Bugtraq mailing list archives
HTTP SERVER (httpsv1.6.2) source code disclosure
From: imprili () gmail com
Date: 20 Jun 2007 20:17:37 -0000
HTTP SERVER (httpsv1.6.2) source code disclosure http://httpsv.sourceforge.net/ The vulnerability is caused due to a parser error of the filename extension supplied by the user in the URL. This can be exploited to retrieve the source code of script files. POC: http://127.0.0.1/test.htm%20 Bug Found By: Prili - imprili[at]gmail.com
Current thread:
- HTTP SERVER (httpsv1.6.2) source code disclosure imprili (Jun 20)