Complimentary 90-day, on-prem license available for entities involved in Covid19 response.
Piwik Detected
Severity: Information
Summary
Netsparker detected Piwik, a web-based statistics software.
This information can help an attacker gain a greater understanding of the systems in use and potentially to develop further attacks.
Impact
An attacker can search for specific security vulnerabilities for the version of Piwik identified. More importantly, Piwik discloses too much information about hidden pages (config, administration etc.).
Remediation
Configure your web server to prevent information leakage from the
Piwik directory by implementing access control mechanisms to stop public access.Classifications
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45, OWASP PC-C7
Vulnerability Index
You can search and find all vulnerabilities
Select Category
OR
Search Vulnerability
Related Vulnerabilities
