7 High
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.004 Low
EPSS
Percentile
72.8%
The HTTP service in EServ/3 3.25 allows remote attackers to obtain sensitive information via crafted HTTP requests containing dot, space, and slash characters, which reveals the source code of script files.
secunia.com/advisories/20059
secunia.com/secunia_research/2006-37/advisory/
securityreason.com/securityalert/1006
www.eserv.ru/ru/news/news_detail.php?ID=235
www.securityfocus.com/archive/1/435415/100/0/threaded
www.securityfocus.com/bid/18179
www.vupen.com/english/advisories/2006/2066
exchange.xforce.ibmcloud.com/vulnerabilities/26741