6.8 Medium
AI Score
Confidence
Low
0.032 Low
EPSS
Percentile
91.2%
Xerver 4.17 allows remote attackers to (1) obtain source code of scripts via a request with a trailing “.” (dot) or (2) list directory contents via a trailing null character.
secunia.com/advisories/17243
securitytracker.com/id?1015079
www.osvdb.org/20075
www.osvdb.org/20076
www.securityfocus.com/bid/15135
exchange.xforce.ibmcloud.com/vulnerabilities/22785
exchange.xforce.ibmcloud.com/vulnerabilities/22786