PHP : DevTools enabled

Classification

OWASP Top 10 2013

A5-Security Misconfiguration

OWASP Top 10 2017

A6-Security Misconfiguration

OWASP Top 10 2021

A5-Security Misconfiguration

CWE

CWE-1031

Overview

The application is configured in developer mode.

The application uses a DevTools instruments that can make the development proccess more comfortable. An attacker can exploit this functionality if DevTools explicity used in a production environment.

References

CWE CATEGORY: OWASP Top Ten 2017 Category A5 - Broken Access Control

MEDIUM

PHP : DevTools enabled

Classification

Overview

References

DerScanner Severity Score

Do you want to fix PHP : DevTools enabled in your application?

See also

PHP : Null salt

PHP : Empty password

PHP : Empty salt