logo

.env Information Leak

  • Risk:

  • Medium

  • Type:
  • Active
Summary
One or more .env files seems to have been located on the server. These files often expose infrastructure or administrative account credentials, API or APP keys, or other sensitive configuration information.
Solution
Ensure the .env file is not accessible.
References

https://www.google.com/search?q=db_password+filetype%3Aenv

https://mobile.twitter.com/svblxyz/status/1045013939904532482

Back <<