Description
The Yii2 Gii extension was found in the web application. Gii is a Web-based code generator for Yii2, which should be enabled only for the development environment with a strict white-list of allowed IP addresses
Remediation
Disable the Gii extension or restrict access to proper IP addresses only
References
Related Vulnerabilities
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Multiple Vulnerabilities (4.1.2)
WordPress Plugin Login by Auth0 Multiple Vulnerabilities (3.11.3)
ASP.NET login credentials stored in plain text
MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-3579)