A webshop had their .git directory lying in the webroot and I was able get admin access to their entire ERP system.
Little writeup: https://jomo.tv/security/git-pwning-retailer
Also I got my first bug bounty, so there's that \o/
works for me 😊
@jomo Nice! Gratualation. 🎉
@rugk Danke!
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!
Also I got my first bug bounty, so there's that \o/