- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 20467
- Проверка EDB
-
- Пройдено
- Автор
- CHINA NSL
- Тип уязвимости
- REMOTE
- Платформа
- MULTIPLE
- CVE
- null
- Дата публикации
- 2000-12-05
Код:
source: https://www.securityfocus.com/bid/2061/info
A vulnerability exists in version 3.0 of Ultrseek server (aka Inktomi Search).
Due to a failure to properly validate user-supplied input, URLs submitted by a remote user of the form:
http://target:8765/somefile.html/
will return the source to 'somefile.html'.
As a result, it is possible for an attacker to obtain source code to any Ultraseek scripts, which could be used to support further attacks.
- Источник
- www.exploit-db.com