critical information disclosure
Critical
Vulnerability Details
##Description:
hey all ,
I have found critical information through this endpoint ████
on ███████ DB credentials such as DB_NAME,DB_USER,DB_PASSWORD,DB_HOST, etc..
## Impact
full access control on DB service on website
## System Host(s)
███
## Affected Product(s) and Version(s)
## CVE Numbers
## Steps to Reproduce
Go to
██████/████████?aam-media=1
you nedd to put ?aam-media=1 to bypass blank page
## Suggested Mitigation/Remediation Actions
Actions
View on HackerOneReport Stats
- Report ID: 1106505
- State: Closed
- Substate: resolved
- Upvotes: 10