SQL Dump Files Disclosed via Web Server

medium Nessus Plugin ID 55640

Synopsis

The remote web server hosts publicly accessible SQL dump files.

Description

The remote web server hosts publicly available files that contain SQL instructions. These files are most likely database dumps and may contain sensitive information.

Solution

Make sure that such files do not contain any confidential or otherwise sensitive information and that they are only accessible to those with valid credentials.

Plugin Details

Severity: Medium

ID: 55640

File Name: web_accessible_sql_files.nasl

Version: 1.4

Type: remote

Family: CGI abuses

Published: 7/21/2011

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N