Sanctus Solutions - Bug Bounty Portfolio

A curated collection of responsible vulnerability disclosures made by Sanctus Solutions.

About the Researcher

Brennan Bosco

Director of Communications

Email [email protected]
Phone 214-766-6504

Brennan Bosco is a cybersecurity analyst and ethical hacker with hands-on experience identifying real-world vulnerabilities—from misconfigured web servers to exposed plugins and authentication flaws. He is trained through NGT Academy and certified in both red and blue team operations, with a strong focus on practical, results-driven security.

As the Director of Communications at Sanctus Solutions, Brennan leads with a mission to protect organizations through responsible disclosure, clear communication, and public service. Sanctus operates at the intersection of security and ethics, helping businesses take meaningful action to secure their digital infrastructure.

Brennan’s approach to bug bounty work is grounded in integrity: no exploitation, no shortcuts—just verified insights that support safer systems. Whether addressing risks for small businesses or identifying threats across enterprise environments, he combines offensive techniques with defensive foresight to help clients stay ahead of evolving threats.

Ethical vulnerability disclosures. Real threats. Responsible action.

Exposure of Sensitive Log File & Outdated PHP Version

Date Discovered: June 2025

Report Type: Public-facing, non-intrusive verification

Status: Patched

Summary:
During a responsible security audit of a live WordPress installation, Sanctus Solutions identified a publicly accessible debug.log file within the /wp-content/ directory. This file exceeded 52GB in size and allowed byte-range access, posing a serious risk for partial data extraction. A simple curl command confirmed the exposure, and an in-browser test triggered an automatic download—proving the file was accessible without authentication.

Additionally, the server was found to be running PHP 7.4.33, a version that reached official end-of-life in 2022. Response headers also revealed this version, increasing the site’s fingerprinting exposure.

Risks Identified:

  • Potential leakage of plugin info, error logs, server file paths, and user data

  • Risk of targeted scraping or automated recon

  • Increased exploitability due to unsupported PHP version

  • Server fingerprinting through exposed headers

Recommendations Provided:

  • Disable WP_DEBUG_LOG in production environments

  • Remove or restrict access to the debug.log file

  • Upgrade PHP to a supported version (8.2+ recommended)

  • Turn off the expose_php directive in php.ini to reduce header leakage