rack-mini-profiler environment variables disclosure Scanner

Stay Up To Date
Asset Type


Need Membership


Asset Verify


API Support


Estimate Time (Second)


rack-mini-profiler environment variables disclosure Scanner Detail

An attacker could gain access to sensitive information of rack-mini-profiler.

rack-mini-profiler is a Rails Middleware that displays a speed badge for every html page. It's designed to work both in production and in development but on this website it has been misconfigured to expose sensitive information (such environment variables) without authentication. Environment variables are a set of dynamic named values that can affect the way running processes will behave on a computer. For example, an environment variable with a standard name can designate the location that a particular computer system uses to store temporary files but this may vary from one computer system to another.

Some Advice for Common Problems

Access restriction should be applied.

Need a Full Assessment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service