6 matches found
Nginx Source Code Disclosure/Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nginx Source Code Disclosure/Download', 'Description' = %q This module exploits a source code disclosure/download vulnerability in versions 0.7 a...
nginx < 0.7.66 / 0.8.x < 0.8.40 Information Disclosure
According to the self-reported version in its response header, the version of nginx hosted on the remote web server is less than 0.7.66 or 0.8.x prior to 0.8.40. It is, therefore, affected by a source code information disclosure vulnerability as noted in the vendor advisory. %NASLMINLEVEL 70300 C...
CVE-2010-2263
nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI...
CVE-2010-2263
CVE-2010-2263 is an information-disclosure vulnerability in nginx where, on Windows, an attacker can obtain source code or unparsed files from the web root by appending ::$DATA to the URI. Affected: nginx 0.7.x before 0.7.66 and 0.8.x before 0.8.40. The issue is fixed in 0.7.66 and 0.8.40 release...
Vulnerabilities with Windows file default stream
Vulnerabilities with Windows file default stream Severity: major CVE-2010-2263 Not vulnerable: 0.8.40+, 0.7.66+ Vulnerable: nginx/Windows 0.7.52-0.8.39...
nginx <= 0.8.36 Remote Source Code Disclosure and DoS Vulnerabilities
nginx is prone to remote source code disclosure and denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE ...