Source code often contains some form of sensitive information. It may be configuration-related information (e.g. database credentials) or simply information about how the web application works. If source code files are disclosed, an attacker may potentially use such information to discover logical flaws
description :
The website could have a custom specialized download page which allows users to download content. If vulnerable to source code disclosure, that page could be used to extract source code and configuration files.
