Ref | Observation | Impact | Risk Rating | Recommendation |
2020 W 5.2.1 | Database Credential in Error Message Database credentials leaked in error message. During login on http://104.248.143.105:8000/api/admin/ the application takes long to respond and eventually throws an error. | The credentials leaked can be used to compromise the database and the data. |  | Disable debugging on the application and correct the response time on the application. |
2020 W 5.2.2 | Debug enabled on http://104.248.143.105:8000/ When visiting the above URL, we are present with a page that suggests possible directory on the server. This happens when the debug mode is enabled on the application. | The information presented on the page gives more info that may used but an attacker to attack the application. |  | Disable debugging on the application. |
2020 W 5.2.3 | SSH and other ports found on the server The IPs 104.248.143.105, 104.236.39.170 and 104.236.37.64 have ports 22, 53, 443 and others open. | Some of the ports,such as 22 can be abused by attackers by doing a bruteforce attack which may lead to DDoS attack. |
 | Disable unused ports. |
Ref | Observation | Impact | Risk Rating | Recommendation |
2020 W 5.2.4 | GraphQL Console Enabled The endpoint http://104.248.143.105:8000/api/graphql gives a graphql web interface that is accessible without credentials, the interface allows for graphql queries to the server. | The interface can be abused by an attacker to bruteforce the queries. |  | Restrict access to the console or disable the console. |
Evidence
1. Database Credential in Error Message
2. Debug enabled on http://104.248.143.105:8000/
3. SSH and other ports found on the server
4. GraphQL Console Enabled