bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/windows/remote/23446.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

13 lines
No EOL
659 B
Text
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/9239/info
A vulnerability in GoAhead webserver may result in the disclosure of the source code of ASP script files. The vulnerability occurs because the application fails to sanitize HTTP requests.
An attacker can append certain characters to the end of an HTTP request for a specific ASP file. As a result, GoAhead webserver will disclose the contents of the requested ASP script file to the attacker.
This issue affects GoAhead 2.1.7 and earlier.
http://www.example.com/asp.asp%00
http://www.example.com/asp.asp%2f
http://www.example.com/asp.asp%5c
http://www.example.com/asp.asp/
http://www.example.com/asp.asp
Reference in a new issue View git blame Copy permalink