Piwik Detected

Severity: Information

Summary#

Invicti detected Piwik, a web-based statistics software.

This information can help an attacker gain a greater understanding of the systems in use and potentially to develop further attacks.

Impact#

An attacker can search for specific security vulnerabilities for the version of Piwik identified. More importantly, Piwik discloses too much information about hidden pages (config, administration etc.).

Remediation#

Configure your web server to prevent information leakage from the Piwik directory by implementing access control mechanisms to stop public access.

Classifications#

CAPEC-224, WASC-45, CWE-205, ISO27001-A.14.2.5, OWASP 2017-A6

Select Category

Critical
High
Medium
Low
Best Practice
Information

Search Vulnerability

Related Vulnerabilities

Piwik Detected

Related Articles

Build your resistance to threats. And save hundreds of hours each month.