Code injection

2007-06-2618:30:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.1%

JSON

Sergey Lyubka Simple HTTPD (shttpd) 1.38 allows remote attackers to obtain sensitive information (script source code) via a URL with a trailing encoded space (%20).

CPENameOperatorVersion
simple_httpdeq1.38

CPE	Name	Operator	Version
	simple_httpd	eq	1.38

References

osvdb.org/37732

secunia.com/advisories/25809

securityreason.com/securityalert/2832

www.securityfocus.com/archive/1/472190/100/0/threaded

www.securityfocus.com/bid/24618

exchange.xforce.ibmcloud.com/vulnerabilities/35038