Git repo found

Description

During the scan, Kayran managed to find a .git folder.
The .git folder is a GitHub directory containing information and hashes of files and directories of the repository he is associated with. During the scan, Kayran found that the file is exposed and available for everyone to download.

An attacker could access very sensitive information including usernames, passwords, ports, and IP addresses of a database.

Severity/Score

CVSS Version 3.x – 5.3 Medium

Recommendation

To prevent this vulnerability, Ensure that the directory access is blocked by configuring the .htaccess file or by removing the “/.git/” from the server entirely.

References

https://cwe.mitre.org/data/definitions/200.html

https://cwe.mitre.org/data/definitions/527.html

< Return to all Vulnerabilities

Crossing Scripts – XSS

Injections. SQL Injections. Cross-site Scripting (hence the amazing title “Crossing Scripts – XSS”). There all sorts of Injection-Based attacks, if you want to read about

Read More »

Using VPN

What is a VPN? Why should someone be using VPN? Which Problems does is solve? and what is the advantages and disadvantages of it? Let’s

Read More »