WS_FTP Log File Detected

Severity: Information
Summary#

Invicti detected a WS_FTP Log File.

WS_FTP is an FTP client and it creates a log file named WS_FTP.Log, which contains sensitive information such as file names, internal paths, etc.

Impact#
There is no direct impact, however this information can help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.
Remediation#
If it is a file required by the application, change its permissions to prevent public users from accessing it. If it is not, then remove it from the web server.
Invicti

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo