Description

Laravel is a popular PHP web application framework. A publicly accessble Laravel log file (/storage/logs/laravel.log) was found in this directory.

This file may expose sensitive information that could help a malicious user to prepare more advanced attacks. It's recommended to remove or restrict access to this type of files from production systems.

Remediation

Remove or restrict access from the internet to this type of files.

References

Laravel Logging

Related Vulnerabilities

Unrestricted access to NGINX+ Dashboard

Joomla! Core 3.x.x Information Disclosure (3.7.0 - 3.8.1)

WordPress Plugin Email newsletter 'option' Parameter Information Disclosure (8.0)

WebDAV directory listing

ColdFusion Robust Exception enabled

Severity

Medium

Classification

CWE-538 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure Test Files