• Creation
  • Validation
  • Communication & fix
  • Disclosure

trakk.be / Exposure of public .env file

zythop reported 2021-10-08

A public accessible .env has been found, potentially leaking personal information : https://trakk.be/.env

IP:
193.191.173.154
Port:
443
Detected protocol:
https
Vulnerable URL:
https://trakk.be/.env
DB_NAME=trakk
DB_USER=trakkdb
DB_PASSWORD=<redacted>
DB_HOST=localhost

WP_ENV=production
WP_HOME=https://www.trakk.be
WP_SITEURL=${WP_HOME}/cms

AUTH_KEY=<redacted>
SECURE_AUTH_KEY=<redacted>
LOGGED_IN_KEY=<redacted>
NONCE_KEY=<redacted>
AUTH_SALT=<redacted>
SECURE_AUTH_SALT=<redacted>
LOGGED_IN_SALT=<redacted>
NONCE_SALT=<redacted>
Found by DotEnvConfigPlugin 2021-09-25
Report created by zythop  2021-10-08
Report edited by zythop  2021-10-09
Report approved by zythop  2021-10-09
New PDF report generated by system 2021-10-09
Report dispatched to ...@... by system 2021-10-09
Report marked as fixed by zythop  2021-10-13
Report closed by BloodyShell  2021-10-13
New PDF report generated by system 2021-10-13
Report edited by BloodyShell  2021-10-14
New PDF report generated by system 2021-10-14
Report edited by BloodyShell  2021-10-14
New PDF report generated by system 2021-10-14
Report edited by BloodyShell  2021-10-14
New PDF report generated by system 2021-10-14
Information
Owner trakk.be
Created 2021-10-08 22:18
Updated 2021-10-14 17:05
Fixed true

Contacts
e...@cert.be

Status
Status closed
Hosting contacted false
CERT contacted false

Download report