Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Source Code Disclosure - Vulnerability Database

Source Code Disclosure

Description

One or more pages disclosing source code were found. This check is using pattern matching to determine if server side tags are found in the file. In some cases this alert may generate false positives.

Remediation

Remove these file(s) from your website or change their permissions to remove access.

References

Why is Source Code Disclosure Dangerous?
CWE-540: Inclusion of Sensitive Information in Source Code

Related Vulnerabilities

SVN Detected High
Common tags: Source Code Disclosure Information Disclosure
CVS Detected Medium
Common tags: Source Code Disclosure Information Disclosure
IBM WebSphere/WebLogic application source file exposure High
Common tags: Source Code Disclosure Information Disclosure
Tornado debug mode Medium
Common tags: Source Code Disclosure Information Disclosure
Configuration file source code disclosure High
Common tags: Source Code Disclosure Information Disclosure

Severity

Medium

Classification

CWE-538
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Source Code Disclosure
Information Disclosure