- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 24164
- Проверка EDB
-
- Пройдено
- Автор
- ZIV KAMIR
- Тип уязвимости
- WEBAPPS
- Платформа
- CGI
- CVE
- cve-2004-2636
- Дата публикации
- 2004-06-01
Код:
source: https://www.securityfocus.com/bid/10445/info
TinyWeb Server is affected by an unauthorized script disclosure vulnerability. This issue is due to an input validation error that allows malicious users to bypass standard web server rules.
This issue will allow an attacker to download or view scripts residing in the 'cgi-bin' directory.
This issue is reported to affect TinyWeb 1.92, it is likely that other versions are also vulnerable.
http://www.example.com/./cgi-bin/targetfile
- Источник
- www.exploit-db.com