rack-mini-profiler environment variables disclosure Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

5

rack-mini-profiler environment variables disclosure Scanner Detail

An attacker could gain access to sensitive information of rack-mini-profiler.

rack-mini-profiler is a Rails Middleware that displays a speed badge for every html page. It's designed to work both in production and in development but on this website it has been misconfigured to expose sensitive information (such environment variables) without authentication. Environment variables are a set of dynamic named values that can affect the way running processes will behave on a computer. For example, an environment variable with a standard name can designate the location that a particular computer system uses to store temporary files but this may vary from one computer system to another.

Some Advice for Common Problems

Access restriction should be applied.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service