprint: 436d217a47ab42586f2bac76a8c6e6582011b2324ac734705fb92987e029e948
Collections: 3, document count: 3, size: 1.6 kB HTTP/1.0 200 OK Connection: close Content-Type: text/plain Content-Length: 85 It looks like you are trying to access MongoDB over HTTP on the native driver port. Found collection READ_ME_TO_RECOVER_YOUR_DATA.README with 2 documents (1.5 kB) Found collection admin.system.version with 1 documents (59 B) Found collection config.system.sessions with 0 documents (0 B)
Severity: high
Fingerprint: 436d217a47ab4258aebaed72f0c22c3403dcf9d6abaabd1c4c8598db408f3b68
Collections: 3, document count: 2, size: 504 B HTTP/1.0 200 OK Connection: close Content-Type: text/plain Content-Length: 85 It looks like you are trying to access MongoDB over HTTP on the native driver port. Found collection READ_ME_TO_RECOVER_DATA.READ_ME_TO_RECOVER_DATA with 1 documents (445 B) Found collection admin.system.version with 1 documents (59 B) Found collection config.system.sessions with 0 documents (0 B)
Severity: high
Fingerprint: 436d217a47ab425883076b8699de7ec829e3c1e2adb0a4a0b72114773fe337d1
Collections: 3, document count: 2, size: 805 B HTTP/1.0 200 OK Connection: close Content-Type: text/plain Content-Length: 85 It looks like you are trying to access MongoDB over HTTP on the native driver port. Found collection READ_ME_TO_RECOVER_YOUR_DATA.README with 1 documents (746 B) Found collection admin.system.version with 1 documents (59 B) Found collection config.system.sessions with 0 documents (0 B)
Severity: medium
Fingerprint: 436d217a47ab42586278bebdd2164f75e41e1731e8ed331b78573d5c118ff400
Collections: 3, document count: 2, size: 433 B HTTP/1.0 200 OK Connection: close Content-Type: text/plain Content-Length: 85 It looks like you are trying to access MongoDB over HTTP on the native driver port. Found collection READ__ME_TO_RECOVER_YOUR_DATA.README with 1 documents (374 B) Found collection admin.system.version with 1 documents (59 B) Found collection config.system.sessions with 0 documents (0 B)
Severity: high
Fingerprint: 436d217a47ab425856a0fdef3bb79677b339222bc105ff010a12215e45d141e4
Collections: 3, document count: 6, size: 3.8 kB HTTP/1.0 200 OK Connection: close Content-Type: text/plain Content-Length: 85 It looks like you are trying to access MongoDB over HTTP on the native driver port. Found collection READ_ME_TO_RECOVER_YOUR_DATA.README with 5 documents (3.7 kB) Found collection admin.system.version with 1 documents (59 B) Found collection config.system.sessions with 0 documents (0 B)
Severity: medium
Fingerprint: 436d217a47ab4258e351092676fcaae8112181c2ab02ec00e2760ed7da24a4ea
Collections: 3, document count: 4, size: 630 B HTTP/1.0 200 OK Connection: close Content-Type: text/plain Content-Length: 85 It looks like you are trying to access MongoDB over HTTP on the native driver port. Found collection READ__ME_TO_RECOVER_YOUR_DATA.README with 1 documents (373 B) Found collection admin.system.version with 1 documents (59 B) Found collection config.system.sessions with 2 documents (198 B)
Severity: medium
Fingerprint: 436d217a47ab4258586766625cbc2f4453a831268b22a16cf4a7f12bdab04acc
Collections: 3, document count: 2, size: 434 B HTTP/1.0 200 OK Connection: close Content-Type: text/plain Content-Length: 85 It looks like you are trying to access MongoDB over HTTP on the native driver port. Found collection READ__ME_TO_RECOVER_YOUR_DATA.README with 1 documents (375 B) Found collection admin.system.version with 1 documents (59 B) Found collection config.system.sessions with 0 documents (0 B)
Severity: medium
Fingerprint: 436d217a47ab4258605072f840f8a95ffe8aae47ec212840ec212840ec212840
Collections: 3, document count: 2, size: 832 B Found collection READ__ME_TO_RECOVER_YOUR_DATA.README with 1 documents (773 B) Found collection admin.system.version with 1 documents (59 B) Found collection config.system.sessions with 0 documents (0 B)
Open service 137.184.121.194:88
2024-06-14 18:46
HTTP/1.1 401 Unauthorized Content-Type: text/plain; charset=utf-8 Www-Authenticate: Basic X-Content-Type-Options: nosniff Date: Fri, 14 Jun 2024 18:46:52 GMT Content-Length: 13 Connection: close Unauthorized