Description

One or more possibly sensitive directories were found. These resources are not directly linked from the website. This check looks for common sensitive resources like backup directories, database dumps, administration pages, temporary directories. Each one of these directories could help an attacker to learn more about his target.

Remediation

Restrict access to these directories or remove them from the website.

References

Web Server Security and Database Server Security

Related Vulnerabilities

Python Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-1015)

WordPress Plugin Save Contact Form 7 Information Disclosure (2.0)

Stack Trace Disclosure (Laravel)

WordPress Plugin Caldera Forms-More Than Contact Forms Information Disclosure (1.3.5.2)

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Information Disclosure (1.2.5)

Severity

Low

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure