Family: CGI abuses --> Category: infos
Sitemap.xml File and Directory Enumeration Vulnerability Scan
Vulnerability Scan Summary
Checks for a web server's sitemap.xml
Detailed Explanation for this Vulnerability Test
The remote web server contains a 'sitemap.xml' file.
The Sitemap Protocol allows you to inform search engines about URLs on
your websites that are available for crawling. In its simplest form,
a Sitemap is an XML file that lists URLs for a site.
It has been discovered that many site owners are not building their
Sitemaps through spidering, but by scripted runs on their web root
directory structures. If this is the case, a possible hacker may be able to
use sitemaps to to enumerate all files and directories in the
See also :
Site owners should be wary of automatically generating sitemap.xml
files, and admins should review the contents of there sitemap.xml file
for sensitive material.
Click HERE for more information and discussions on this network vulnerability scan.