exploitDog

CVE-2009-4531

Опубликовано: 31 дек. 2009

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

httpdx 1.4.4 and earlier allows remote attackers to obtain the source code for a web page by appending a . (dot) character to the URI.

Ссылки

http://freetexthost.com/eiyfyt0km5
Exploit
URL Repurposed
http://packetstormsecurity.org/0910-exploits/httpdx-disclose.txt
Exploit
http://pocoftheday.blogspot.com/2009/10/httpdx-144-remote-arbitrary-source.html
Exploit
http://secunia.com/advisories/37013
Vendor Advisory
http://www.osvdb.org/58857
https://exchange.xforce.ibmcloud.com/vulnerabilities/53733
http://freetexthost.com/eiyfyt0km5
Exploit
URL Repurposed
http://packetstormsecurity.org/0910-exploits/httpdx-disclose.txt
Exploit
http://pocoftheday.blogspot.com/2009/10/httpdx-144-remote-arbitrary-source.html
Exploit
http://secunia.com/advisories/37013
Vendor Advisory
http://www.osvdb.org/58857
https://exchange.xforce.ibmcloud.com/vulnerabilities/53733

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:jasper:httpdx:*:*:*:*:*:*:*:*

Версия до 1.4.4 (включая)

cpe:2.3:a:jasper:httpdx:1.4:*:*:*:*:*:*:*

cpe:2.3:a:jasper:httpdx:1.4.3:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.07072

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-32cq-h35v-hv9g

github

почти 4 года назад

httpdx 1.4.4 and earlier allows remote attackers to obtain the source code for a web page by appending a . (dot) character to the URI.

EPSS

Процентиль: 91%

0.07072

Низкий

5 Medium

CVSS2

Дефекты

CWE-200