3 matches found
CVE-2001-0986
SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to 1 webinfo, 2 extendedfileinfo, 3 extendedwebinfo, or...
CVE-2001-0986
SQLQHit.asp is a sample component of Microsoft Index Server 2.0 that, when reachable via CiScope values webinfo/extended_fileinfo/extended_webinfo/fileinfo, can disclose directories and file paths on the server. The vulnerability stems from a design/implementation flaw in the SQLQHit CGI that all...
CVE-2001-0986
SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to 1 webinfo, 2 extendedfileinfo, 3 extendedwebinfo, or...