9 lines
No EOL
499 B
Text
9 lines
No EOL
499 B
Text
source: http://www.securityfocus.com/bid/10445/info
|
|
|
|
TinyWeb Server is affected by an unauthorized script disclosure vulnerability. This issue is due to an input validation error that allows malicious users to bypass standard web server rules.
|
|
|
|
This issue will allow an attacker to download or view scripts residing in the 'cgi-bin' directory.
|
|
|
|
This issue is reported to affect TinyWeb 1.92, it is likely that other versions are also vulnerable.
|
|
|
|
http://www.example.com/./cgi-bin/targetfile |