A JSON configuration file has been found at config.json
.
It may contains application configuration such as credentials.
False positive might happen when hitting a JSON API endpoint.
Fingerprint: b18befd9dd653682cd7d82d8cd7d82d8cd7d82d8cd7d82d8cd7d82d8cd7d82d8
{"serverTime":638042743939728841}
Fingerprint: b18befd9dd653682966cb354966cb354966cb354966cb354966cb354966cb354
{"serverTime":638038626737404270}
An attacker can make use of this vulnerability to step out of the root directory and access other parts of the file system.
This might give the attacker the ability to view restricted files, which could provide the attacker with more information required to further compromise the system.
https://www.acunetix.com/websitesecurity/directory-traversal/
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07dc2c2bfb79e21bb5b9e21bb5b498e5faddc35ee3f
Found host file trough Directory traversal: 127.0.0.1 localhost 127.0.1.1 alpha # the following lines are desirable for ipv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07dc2c2bfb7ba029dbbba029dbbb134800d9ea1221f
Found host file trough Directory traversal: 127.0.0.1 localhost 127.0.1.1 billingserver # the following lines are desirable for ipv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters
An attacker can make use of this vulnerability to step out of the root directory and access other parts of the file system.
This might give the attacker the ability to view restricted files, which could provide the attacker with more information required to further compromise the system.
https://www.acunetix.com/websitesecurity/directory-traversal/
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07dc2c2bfb79e21bb5b9e21bb5b498e5faddc35ee3f
Found host file trough Directory traversal: 127.0.0.1 localhost 127.0.1.1 alpha # the following lines are desirable for ipv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters
An attacker can make use of this vulnerability to step out of the root directory and access other parts of the file system.
This might give the attacker the ability to view restricted files, which could provide the attacker with more information required to further compromise the system.
https://www.acunetix.com/websitesecurity/directory-traversal/
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07dc2c2bfb7ba029dbbba029dbbb134800d9ea1221f
Found host file trough Directory traversal: 127.0.0.1 localhost 127.0.1.1 billingserver # the following lines are desirable for ipv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters
An attacker can make use of this vulnerability to step out of the root directory and access other parts of the file system.
This might give the attacker the ability to view restricted files, which could provide the attacker with more information required to further compromise the system.
https://www.acunetix.com/websitesecurity/directory-traversal/
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07dc2c2bfb7ba029dbbba029dbbb134800d9ea1221f
Found host file trough Directory traversal: 127.0.0.1 localhost 127.0.1.1 billingserver # the following lines are desirable for ipv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters
An attacker can make use of this vulnerability to step out of the root directory and access other parts of the file system.
This might give the attacker the ability to view restricted files, which could provide the attacker with more information required to further compromise the system.
https://www.acunetix.com/websitesecurity/directory-traversal/
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07dc2c2bfb732ba186d32ba186d48b63e63d20c05b5
Found host file trough Directory traversal: 127.0.0.1 localhost 127.0.1.1 mail.global.internal.com # the following lines are desirable for ipv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters