4 matches found
CVE-2001-0778
OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source code via a GET request with the URL-encoded symbol for a space %20...
CVE-2001-0778
Affected software: OmniHTTPd (OmniPro HTTPd) up to 2.08. Vulnerability: remote attackers can disclose source code of scripting files by sending a URL with an encoded space (%20); the flaw is not present for CGI directories (cgibin/cgi-win). Impact: information disclosure of script/source files (c...
CVE-2001-0778
OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source code via a GET request with the URL-encoded symbol for a space %20...
OmniHTTPd Encoded Space Request Script Source Disclosure
OmniHTTPd is affected by a vulnerability that permits malicious users to get the full source code of scripting files. By appending an ASCII/Unicode space char '%20' to a script's suffix, the web server will no longer interpret it and instead send it back as a simple document in the same manner as...