Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Symfony databases.yml configuration file - Vulnerability Database

Symfony databases.yml configuration file

Description

A Symfony databases.yml configuration file (config/databases.yml) was found in this directory. The databases.yml configuration allows for the configuration of the database connection.

This file may expose sensitive information that could help a malicious user to prepare more advanced attacks. It's recommended to remove or restrict access to this type of files from production systems.

Remediation

Remove or restrict access to all configuration files acessible from internet.

References

databases.yml configuration file

Related Vulnerabilities

Global.asa backup file found Medium
Common tags: Information Disclosure Test Files
Possible sensitive files Low
Common tags: Information Disclosure Test Files
Joe Editor DEADJOE file Low
Common tags: Information Disclosure Test Files
GIT Detected exposed High
Common tags: Information Disclosure Test Files
Bazaar repository found High
Common tags: Information Disclosure Test Files

Severity

High

Classification

CWE-538
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure
Test Files