Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
[Possible] Backup Source Code Detected - Vulnerability Database

[Possible] Backup Source Code Detected

Description

A possible backup file was found on your web-server. These files are usually created by developers to backup their work.

Remediation

Remove the file(s) if they are not required on your website. As an additional step, it is recommended to implement a security policy within your organization to disallow creation of backup files in directories accessible from the web.

References

Testing for Old, Backup and Unreferenced Files (OWASP-CM-006)
Security Tips for Server Configuration
Protecting Confidential Documents at Your Site

Related Vulnerabilities

[Possible] WS_FTP Log File Detected Information
Common tags: Information Disclosure Test Files
Bazaar repository found High
Common tags: Information Disclosure Test Files
Configuration file source code disclosure High
Common tags: Information Disclosure Test Files
Mercurial repository found High
Common tags: Information Disclosure Test Files
JetBrains .idea project directory Medium
Common tags: Information Disclosure Test Files

Severity

High

Classification

CWE-538
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Tags

Information Disclosure
Test Files