The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652273223b1a
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true precomposeunicode = false [remote "origin"] url = https://github.com/the-losers/ipsamr_dashboard.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "develop"] remote = origin merge = refs/heads/develop [branch "master"] remote = origin merge = refs/heads/master
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
Severity: high
Fingerprint: 5f32cf5d6962f09cdafa5447dafa5447da7ba3da955e1de17da20e6fbf7f4226
Found 18 files trough .DS_Store spidering: /.htaccess /application /assets /captcha /common /csv /db_package.sql /images /index.php /info.php /invoice /license.txt /project detail /sql /system /template /upload /user_guide
The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652273223b1a
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true precomposeunicode = false [remote "origin"] url = https://github.com/the-losers/ipsamr_dashboard.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "develop"] remote = origin merge = refs/heads/develop [branch "master"] remote = origin merge = refs/heads/master
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
Severity: high
Fingerprint: 5f32cf5d6962f09cdafa5447dafa5447da7ba3da955e1de17da20e6fbf7f4226
Found 18 files trough .DS_Store spidering: /.htaccess /application /assets /captcha /common /csv /db_package.sql /images /index.php /info.php /invoice /license.txt /project detail /sql /system /template /upload /user_guide
Elasticsearch and/or Kibana is currently open without authentication.
This results in all the database data made available publicly.
Fingerprint: 831cb76b8e05df46e5e42e3e7ca45bcb257d919b257d919b257d919b257d919b
Indices: 2, document count: 8, size: 53.1 kB Found index .opendistro_security with 8 documents (52.8 kB) Found index .kibana_1 with 0 documents (283 B)
Elasticsearch and/or Kibana is currently open without authentication.
This results in all the database data made available publicly.
Fingerprint: 831cb76b8e05df46e5e42e3e7ca45bcb257d919b257d919b257d919b257d919b
Indices: 2, document count: 8, size: 53.1 kB Found index .opendistro_security with 8 documents (52.8 kB) Found index .kibana_1 with 0 documents (283 B)