Heat-On HSWeb Web Server 2.0 - Full Path Disclosure
| EKU-ID: 26157 | CVE: CVE-2001-0200;OSVDB-502 | OSVDB-ID: |
| Author: Joe Testa | Published: 2001-02-04 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 26157 | CVE: CVE-2001-0200;OSVDB-502 | OSVDB-ID: |
| Author: Joe Testa | Published: 2001-02-04 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/2336/info Requesting a specially crafted URL will make it possible for a remote attacker to disclose the physical path to the web root and peruse the entire directory listing. http://target/cgi/