Detail

WS_FTP Log File Detected

Severity: Information

Summary #

Netsparker detected a WS_FTP Log File.

WS_FTP is an FTP client and it creates a log file named WS_FTP.Log, which contains sensitive information such as file names, internal paths, etc.

Impact #
There is no direct impact, however this information can help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.
Remediation #
If it is a file required by the application, change its permissions to prevent public users from accessing it. If it is not, then remove it from the web server.
Classifications #
CAPEC-118, CWE-538, ISO27001-A.9.4.1, WASC-13, OWASP PC-C6 , CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities

Select Category

OR

Search Vulnerability

Related Vulnerabilities

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO

RESOURCES

USE CASES

WEB SECURITY

COMPANY

Netsparker Ltd

  • 220 Industrial Blvd Ste 102
    Austin, TX 78745
© Netsparker 2021, by Invicti
Subscription Services Agreement | Privacy Policy | Data Protection Policy | Sitemap