WS_FTP Log Found


Kayran has detected a WS_FTP.LOG, which is a file created when using an FTP client called WS_FTP.
When people use WS_FTP to upload files to their website, they sometimes forget that, along with other files, WS_FTP.LOG file may be uploaded to the webserver, which makes it accessible and visible to anyone.

Since this file contain sensitive information regarding file meant to be hidden and their locations and directories found on the web root, as well as information about usernames and hostnames used in the site to enact certain actions.
In short, such vulnerability may lead to Information Disclosure, assisting attackers to conduct attacks against your assets.


Make sure this file, and other similar ones, are being either removed from your site. If removing them is not optional, access to them should be limited to authorized persons only.


< Return to all Vulnerabilities