The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.
Severity: critical
Fingerprint: 2580fa947178c88c8f88f4f64b143e4f192660cba91884022e566c8117096fca
[init] defaultBranch = none [fetch] recurseSubmodules = false [core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://gitlab-ci-token:64_qmpHVU7MgFTDvXvPsyYj@git.leadgid.space/landing/iplenihin.com.git fetch = +refs/heads/*:refs/remotes/origin/*
Severity: critical
Fingerprint: 2580fa947178c88c8f88f4f64b143e4f192660cba91884022e566c814634da93
[init] defaultBranch = none [fetch] recurseSubmodules = false [core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://gitlab-ci-token:64_xbGdfv4zRdsPyd7sVrns@git.leadgid.space/landing/iplenihin.com.git fetch = +refs/heads/*:refs/remotes/origin/*
Severity: critical
Fingerprint: 2580fa947178c883cda65107b6f0882eb5010f354c5d91ec33bd1e392abe593e
[fetch] recurseSubmodules = false [core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://gitlab-ci-token:Pcy3VBLwVXWuxJo1528C@git.leadgid.space/landing/iplenihin.com.git fetch = +refs/heads/*:refs/remotes/origin/*