• The file _vti_pvt/authors.pwd can be read. This file contains sensitive information and should not be available.

• Restrict access to this file be settings proper permissions to _vti_pvt directory or directly to authors.pwd.

• • Microsoft IIS Homepage

• 

• CWE-538

• Configuration Information Disclosure

• WordPress Plugin MAC PHOTO GALLERY Arbitrary File Download (3.0)
• TRACE method is enabled
• Debian OpenSSL predictable random number generator (SSH)
• WordPress Plugin MiwoFTP-File & Folder Manager Arbitrary File Download (1.0.5)
• XML external entity injection via external file