Download Netsparker
Pricing
Blog
Contact
Netsparker

Internal File or Directory Path Leakage on Windows Web Server

Netsparker identified a possible Internal Path Disclosure (Windows) in the document.

Impact

There is no direct impact, however this information can help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.

Remedy

Ensure this is not a false positive. Due to the nature of the issue, Netsparker could not confirm that this file path was actually the real file path of the target web server.
  • Error messages should be disabled.
  • Remove this kind of sensitive data from the output.

External References


Go back to the Complete list of Vulnerability Checks.