The application exposes unnecessary content to users. Unnecessary content may include temporary files, backup files, archives, product documentation, log files, or configuration files. Many times these unreferenced or forgotten files can be used to obtain important information about the application or infrastructure.
The availability of unnecessary content such as may provide useful information regarding the application or infrastructure that may help attackers identify vulnerabilities to exploit. In other cases, temporary or backup files may contain vulnerabilities that have been fixed in more recent versions. Log files may contain sensitive information about users and configuration files may provide unauthorized access to the application.
How To Test
Sample Report Screenshots
Time Saving Tips