P. 1
Untitled

Untitled

|Views: 1,268|Likes:
Published by api-82206812

More info:

Published by: api-82206812 on Jun 16, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

09/28/2013

pdf

text

original

Any area of the Web site or Web application that contains sensitive information or access to
privileged functionality (such as remote site administration) requires the file extension of all
scripts to be checked as it may lead to information disclosure related to the technology used by
the application. The use of certain CGI-related file extensions can indicate certain types of
technology in use, which results in a mild information disclosure. The default list of check
input values is generally applicable, but some sites may legitimately use a certain technology
(such as Perl) and this check may incorrectly elicit false-positive issues in flagging all Perl
extensions (.pl). In such cases, you should remove the legitimate extensions from the list.

Required Input: File extensions of scripts used in the Web application (such as cgi, pl, and py).

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->