- The WebDAV PROPFIND Method retrieves properties for a resource identified by the request Uniform Resource Identifier (URI). If Directory Browsing is enabled, a list of all resources and their properties under this directory is returned in the response. Using this method is possible to obtain a recursive directory listing of all the files&folders from this URI. This may help an attacker to learn more about his target.
- Disable or remove WebDAV if you don't need it on this server. Otherwise, restrict Directory Browsing permissions to select URIs.
- WordPress Plugin WP-Property-WordPress Powered Real Estate and Property Management Information Disclosure (220.127.116.11)
- Rails application running in development mode
- Apache Tomcat insecure default administrative password
- Apache JServ protocol service
- WordPress Plugin Grand Flagallery-Photo Gallery Information Disclosure (4.24)