SVN repository & source code disclosure
Hi,
I found the following SVN repository available on your servers:
As you probably know, when a .svn directory is available, it's possible to download all files managed by the repository.
http://xxx.xxxxxxxxxxxx.xxx/.svn/text-base/xxx.svn-base
{}
An attacker could extract files that contain credentials and then get access to another part of your system, like database. Also he could find vulnerabilities in the code, like XSS or SQL injection, and exploit it to get acccess to more datas.
Remove dangerous files/directories from production server.
Best regards,
Gwen