Possible sensitive files

Description

Some possible sensitive exposed files were found, which allows an attacker to view and even download those files.

Bussines Impact

An attacker could access this file and use the information in order to perform reconnaissance actions against the website infrastructure and or sensitive data the website might hold.

Recommendation

To prevent this vulnerability from occurring, make sure to restrict access to these files from users without permission or remove it completely from the website

More Details

By revealing this info (Information disclosure) you will make an attacker’s job easy to see which version of plugins, components, etc are installed and hence can find attack vectors easily.

Reference

https://cwe.mitre.org/data/definitions/200.html

HAR Files

In this article, I’ll talk and explain about HAR Files, so if you don’t know what they are, or, what do we use them for,

Read More »

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

Read More »

HTTP VS. HTTPS

You must have once wondered what HTTP means and what is the difference between that ugly word to HTTPS, and if not, then please read

Read More »