Description

A possible backup file was found on your web-server. These files are usually created by developers to backup their work.

Remediation

Remove the file(s) if they are not required on your website. As an additional step, it is recommended to implement a security policy within your organization to disallow creation of backup files in directories accessible from the web.

References

Testing for Old, Backup and Unreferenced Files (OWASP-CM-006)

Security Tips for Server Configuration

Protecting Confidential Documents at Your Site

Related Vulnerabilities

WordPress Plugin Be POPIA Compliant Information Disclosure (1.1.5)

Joomla! Core 2.5.x Information Disclosure (2.5.0 - 2.5.8)

ColdFusion Request Debugging information disclosure

Jira Unauthorized User Enumeration via UserPickerBrowser

WordPress Plugin Sell Downloads Arbitrary File Disclosure (1.0.17)

Severity

High

Classification

CWE-538 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Tags

Information Disclosure Test Files