Dozens of websites are still vulnerable

Published Date: 2020/09/12 by: DaVieS

Dozens of websites are still vulnerable

We are not speaking about a BUG, or Exploit, this is something st*pid similar if you see a burglar and let you in meanwhile you thanks to him to choose your house. Oh wait.. Not just like that, because the website may contains a lot of people private data, such as photos, passwords, addresses..

So this is something that you can solve easily and absolutely your fault, we contacted many sites owner to resolve the issue, and only 10% did that in the past 6 months.

 

Details

  • .env files (mostly used by Laravel) may contains your database passwords and any sensitive data I really don't know why using dotfiles instead of PHP?
  • .git files, this is a Git Repository if this available to attackers they could grab your source code including passwords or even your SSL Certificates, API Keys.
  • .ini files sometimes a beginner PHP programmers uses .INI files to store passwords
  • .db / .sqlite We discovered many SQlite database available in websites that contains passwords or any sensitive datas.

 



If you like the article then don't forget to share!


Big Concern: Facebook hack, Google Chrome V8 Hack, Meta Support

Many users experiences that their account leaked through Facebook Advertisement platform.The BOT change their names to Kevin Konkrete Davis and..


Maintenance

We are doing some regular maintenance at 22:00 - 02:00 UTC. Some services might be distrupted at this time. ..


FreeBSD Bhyve Webadmin | BVCP 1.9.8 Just Released

BVCP 1.9.8 features  New protocol to transmit VNC/RFB data as encrypted and compressed.Better, faster and more responsive UI.Colored..


BVCP 1.9.8 Upcoming Features

We received a ton of feedback about our new project, BVCP.So here is a little description what we are working currently. The next release will..


Trackit-PortGuard just released

When implemented well, this software can be considered as two-factor pre-authentication.Therefore this is one of the most secure method to..


2022 annual report

Here we go another year passed away.We very well predicted the importance of energy efficiency. In the year of 2022 we faced a lot of challenges..


A dull attempt to hack into my email from Nigeria.

Seems like this amazing African country has some hacky potential, but so much to learn.The thing why is this attempt worth a blog entry, because..


BVCP 1.9.0 Released Today

A major version update released out today!This update address many requests and improves overall speed and performance. Highlight of this..


Energy Saving

We have been busy since expanding our services worldwide meanwhile in other hand helping reduce CO emission in industrial-scale levels.  We..

All rights reserved nPulse.net 2009 - 2023
Powered by: MVCP 2.0-RC / BVCP / ASPF-MILTER / PHP 7.4 / NGINX / FreeBSD