Found PHPMyAdmin

Description

During the scan Kayran found that phpmyadmin might be exposed.
Which means, Anyone can access the Admin Login Panel, and anyone “bypassing” it can access and change the database.

An attacker, even without going through the Authentication process, could execute all sorts of arbitrary codes with the privileges and the capabilities of the Administrator.

Recommendation

Define and restrict which IP addresses will be allowed to access the “PhpMyAdmin” page.
Exclude the desired IP’s, so that only a few specific IP’s can access it, make sure only people you trust will get permission.

References

https://cwe.mitre.org/data/definitions/200.html

https://cwe.mitre.org/data/definitions/205.html

< Return to all Vulnerabilities

APT vs. ATP

In this article we will talk about APT vs. ATP. In other words, Advanced Persistent Threat and Advanced Threat Protection and the context between these

Read More »

Servers 101

Let’s have a “quick” Servers 101 Course. Courtesy of Kayran! If you’ve been on the internet for over an hour, you probably already heard of

Read More »

The Cloud

I’m pretty sure there isn’t a single adult in the world who hasn’t at least heard of The Cloud. Explaining “The Cloud” in 2022 may

Read More »

Exposing the GIT

Let’s start with defining the meaning of GIT. GIT – is an open-source system which we use as a tool to store data and information

Read More »