Unnecessary Content Available


Description

The application exposes unnecessary content to users. Unnecessary content may include temporary files, backup files, archives, product documentation, log files, or configuration files. Many times these unreferenced or forgotten files can be used to obtain important information about the application or infrastructure.

Impact

The availability of unnecessary content such as may provide useful information regarding the application or infrastructure that may help attackers identify vulnerabilities to exploit. In other cases, temporary or backup files may contain vulnerabilities that have been fixed in more recent versions. Log files may contain sensitive information about users and configuration files may provide unauthorized access to the application.

Risk Rating

Remediation

How To Test

Sample Report Screenshots

Time Saving Tips

Testing Gotchas

References

 

Subscribe here in order to gain access to the AppSec Findings Database

 

Leave a Reply