Joomla! Issue Tracker - CMS

Download
Launch
Feeling Lucky

[#32543] - Directory Listing

? Pending

User tests: Successful: Unsuccessful:

avatar ErvisTusha
ErvisTusha
27 Feb 2021

CWE-548: Exposure of Information Through Directory Listing

https://cwe.mitre.org/data/definitions/548.html

avatar ErvisTusha ErvisTusha - open - 27 Feb 2021
avatar ErvisTusha ErvisTusha - change - 27 Feb 2021
Status New Pending
avatar joomla-cms-bot joomla-cms-bot - change - 27 Feb 2021
Category Administration com_admin SQL Postgresql MS SQL
avatar brianteeman
brianteeman - comment - 27 Feb 2021

Thank you for your first (public) pull request to joomla. Good to see that you are still checking joomla. I will let the maintainers explain why the files were removed

avatar Bakual
Bakual - comment - 28 Feb 2021

Imho the index.html files were removed because this is actually a server confguration issue. The index files just were a bandaid around a misconfigured server. Nowadays servers should have directory listing disabled by default and we should not be needed to ship >1000 empty index.html files.

avatar HLeithner
HLeithner - comment - 28 Feb 2021

As Thomas said, I don't believe that they come back. Anyway thanks for your contribution.

Releated PR #3788

avatar HLeithner HLeithner - change - 28 Feb 2021
Status Pending Closed
Closed_Date 0000-00-00 00:00:00 2021-02-28 08:12:06
Closed_By HLeithner
Labels Added: ?
avatar HLeithner HLeithner - close - 28 Feb 2021
avatar ErvisTusha
ErvisTusha - comment - 28 Feb 2021

intitle:"index of /" inurl:components/com_banners/

avatar brianteeman
brianteeman - comment - 28 Feb 2021

Interestingly the first of those that I came across had an index.html and yet still displayed the folder. I guess you really can't fix bad hosting

https://www.heliciculture.net/components/com_banners/models/
image

Add a Comment

Login with GitHub to post a comment