Source code disclosure

Source code disclosure

Published on 2004-03-27. Updated on 2009-07-06.

Description:
Looks like the source code for this script is available. This check is using pattern matching to determine if server side tags are found in the file. In some cases this alert may generate false positives.

Impact:
An attacker can gather sensitive information (database connection strings, application logic) by analysing the source code. This information can be used to conduct further attacks.

Recommendation:
Remove this file from your website or change its permissions to remove access.

Tags: Scripts

Alert Tags: source_code_disclosure,information_disclosure
ApplicableApplicationServer : All
ApplicableOS: All
ApplicableWebServer: All

References:

iMPERVA Source Code Disclosure

Go Back

• Product Information
• Download
• Product Tour
• Brochure (PDF)
• Pricing
• Testimonials
• Customer references
• Resell Acunetix
• Acunetix in the Press
• List of vulnerability checks

• Learn more
• SQL Injection
• Cross site scripting
• Web Security
• Directory Traversal
• Ajax Application Security
• Google Hacking