HTTP SERVER (httpsv1.6.2) source code disclosure
http://httpsv.sourceforge.net/
The vulnerability is caused due to a parser error of the filename extension supplied by the user in the URL.
This can be exploited to retrieve the source code of script files.
http://httpsv.sourceforge.net/
The vulnerability is caused due to a parser error of the filename extension supplied by the user in the URL.
This can be exploited to retrieve the source code of script files.
POC: http://127.0.0.1/test.htm%20
Bug Found By: Prili - imprili[at]gmail.com
[ reply ]