Findings

The whole source code of the site can be downloaded from the .git folder.

It seems hub.pompiershesbaye.be is affected but not hub.zone-nage.be

Impact

Downloading the source code reveals a few sensible file locations :

• https://hub.pompiershesbaye.be/caches/bibliotheques-operationnelle/262.pdf
• https://hub.pompiershesbaye.be/caches/bibliotheques-administrative/269.pdf

and a few other documents.

No password or credentials were found in the source code.

Arnaud Brouwers has been identified as primary contact for this issue.

Any downloaded files have been removed after investigation.

[core]
	repositoryformatversion = 0
	filemode = false
	bare = false
	logallrefupdates = true
	symlinks = false
	ignorecase = true
[remote "origin"]
	url = https://github.com/IctHesbaye/iem-hub.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Report created by BloodyShell  2021-09-14

Report edited by BloodyShell  2021-09-14

Report edited by BloodyShell  2021-09-14

Report edited by BloodyShell  2021-09-14

Report edited by BloodyShell  2021-09-14

Report approved by BloodyShell  2021-09-14

New PDF report generated by system 2021-09-14

Report dispatched to ...@... by system 2021-09-14

Report dispatched to ...@... by system 2021-09-14

Report marked as fixed by BloodyShell  2021-09-15

Report closed by BloodyShell  2021-09-15

New PDF report generated by system 2021-09-15

Report edited by BloodyShell  2021-09-16

New PDF report generated by system 2021-09-16

Report edited by BloodyShell  2021-09-16

New PDF report generated by system 2021-09-16

Report edited by BloodyShell  2021-09-17

New PDF report generated by system 2021-09-17