The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
Fingerprint: 407cf4363b0e62fafca67e0721be1c5921be1c5921be1c5921be1c5921be1c59
Symfony profiler enabled: https://help.gamificationlab.com/_profiler/empty/search/results
The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Severity: medium
Fingerprint: 2580fa947e78dd08417809b0128bf9149ee7d67d3df1ad3b541c63d12a13ca26
HTTP/1.1 500 Internal Server Error Date: Sat, 06 May 2023 21:20:31 GMT Server: Apache/2.2.22 (Debian) X-Powered-By: PHP/5.4.45-0+deb7u11 Vary: Accept-Encoding Content-Length: 1285 Connection: close Content-Type: text/html; charset=utf-8 Page title: Database Error <!DOCTYPE html> <html lang="en"> <head> <title>Database Error</title> <style type="text/css"> ::selection{ background-color: #E13300; color: white; } ::moz-selection{ background-color: #E13300; color: white; } ::webkit-selection{ background-color: #E13300; color: white; } body { background-color: #fff; margin: 40px; font: 13px/20px normal Helvetica, Arial, sans-serif; color: #4F5155; } a { color: #003399; background-color: transparent; font-weight: normal; } h1 { color: #444; background-color: transparent; border-bottom: 1px solid #D0D0D0; font-size: 19px; font-weight: normal; margin: 0 0 14px 0; padding: 14px 15px 10px 15px; } code { font-family: Consolas, Monaco, Courier New, Courier, monospace; font-size: 12px; background-color: #f9f9f9; border: 1px solid #D0D0D0; color: #002166; display: block; margin: 14px 0 14px 0; padding: 12px 10px 12px 10px; } #container { margin: 10px; border: 1px solid #D0D0D0; -webkit-box-shadow: 0 0 8px #D0D0D0; } p { margin: 12px 15px 12px 15px; } </style> </head> <body> <div id="container"> <h1>Ошибка БД</h1> <p>Невозможно соединиться с БД по имеющимся настройкам.</p><p>Filename: core/Loader.php</p><p>Line Number: 346</p> </div> </body> </html>[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] fetch = +refs/heads/*:refs/remotes/origin/* url = https://github.com/Grapheme/journal.git [branch "master"] remote = origin merge = refs/heads/master
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522394e66cb
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] fetch = +refs/heads/*:refs/remotes/origin/* url = https://github.com/Grapheme/journal.git [branch "master"] remote = origin merge = refs/heads/master