File disclosure vulnerability allows the attacker to retrieve arbitrary system files.
Assuming "export.php" is vulnerable to file disclosure and it’s location is in "/www/cgi" directory, using directory traversal, the attacker can retrieve the content of Unix password file:
- Using a whitelist of directories from which files are allowed for download and validate requests based on that list.
- Validate file types requested by users.
- Index files which are allowed for download and pass only their index numbers as the URL parameter values.