Summary #

Netsparker identified that DbNinja is publicly accessible on the target server. DbNinja is an application written in the PHP language that provides a web-based interface for the administration of MySQL databases.

Impact #
An attacker can access, modify or delete all MySQL databases.
Remediation #
Configure your web server to prevent public access to the page by implementing access control mechanisms.
Classifications #
CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C6
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities

OR

Search Vulnerability

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO