6 matches found
LiteSpeed Source Code Disclosure/Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LiteSpeed Source Code Disclosure/Download', 'Description' = %q This module exploits a source code disclosure/download vulnerability in versions...
http-litespeed-sourcecode-download NSE Script
Exploits a null-byte poisoning vulnerability in Litespeed Web Servers 4.0.x before 4.0.15 to retrieve the target script's source code by sending a HTTP request with a null byte followed by a .txt file extension CVE-2010-2333. If the server is not vulnerable it returns an error 400. If index.php i...
LiteSpeed < 4.0.15 Information Disclosure Vulnerability - Active Check
LiteSpeed Web Server is prone to a vulnerability that lets attackers access source code files. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-lat...
LiteSpeed Source Code Disclosure/Download
This module exploits a source code disclosure/download vulnerability in versions 4.0.14 and prior of LiteSpeed. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LiteSpeed Source Code...
CVE-2010-2333
LiteSpeed Web Server 4.0.x prior to 4.0.15 is affected by CVE-2010-2333: an HTTP request containing a null byte followed by .txt can disclose the source code of scripts. This vulnerability enables an attacker to read server-side script sources, potentially exposing sensitive information. Impact i...
CVE-2010-2333
creationtimestamp| type| source ---|---|--- 2010-06-13 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/13850 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/litespeedsourcedisclosure.rb 2025-02-06...