LOGIN
CONTACT SALES
LOGIN
CONTACT SALES

WS_FTP Log Found

Description

Cytrix has detected a WS_FTP.LOG, which is a file created when using an FTP client called WS_FTP.
When people use WS_FTP to upload files to their website, they sometimes forget that, along with other files, WS_FTP.LOG file may be uploaded to the webserver, which makes it accessible and visible to anyone.

Since this file contain sensitive information regarding file meant to be hidden and their locations and directories found on the web root, as well as information about usernames and hostnames used in the site to enact certain actions.
In short, such vulnerability may lead to Information Disclosure, assisting attackers to conduct attacks against your assets.

Recommendation

Make sure this file, and other similar ones, are being either removed from your site. If removing them is not optional, access to them should be limited to authorized persons only.

References

https://cwe.mitre.org/data/definitions/200.html

https://cwe.mitre.org/data/definitions/538.html

< Return to all Vulnerabilities

Request a Demo

Bug Bounties

As pirates, we all love plundering, we all love raiding, but mostly, we all love bounties, especially Bug Bounties. Let’s talk about it. Bug Bounties

Read More »

HAR Files

In this article, I’ll talk and explain about HAR Files, so if you don’t know what they are, or, what do we use them for,

Read More »
Facebook Linkedin

Company

Resources

Docs

Latest posts

PING US
Facebook Linkedin