Detail

WS_FTP Log File Detected

Severity: Information

Summary #

Netsparker detected a WS_FTP Log File.

WS_FTP is an FTP client and it creates a log file named WS_FTP.Log, which contains sensitive information such as file names, internal paths, etc.

Impact #
There is no direct impact, however this information can help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.
Remediation #
If it is a file required by the application, change its permissions to prevent public users from accessing it. If it is not, then remove it from the web server.
Classifications #
CAPEC-118; CWE-538; ISO27001-A.9.4.1; WASC-13; OWASP PC-C6 , CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities

Select Category

OR

Search Vulnerability

Related Vulnerabilities

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo

Netsparker Ltd
220 Industrial Blvd Ste 102
Austin, TX 78745

© Netsparker 2021, by Invicti

RESOURCES

USE CASES

WEB SECURITY

COMPANY

© Netsparker 2021, by Invicti

Subscription Services Agreement Data Protection Policy Information Security Policy Privacy Policy Sitemap