Elmah Exposure

Name: SecApps
Rating: 4.50 (6895 reviews)

The elmah AXD log file was found.

Elmah AXD is a file used by the elmah logging library. By default, it is exposed. This makes it available to anyone that knows the URL.

Impact

An attacker may be able to retrieve sensitive information such as cookie values, request parameters and other sensitive artifacts.

Do not expose elmah AXD file.

Was this page helpful?