====== Common File Name Vulnerability ======

Easily "guessable" file or application structures lead to possible compromises.  For example, placing your admin section in an /admin/ directory (URI) makes your application an easier target for [[security:attack:cgi_scanning|CGI]] or [[security:attack:directory_scanning|directory]] scanning.

===== Exploits =====

  * [[security:attack:cgi_scanning|CGI Scanning Attack]]
  * [[security:attack:directory_scanning|Directory Scanning Attack]]
  * May also apply to a [[security:shared host or compromised system]] using a [[security:attack:file system scanning]].

===== Additional Information =====

  * [[http://www.cirt.net/code/nikto.shtml|Nikto]]
  * See [[security:web_application_security|web application security]] and [[catalog|security vulnerabilities catalog]].