6.2 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
74.4%
HTTP Commander 4.0 allows remote attackers to obtain sensitive information via an HTTP request that contains a . (dot) in the file parameter, which reveals the installation path in an error message.
secunia.com/advisories/10125
www.securityfocus.com/bid/8949