Apache 2.2.2 - CGI Script Source Code Information Disclosure

Apache 2.2.2 - CGI Script Source Code Information Disclosure source: https://www.securityfocus.com/bid/19447/info Apache is prone to an information-disclosure vulnerability because it fails to properly handle exceptional conditions. An attacker can exploit this issue to retrieve script source cod...

Code injection

jetty 6.0.x jetty6 beta16 allows remote attackers to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations...

CVE-2006-2759

Jetty 6.0.x (jetty6) beta16 has an information-disclosure vulnerability: remote attackers can read the source of JSP files by using a capital P in the .jsp extension (and likely other mixed-case variants). The issue is confirmed across multiple sources (NVD, SUSE, GHSA, OSV, Veracode, PRION, CVE ...

CVE-2006-2759

jetty 6.0.x jetty6 beta16 allows remote attackers to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations...

Ipswitch WhatsUp Professional 2006 - NmConsoleNavigation.asp?sDeviceView Cross-Site Scripting

Ipswitch WhatsUp Professional 2006 - NmConsoleNavigation.asp?sDeviceView Cross-Site Scripting source: https://www.securityfocus.com/bid/17964/info WhatsUp Professional is prone to multiple input-validation vulnerabilities. The issues include remote file-include, information-disclosure, source-cod...

Ipswitch WhatsUp Professional 2006 - NmConsoleToolResults.asp?sHostname Cross-Site Scripting

Ipswitch WhatsUp Professional 2006 - NmConsoleToolResults.asp?sHostname Cross-Site Scripting source: https://www.securityfocus.com/bid/17964/info WhatsUp Professional is prone to multiple input-validation vulnerabilities. The issues include remote file-include, information-disclosure, source-code...

RaidenHTTPD Web server / Quick 'n Easy Web Server / Baby ASP / Blazix Web Server / AN HTTPD / Xeneo scripts source code disclosure

It's possible to retrieve script source code by adding " ./" to request...

[SA19325] Xeneo Web Server Script Source Disclosure Vulnerability

TITLE: Xeneo Web Server Script Source Disclosure Vulnerability SECUNIA ADVISORY ID: SA19325 VERIFY ADVISORY: http://secunia.com/advisories/19325/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: Xeneo Web Server 2.x http://secunia.com/product/69...

Privilege escalation

NetworkActiv Web Server 3.5.15 allows remote attackers to read script source code via a crafted URL with a "/" forward slash after the file extension...

CVE-2006-0815

NetworkActiv Web Server 3.5.15 allows remote attackers to read script source code via a crafted URL with a "/" forward slash after the file extension...

CVE-2006-0815

NetworkActiv Web Server 3.5.15 allows remote attackers to read script source code via a crafted URL with a "/" forward slash after the file extension...

RaidenHTTPD Crafted Request Script Source Disclosure

The remote host is running RaidenHTTPD, a web server for Windows. According to its banner, the version of RaidenHTTPD installed on the remote Windows host fails to properly validate filename extensions in URLs. A remote attacker may be able to leverage this issue to disclose the source of scripts...

[SA19032] RaidenHTTPD Script Source Disclosure Vulnerability

TITLE: RaidenHTTPD Script Source Disclosure Vulnerability SECUNIA ADVISORY ID: SA19032 VERIFY ADVISORY: http://secunia.com/advisories/19032/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: RaidenHTTPD 1.x http://secunia.com/product/4614/...

NetworkActiv Web Server script source code leak

Invalid processing of requests with forward slash character...

Microsoft Internet Information Services (IIS) Multiple Vulnerabilities (Q327696, MS02-062)

Microsoft Internet Information Services IIS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2002 Michael Scheidell Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

DEBIAN-CVE-2005-2008

Yaws Webserver 1.55 and earlier allows remote attackers to obtain the source code for yaws scripts via a request to a yaw script with a trailing %00 null...

CVE-2003-1102

Hummingbird CyberDOCS 3.5, 3.9, and 4.0, when running on IIS, uses insecure permissions for script source code files, which allows remote attackers to read the source code...

Multiple RaidenHTTPD Web Server vulnerabilities

Buffer overflow, script source leak...

GLSA-200502-21 : lighttpd: Script source disclosure

The remote host is affected by the vulnerability described in GLSA-200502-21 lighttpd: Script source disclosure lighttpd uses file extensions to determine which elements are programs that should be executed and which are static pages that should be sent as-is. By appending %00 to the filename, yo...

lighttpd: Script source disclosure

Background lighttpd is a small-footprint, fast, compliant and very flexible web-server which is optimized for high-performance environments. Description lighttpd uses file extensions to determine which elements are programs that should be executed and which are static pages that should be sent...