V4 - Access Control
Directory Listing Enabled
POC
- Use a directory listing tool such as dirsearch
- Look for common directories with the following command:
- dirsearch -e all -t 5 -u
- For one directories, observe that directory listing is enabled which leads to information disclosure.
Impact
Low-Medium
Likelihood
Low