AI Score
Confidence
Low
EPSS
Percentile
75.7%
index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to obtain the full server path via an invalid VDNS_Sessid parameter.
secunia.com/advisories/16370
vegadns.org/src/current/CHANGELOG
www.packetstormsecurity.org/0508-exploits/vegadns-dyn0.txt