Directory listing is a web server function that displays a list of all the files when there is no index file, such as index.php and default.asp in a specific website directory.
Some web administrators do not properly configure web servers to disable the Directory Listing or sometimes do not do it at all.
For instance, administrators may make complex configuration settings, such as to allow directory listing for particular directories or subdirectories. The improper configuration of this task might result in the unexpected and unintended enabling of listing of directories which contain sensitive information.
A user can view a list of all files from this directory, possibly exposing sensitive information.