Follow
A webshop had their .git directory lying in the webroot and I was able get admin access to their entire ERP system.
Little writeup: https://jomo.tv/security/git-pwning-retailer
@jomo Nice! Gratualation. 🎉
A webshop had their .git directory lying in the webroot and I was able get admin access to their entire ERP system.
Little writeup: https://jomo.tv/security/git-pwning-retailer
@jomo Nice! Gratualation. 🎉
Also I got my first bug bounty, so there's that \o/