CWE-548 - Exposure of Information Through Directory Listing
- 摘要:Variant
- 结构:Simple
- 状态:Draft
- 发布日期:2006-07-19
- 更新日期:2026-04-30
名称
Exposure of Information Through Directory Listing
描述
The product inappropriately exposes a directory listing with an index of all the resources located inside of the directory.
常见后果
范围:Confidentiality
影响:Read Files or Directories
注释:Exposing the contents of a directory can lead to an attacker gaining access to source code or providing useful information for the attacker to devise exploits, such as creation times of files or any information that may be encoded in file names. The directory listing may also compromise private or confidential data.