3 matches found
CVE-2001-0224
Muscat Empower CGI program allows remote attackers to obtain the absolute pathname of the server via an invalid request in the DB parameter...
CVE-2001-0224
Muscat Empower CGI program allows remote attackers to obtain the absolute pathname of the server via an invalid request in the DB parameter...
CVE-2001-0224
CVE-2001-0224 affects the Muscat Empower CGI program. A remote attacker can cause disclosure of the server’s absolute pathname via an invalid request in the DB parameter. The issue is demonstrated by a misleading DB parameter in a GET request to the CGI (e.g., GET /cgi-bin/empower?DB=whatever), w...