Possible server path disclosure (Unix)

Description

Adequate path names have been found.

Bussines Impact

An attacker could use this to learn the file system architecture out of possession of the affected web server.

Recommendation

Prohibit this information from being displayed to the user.

Reference

https://owasp.org/www-community/attacks/Full_Path_Disclosure

Crossing Scripts – XSS

Injections. SQL Injections. Cross-site Scripting (hence the amazing title “Crossing Scripts – XSS”). There all sorts of Injection-Based attacks, if you want to read about

Read More »