Hi @unikrn! I found some vulnerabilities in you crm server: 1. By pass Cloudflare access: You Use Cloudflare Access on https://crm.unikrn.com . BUt this link bypassed Cloudflare Access: ████████/login This vulnerability generates the disclosure of important blocked: PHP info page: ██████████phpinfo - an attacker can find out the server configuration and also find out the server path Symfony request log: █████empty/search/results?limit=10 list of all requests, IP addresses and so on. Symfony debug log: ██████████6099a6?panel=logger Symfony config: █████6099a6?panel=config ## Impact crm.unicrn.com multiple vulnerabilities on your mautic server

Report Details

Additional information and metadata

State

Closed

Substate

Resolved