GQs1
CDCloudflare Developers
•Created by GQs1 on 1/8/2024 in #general-help
Security Problems in the url "cdn-cgi"
Hello! I need some help with my website:
I am using ZAP to check my website's security, and it gives me those alerts: "Path Traversal", "SQL Injection", "SQL Injection - Oracle - Time Based", "SQL Injection - SQLite" affecting many files in the url mywebsite.com/cdn-cgi/challenge-platform/h/g/jsd/r/
I already checked some community answers, but they all ended saying that opening a ticket with cloudflare was advised. I did, they told me they cannot help me (free user) if it's not a problem related to billing or 2FA, and to ask to the community.
In case it might be helpful, some answers in the community said these might be some "leftovers" of the cloudflare apps that were installed and then uninstalled.
My other domain, that uses cloudflare too, isn't affected.
Would you be so kind to help me?
Thanks in advance!
Regards
10 replies