CVE-2007-6314

BarracudaDrive Web Server before 3.8 allows remote attackers to read the source code for web scripts by appending a 1 + plus, 2 . dot, or 3 %80 and similar characters to the file name in the URL...

CVE-2007-6314

BarracudaDrive Web Server before 3.8 is vulnerable to information disclosure: remote attackers can read the source code of web scripts by manipulating the file name in the URL (e.g., adding a +, a dot, or %80). Affected product: BarracudaDrive Web Server. Root cause is improper URL handling allow...

LiteSpeed Web Server <= 3.2.3 Remote Source Code Disclosure Vuln

No description provided by source. | | |--.-----.| .-----.' |.---.-.----.-----.--| | | | | | -|| -- | -| || | | -| | || |||||/||| |.||||...

Litespeed Web Server 3.2.3 - Source Code Disclosure

Litespeed Web Server 3.2.3 - Source Code Disclosure | | |--.-----.| .-----.' |.---.-.----.-----.--| | | | | | -|| -- | -| || | | -| | || |||||/||| |.|||| TheDefaced.org TheDefaced Security Team Presents An 0-day. LiteSpeed Remote Mime Type Injection Discovered by:Tr3mbl3r Shouts to his kitty kats...

LiteSpeed Web Server <= 3.2.3 Remote Source Code Disclosure Vuln

Exploit for multiple platform in category remote exploits ================================================================ LiteSpeed Web Server = 3.2.3 Remote Source Code Disclosure Vuln ================================================================ | | |--.-----.| .-----.'...

Design/Logic Flaw

StaticFileHandler.cs in System.Web in Mono before 1.2.5.2, when running on Windows, allows remote attackers to obtain source code of sensitive files via a request containing a trailing 1 space or 2 dot, which is not properly handled by XSP...

SHTTPD V1.38 server source code disclosure

SHTTPD V1.38 server source code disclosure ------------------------------------ link:http://shttpd.sourceforge.net/ info: The vulnerability is caused due to a parser error of the filename extension supplied by the user in the URL. This can be exploited to retrieve the source code of script files...

MyServer-0.8.9 - source code disclosure

The vulnerability is caused due to a parser error of the filename extension supplied by the user in the URL. This can be exploited to retrieve the source code of script files. Found By:Shay Priel aka Prili site: http://www.myserverproject.net/ poc: ---- http://localhost/cgi-bin/post.mscgI I -...

PHP 4.4.6 - &#039;cpdf_open()&#039; Local Source Code Disclosure

?php / PHP 4.4.6 cpdfopen source code disclosure poc by rgod site: http://retrogod.altervista.org to be launched from the cli this will show as output something like this: ClibPDF: Cannot open A 11111$mypasswordis="suntzu";newline $mypasswordis="suntzu";etc... for PDF output X-Powered-By: PHP/4.4...

PHP 4.4.6 cpdf_open() Local Source Code Discslosure PoC

Exploit for multiple platform in category local exploits ======================================================= PHP 4.4.6 cpdfopen Local Source Code Discslosure PoC ======================================================= ?php / PHP 4.4.6 cpdfopen source code disclosure poc by rgod site:...

Directory traversal

include/debug.php in Webfwlog 0.92 and earlier, when registerglobals is enabled, allows remote attackers to obtain source code of files via the conffile parameter. NOTE: some of these details are obtained from third party information. It is likely that this issue can be exploited to conduct...

CVE-2007-0585

include/debug.php in Webfwlog 0.92 and earlier, when registerglobals is enabled, allows remote attackers to obtain source code of files via the conffile parameter. NOTE: some of these details are obtained from third party information. It is likely that this issue can be exploited to conduct...

CVE-2007-0585

CVE-2007-0585 concerns Webfwlog before 0.92: when register_globals is on, remote attackers can request conffile parameters via include/debug.php to obtain source code of files, with potential directory traversal implications. The connected documents corroborate the description but do not provide ...

iDefense Security Advisory 01.09.07: Adobe Macromedia ColdFusion Source Code Disclosure Vulnerability

Adobe Macromedia ColdFusion Source Code Disclosure Vulnerability iDefense Security Advisory 01.09.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 09, 2007 I. BACKGROUND Adobe Macromedia ColdFusion is an application server and development framework for websites. More information is...

PHP Advanced Transfer Manager &lt;= 1.30 Source Code Disclosure Exploit

No description provided by source. ? / ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+ +:+:+ +:...

CVE-2006-6104

CVE-2006-6104 affects the Mono platform’s XSP/ASP.NET server. The System.Web class does not properly verify local pathnames, allowing remote attackers to read sensitive content: source code by appending a space to a URI, and Web.Config via a Web.Config%20 request. The vulnerability lies in Mono 1...

CVE-2006-6104

The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to 1 read source code by appending a space %20 to a URI, and 2 read credentials via a request for Web.Config%20...

PHP Advanced Transfer Manager 1.30 - Source Code Disclosure

PHP Advanced Transfer Manager 1.30 - Source Code Disclosure DEVIL TEAM IRC: irc.milw0rm.com:6667 devilteam http://www.rahim.webd.pl/ ======== Contact: [email protected] -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Greetings DragonHeart and all DEVIL TEAM Patriots ...

PHP Advanced Transfer Manager <= 1.30 Source Code Disclosure Exploit

Exploit for unknown platform in category web applications ==================================================================== PHP Advanced Transfer Manager = 1.30 Source Code Disclosure Exploit ==================================================================== ? / ::::::::: :::::::::: ::: :::...

cwmExplorer 1.0 &#40;show_file&#41; Source Code Disclosure Vulnerability

Title : cwmExplorer 1.0 showfile Source Code Disclosure Vulnerability Author : ajann Contact : : ERROR------------------------------------------------------ .... .. $datei = "dirs/".$d."/".$GETshowfile; .... .. ERROR--------------------------------------------------------- Example:...