Opening Source Code, Database, and Logs /.Git/
HackerOne report #542715 by iframe
on 2019-04-19:
I understand that this is not the reward, but it would be worth closing it.
I did not find it in the public domain.
Hello, I came across an out-of-scope domain
/.git/COMMIT_EDITMSG
/.git/FETCH_HEAD
/.git/HEAD
/.git/config
/.git/description
/.git/index
/.git/info/exclude
/.git/logs/HEAD
/.git/logs/refs/heads/master
/.git/logs/refs/remotes/origin/HEAD
/.git/logs/refs/remotes/origin/master
/.git/packed-refs
/.git/refs/remotes/origin/HEAD
/.git/refs/heads/master
/.git/refs/remotes/origin/master
/.idea/misc.xml
/.idea/modules.xml
/.idea/vcs.xml
/.idea/workspace.xml
/Gemfile
/Gemfile.lock
/README.md
/Rakefile
/config/database.yml
/log/development.log
/log/production.log
/log/test.log
There are a lot of things...
There are also SQLite tables.
Impact
Opening Source Code, Database, and Logs /.Git/