Microsoft IIS Tilde Directory Enumeration
Impact: Medium
Description
In some versions of Microsoft IIS, it is possible to detect the existence of files using an 8.3 short filename (SFN). This vulnerability allows attackers to enumerate and find sensitive files on the web server.
Recommendation
Please read the reference.
References
👉 You might also like:
Blind OS Command Execution - Vulnerability
Blind SQL Injection - Vulnerability
Cross Site Scripting - Vulnerability
Directory Listing of Sensitive Files - Vulnerability
Last updated on May 30, 2023