Vulnerabilities

Home / Vulnerabilities

Vulnrerabilities

Examples

The ReconMore service is not limited only to OSWAP Top10 vulnerabilities. We find security bugs of all kinds, for e.g. by searching the CVE Recorded Errors Database. Additionally, we focus on the analysis of your infrastructure in terms of security bugs class request smuggling, server side request forgery, blind cross-site scripting etc.

 

We automatically secure your infrastructure, and report ant existing safety issues to you with detailed information about the specific issues and their scale. Our experienced security teams handle the communication of these reports — no auto-generated messages are used in our reports. We would like you to understand more precisely what ReconMore is capable of, that’s why we present you some real vulnerabilities, that have been detected by our service in tests conducted by our Clients:

#1

.ENV configuration file available from the website level containing login data to the database and applications key,

#2

SQL database dump file available from the website level containing the entire database dump along with user data and hashes of their passwords,

#3

Settings configuration file available from the website level containing FTP login data to another server,

#4

Susceptibility of Request Smuggling to the Client's web server,

#5

Two vulnerabilities test of Cross-Site Scripting in the Client's web applications

#6

Detected weak authorization data [username=guest, password=Qwertyuiop] to an application protected with Basic Auth help in the /protected/ directory,

#7

CVE-2021-3129 vulnerability in the Laravel framework allowing for unauthorized code execution in the customer's infrastructure.,

#8

An open MongoDB database on 4 servers which allows you to login without entering login and password,

#9

An open Redis database thay allows you to login without entering login and password

#10

Laravel storage/logs/laravel.log file from where attackers could read information about the application and database the configuration of URLs on the server,

#11

Directory with user sessions from the application created in Laravel storage/logs/laravel.log framework from where attackers would be able to impersonate any user logged in to the application,

#12

https://193.34.REDACTED.REDACTED//wp-content/debug.log A vulnerability of the Debug.log in Wordpress that contains sensitive data-logins, passwords, user sessions and customer email addresses,

#13

https://redacted.pl/corehttps://REDACTED.pl/core - PHP-FPM shared file (core.1: ELF 64-bit LSB core file, x86-64, version 1 (SYSV), SVR4-style, from 'php-fpm: pool REDACTED.pl', real uid: 0, effective uid: 0, real gid: 0, effective gid: 0, execfn: '/usr/sbin/php5-fpm', platform: 'x86_64' ) contains application source, login, database credentials - very dangerous and HIGH vulnerability. One of the administrators mistakenly configured the php-FPM file in the application's document.root available from the Internet, from where attackers could read exactly what the PHP interpreter is doing - a very serious data leak stopped only thanks to the ReconMore service, because it was omitted in previous manual penetration tests.
Free_Test

Check out our free service

We offer completely free launch of services service  for Clients.

Stay_in_touch

Interested in a free test?