Found PHPMyAdmin

Description

phpMyAdmin is a software written in PHP, used to manage MySql Database over the Web

phpmyadmin’s login page is exposed to all over the internet could lead to brute force attacks attempts.

Bussines Impact

An attacker could use the login page to exploit and use future CVE’s on the system.
In addition, the login page can give an attacker an idea of how the website works and what technologies he’s using.

Recommendation

Define which IP addresses are allowed to access “PhpMyAdmin”.

Reference

https://cwe.mitre.org/data/definitions/200.html

Exposing the GIT

Let’s start with defining the meaning of GIT. GIT – is an open-source system which we use as a tool to store data and information

Read More »

Explaining API

We’ve talked about API’s Vulnerability in here, but i feel like there’s much more to talk about and explain since this is a big and

Read More »

Passwords 101

Unlike basketballs, “passwords” are things we don’t want to be passed around, especially in a society built around the idea that “mystery” is appealing. We

Read More »