Found PHPMyAdmin

Description

During the scan Kayran found that phpmyadmin might be exposed.
Which means, Anyone can access the Admin Login Panel, and anyone “bypassing” it can access and change the database.

An attacker, even without going through the Authentication process, could execute all sorts of arbitrary codes with the privileges and the capabilities of the Administrator.

Recommendation

Define and restrict which IP addresses will be allowed to access the “PhpMyAdmin” page.
Exclude the desired IP’s, so that only a few specific IP’s can access it, make sure only people you trust will get permission.

References

https://cwe.mitre.org/data/definitions/200.html

< Return to all Vulnerabilities

APT vs. ATP

In this article we will talk about APT vs. ATP. In other words, Advanced Persistent Threat and Advanced Threat Protection and the context between these

Read More »

Bug Bounties

As pirates, we all love plundering, we all love raiding, but mostly, we all love bounties, especially Bug Bounties. Let’s talk about it. Bug Bounties

Read More »