Summary #

Invicti identified a possible backup file disclosure on the web server.

Impact #
Backup files can contain old or current versions of a file on the web server. This could include sensitive data such as password files or even the application's source code. This form of issue normally leads to further vulnerabilities or, at worst, sensitive information disclosure.
Remediation #
Do not store backup files on production servers.
Classifications #
PCI v3.1-6.5.8; PCI v3.2-6.5.8; CAPEC-87; CWE-530; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP 2013-A7; OWASP 2017-A5
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities


Search Vulnerability


Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo