News & Articles

Our articles and guides on how to protect your startup from cybercriminals

Read about all the security issues that we find during our automated security reviews, and how to solve them.

Latest Articles

All
ISO 27001
All
SOC 2
All
Vulnerabilities
All
Mitigations

Hidden File Found

The 'Hidden File Found' vulnerability occurs when sensitive files or directories within your web application are inadvertently exposed to unauthorized users. These files or directories may contain information such as configuration files, database credentials, or other sensitive data.

Vulnerabilities

.env Information Leak

Web applications often rely on configuration files to store sensitive information. These files are commonly named '.env' (short for environment) and are meant to be kept confidential. However, vulnerabilities in your application's code or server configuration can expose these files, leading to unauthorized access and potential data leaks.

Vulnerabilities

NoSQL Injection - MongoDB

NoSQL injection is a type of security vulnerability that occurs when user-supplied data is not properly sanitized before being used in NoSQL queries. This vulnerability can lead to unauthorized access, data leakage, and potential manipulation of the database. 'NoSQL Injection - MongoDB' refers to a web application using MongoDB as its database.

.htaccess Information Leak

The '.htaccess Information Leak' vulnerability is a security issue that occurs when sensitive configuration information is leaked through the '.htaccess' file in your web application's directory. This file is used to configure various settings for the Apache web server, and if it contains sensitive data, it can potentially be accessed by unauthorized users.

Vulnerabilities

Out of Band XSS

'Out of Band XSS' is a type of cross-site scripting (XSS) vulnerability that allows attackers to inject malicious scripts into a web application and trigger a request to an external domain. This vulnerability can lead to various security risks, including data theft, session hijacking, and unauthorized access to sensitive information.

Vulnerabilities

Trace.axd Information Leak

The 'Trace.axd Information Leak' vulnerability is a common security issue found in web applications running on the ASP.NET framework. This vulnerability occurs when sensitive information is exposed through the Trace.axd handler. Attackers can exploit this weakness to gather valuable information about your application's internals.

Vulnerabilities