Skip to content

Information Disclosure: Exposed SQL Dumps

Identifier: exposed_sql_dumps

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner ASM Scanner

Description

Exposed SQL dumps occur when MySQL dump files containing sensitive data are left accessible, potentially revealing database schemas, user credentials, and other confidential information that could lead to data breaches.

How we test: We scan for exposed MySQL dump files by attempting to access common backup file locations and analyzing responses to detect if database dump files are accessible without proper authorization.

Configuration

Example

Example configuration:

---
security_tests:
  exposed_sql_dumps:
    skip: false

Reference

skip

Type : boolean

Skip the test if true.