HTMLawed icon indicating copy to clipboard operation
HTMLawed copied to clipboard
verified publisher icon kesar

Apache log scans - security issue

Open 8ctopus opened this issue 2 years ago • 0 comments

Hi everyone,

Just found out this when reviewing my Apache logs. Some bot is scanning for this package in the vendor directory. I understand that in most cases, there will not be an issue (the vendor dir should not be publicly accessible), however it's probably safer to republish the package without the htmLawedTest.php file.

04 May 23 12:17:58
info
194.55.224.117404/srv/api/html/public/ticket/vendor/htmlawed/htmlawed/htmLawedTest.php
04 May 23 12:17:37
info
194.55.224.117404/srv/api/html/public/support/vendor/htmlawed/htmlawed/htmLawedTest.php
04 May 23 12:17:37
info
194.55.224.117404/srv/api/html/public/vendor/htmlawed/htmlawed/htmLawedTest.php
04 May 23 12:17:37
info
194.55.224.117404/srv/api/html/public/glpi/vendor/htmlawed/htmlawed/htmLawedTest.php
04 May 23 12:17:26
info
194.55.224.117404/srv/api/html/public/helpdesk/vendor/htmlawed/htmlawed/htmLawedTest.php

8ctopus avatar May 04 '23 16:05 8ctopus