nginx
tcp/8080
Elasticsearch and/or Kibana is currently open without authentication.
This results in all the database data made available publicly.
Severity: medium
Fingerprint: 831cb76b8e05df466766846ff00749c0dd8ee9cb16521644eecb8b5867c97e58
Indices: 5, document count: 5, size: 31.2 kB Found index read-me-hacked-by-nightlionsecurity-1heuot with 1 documents (6.2 kB) Found index read-me-hacked-by-nightlionsecurity-w4bcfv with 1 documents (6.2 kB) Found index read-me-hacked-by-nightlionsecurity-rcxlxi with 1 documents (6.2 kB) Found index read-me-hacked-by-nightlionsecurity-cgpnpo with 1 documents (6.2 kB) Found index read-me-hacked-by-nightlionsecurity-k3d4kd with 1 documents (6.2 kB)
Severity: medium
Fingerprint: 831cb76b8e05df46645a615d8855016c8855016c8855016c8855016c8855016c
Indices: 1, document count: 1, size: 6.6 kB Found index api with 1 documents (6.6 kB)
Open service 172.105.73.189:8080
2024-03-11 02:55
HTTP/1.1 200 OK Server: nginx Date: Mon, 11 Mar 2024 02:54:06 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Set-Cookie: pmaCookieVer=5; expires=Wed, 10-Apr-2024 02:54:06 GMT; Max-Age=2592000; path=/; HttpOnly Set-Cookie: pma_lang=en; expires=Wed, 10-Apr-2024 02:54:06 GMT; Max-Age=2592000; path=/; HttpOnly Set-Cookie: pma_collation_connection=utf8mb4_unicode_ci; expires=Wed, 10-Apr-2024 02:54:06 GMT; Max-Age=2592000; path=/; HttpOnly Set-Cookie: phpMyAdmin=89a6b78e0597b0fbe4e04f81e666c4c8; path=/; HttpOnly X-ob_mode: 1 X-Frame-Options: DENY Referrer-Policy: no-referrer Content-Security-Policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org; X-Content-Security-Policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org; X-WebKit-CSP: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org; X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none X-Robots-Tag: noindex, nofollow Expires: Mon, 11 Mar 2024 02:54:06 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 Pragma: no-cache Last-Modified: Mon, 11 Mar 2024 02:54:06 +0000 Vary: Accept-Encoding Page title: phpMyAdmin <!DOCTYPE HTML><html lang='en' dir='ltr'><head><meta charset="utf-8" /><meta name="referrer" content="no-referrer" /><meta name="robots" content="noindex,nofollow" /><meta http-equiv="X-UA-Compatible" content="IE=Edge" /><style id="cfs-style">html{display: none;}</style><link rel="icon" href="favicon.ico" type="image/x-icon" /><link rel="shortcut icon" href="favicon.ico" type="image/x-icon" /><link rel="stylesheet" type="text/css" href="./themes/pmahomme/jquery/jquery-ui.css" /><link rel="stylesheet" type="text/css" href="js/codemirror/lib/codemirror.css?v=4.7.7" /><link rel="stylesheet" type="text/css" href="js/codemirror/addon/hint/show-hint.css?v=4.7.7" /><link rel="stylesheet" type="text/css" href="js/codemirror/addon/lint/lint.css?v=4.7.7" /><link rel="stylesheet" type="text/css" href="phpmyadmin.css.php?nocache=4542115344ltr&server=1" /><link rel="stylesheet" type="text/css" href="./themes/pmahomme/css/printview.css?v=4.7.7" media="print" id="printcss"/><title>phpMyAdmin</title><script data-cfasync="false" type="text/javascript" src="js/get_scripts.js.php?scripts%5B%5D=jquery/jquery.min.js&scripts%5B%5D=jquery/jquery-migrate-3.0.0.js&scripts%5B%5D=sprintf.js&scripts%5B%5D=ajax.js&scripts%5B%5D=keyhandler.js&scripts%5B%5D=jquery/jquery-ui.min.js&scripts%5B%5D=jquery/jquery.cookie.js&scripts%5B%5D=jquery/jquery.mousewheel.js&scripts%5B%5D=jquery/jquery.event.drag-2.2.js&scripts%5B%5D=jquery/jquery-ui-timepicker-addon.js&v=4.7.7"></script><script data-cfasync="false" type="text/javascript" src="js/get_scripts.js.php?scripts%5B%5D=jquery/jquery.ba-hashchange-1.3.js&scripts%5B%5D=jquery/jquery.debounce-1.0.5.js&scripts%5B%5D=menu-resizer.js&scripts%5B%5D=cross_framing_protection.js&scripts%5B%5D=rte.js&scripts%5B%5D=tracekit/tracekit.js&scripts%5B%5D=error_report.js&scripts%5B%5D=config.js&scripts%5B%5D=doclinks.js&scripts%5B%5D=functions.js&v=4.7.7"></script><script data-cfasync="false" type="text/javascript" src="js/get_scripts.js.php?scripts%5B%5D=navigation.js&scripts%5B%5D=indexes.js&scripts%5B%5D=common.js&scripts%5B%5D=page_settings.js&scripts%5B%5D=shortcuts_handler.js&scripts%5B%5D=codemirror/lib/codemirror.js&scripts%5B%5D=codemirror/mode/sql/sql.js&scripts%5B%5D=codemirror/addon/runmode/runmode.js&scripts%5B%5D=codemirror/addon/hint/show-hint.js&scripts%5B%5D=codemirror/addon/hint/sql-hint.js&v=4.7.7"></script><script data-cfasync="false" type="text/javascript" src="js/get_scripts.js.php?scripts%5B%5D=codemirror/addon/lint/lint.js&scripts%5B%5D=codemirror/addon/lint/sql-lint.js&scripts%5B%5D=console.js&v=4.7.7"></script><script data-cfasync='false' type='text/javascript' src='js/whitelist.php?v=4.7.7&lang=en&collation_connection=utf8mb4_unicode_ci&token=ce9f9cc0d0eee843a6e3e2c67dce723f'></script><script data-cfasync='false' type='text/javascript' src='js/messages.php?l=en&v=4.7.7&lang=en&collation_connection=utf8mb4_unicode_ci&token=ce9f9cc0d0eee843a6e3e2c67dce723f'></script><script data-cfasync='false' type='text/javascript' src='js/get_image.js.php?theme=pmahomme&v=4.7.7&lang=en&collation_connection=utf8mb4_unicode_ci&token=ce9f9cc0d0eee843a6e3e2c67dce723f'></script><script data-cfasync="false" type="text/javascript">// <![CDATA[ PMA_commonParams.setAll({common_query:"?lang=en&collation_connection=utf8mb4_unicode_ci&token=ce9f9cc0d0eee843a6e3e2c67dce723f",opendb_url:"db_structure.php",collation_connection:"utf8mb4_unicode_ci",lang:"en",server:"1",table:"",db:"",token:"ce9f9cc0d0eee843a6e3e2c67dce723f",text_dir:"ltr",show_databases_navigation_as_tree:"1",pma_text_default_tab:"Browse",pma_text_left_default_tab:"Structure",pma_text_left_default_tab2:"",LimitChars:"50",pftext:"",confirm:"1",LoginCookieValidity:"1440",session_gc_maxlifetime:"1440",logged_in:"",PMA_VERSION:"4.7.7",auth_type:"cookie",user:"root"}); ConsoleEnterExecutes=false AJAX.scriptHandler.add("jquery/jquery.min.js",0).add("jquery/jquery-migrate-3.0.0.js",0).add("whi
Open service 172.105.73.189:22
2024-03-02 18:18