Highest Voted 'information-exposure' Questions

32

votes

3 answers

Is it safe to share .git folder of a public repo?

Say I cloned a repo, then maybe worked on it a bit. Then I reverted/pushed all changes, so my friend has all the repo files. Is it safe for me to send him the .git folder? Is there any private information there, such as my username, my email,…

privacy git information-exposure

asked Apr 01 '21 at 20:07

Paul

583
5
8

22

votes

6 answers

Backend database username and password revealed in JSP Page

Recently I came across a website and when clicking on one of hyperlinks it displayed a HTTP 500 error page as shown in the image, which indicated that it is using Java Server Pages and on line 23 the code read as Connection con =…

passwords http information-exposure jsp

asked Feb 13 '22 at 17:14

Wasim Wani

322
1
8

7

votes

1 answer

Does WhatsApp's link preview on the link messages leak information?

When we want to send a message that contains only a link - such as a question from the Stack Exchange network - WhatsApp displays information from the website as below: Does this leak information about what was sent, and from who, and to whom? We…

data-leakage whatsapp sensitive-data-exposure information-exposure

asked Nov 20 '20 at 14:44

kelalaka

5,409
4
24
47

3

votes

0 answers

What is the Meow Attack and how can I guard my databases against it?

Recently, there has been some news articles about unsolicited attacks on unsecured public facing Elastic and Mongo databases. These are commonly being called "Meow" attacks, resulting in entire databases being deleted without ransom or warning. My…

databases threat-mitigation sensitive-data-exposure exposure information-exposure

asked Jul 28 '20 at 16:59

MDMoore313

978
9
14

2

votes

3 answers

HttpResponse Headers Information Leakage on Server Error (Verbose Headers)

In the past I have dealt with security issues related to Default Service Banners/Verbose Headers/Information Leakage via HttpResponse Headers. These issues are quite common, and usually look something like this for an Asp.Net - IIS Server. Server: …

asp.net iis header information-exposure

asked Nov 23 '21 at 21:32

MattyMerrix

151
6

2

votes

1 answer

Cookies VS localStorage (JavaScript Security)

I know that HTTP requests made by the site get the browser's localStorage for a site, and document.cookie is encrypted for HTTPs websites, but I'm still wondering the risk of storing sensitive information, because even if the hacker got the…

http javascript local-storage information-exposure

asked Nov 19 '21 at 23:47

Parking Master

241
1
9

2

votes

1 answer

Which information is disclosed to a merchant when paying online with a credit card?

Several sites require me to input far too many personal details in order to register. This now includes phone numbers, which they have zero legitimate uses for - they are never used after the initial validation step - but when their database is…

privacy credit-card data-leakage information-exposure

asked Oct 29 '21 at 03:33

user269261

21
2

2

votes

2 answers

Getting real machine information from a virtual machine

If a malicious software gets into a virtual machine, what is the most information of the actual machine it can obtain?

information-exposure

asked Jul 31 '20 at 04:07

Paddy

123
5

1

vote

1 answer

Autofilling sensitive information for publicly available form

We are in the process of designing an app which, simply put, will allow people to accept payments easily. The customer won't need an account and we'll be linking customer data (name, address, and phone) via emails used through their payments…

data-leakage sensitive-data-exposure payment-gateway information-exposure

asked May 28 '20 at 13:55

Script47

217
1
11

0

votes

1 answer

I gave my first name and alt email to someone I don't know, will that reveal who I am?

So, I wanted to get this game (to try it as it had no demo), so I went to a website, did not click on anything except the link to the Google drive folder, and then stupidly requested access to a Google Drive folder using my alt Google account. My…

scam information-gathering information-exposure

asked Jul 29 '22 at 00:46

KeyMeerkat

3
2

0

votes

1 answer

How do mobile apps share details with each other to show customized ads

My question is more towards how this is implemented. I mean do they expose apis to each other or store data at a common place to be accessed by others. Please excuse me if it seems too naive.

information-gathering mobile-app information-exposure

asked Jan 18 '21 at 11:35

ThankYouSRT

1,275
3
12
15

0

votes

0 answers

Does Asp.Net Core exposes too much information for required enums that were not supplied?

I have a simple code for an input model: public class MyClass { [Required] public MyEnum? Type { get; set; } } Now if I do not send Type as a part of json to the request, I get this error from Web.Api: "The JSON value could not be…

error-handling asp.net-core information-exposure

asked Feb 14 '20 at 13:44

Ilya Chernomordik

2,197
1
21
36

Questions tagged [information-exposure]