Code Repository
- CWE 425
- WASC 34
Code repository was found in this folder. An attacker can extract sensitive information by requesting the hidden metadata directory that version control tool creates. The metadata directories are used for development purposes to keep track of development changes to a set of source code before it is committed back to a central repository (and vice-versa).
Remediation
Remove the repository from production systems or restrict (or password protect) access to it.
References
Go Back to List
Search Vulnerability
You may also see
- Code Repository (SVN)
- Code Repository (Git)
- Code Repository (CVS)
- Readable .htaccess file
- apc.php page
- Webalizer script
- phpinfo page
- Apache perl-status Enabled
- Apache server-info Enabled
- Apache server-status Enabled
- JetBrains .idea project directory
- AWStats script
- elmah.axd Detected
- Core dump checker PHP script
- trace.axd Detected
- .DS_Store file
- Macromedia Dreamweaver database scripts
- Help file
- robots.txt Detected
- Sitemap Detected
- crossdomain.xml Detected
- Silverlight Client Access Policy
- Laravel log file
- Code Repository
- Configuration File
- Administration page
- Predictable Resource Location
- Code Repository
- Configuration File
- Administration page