GoAhead Web Server 2.1.7 and previous versions allows remote malicious users to obtain the source code of ASP files via a URL terminated with a /, \, %2f (encoded /), %20 (encoded space), or %00 (encoded null) character, which returns the ASP source code unparsed.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
goahead software goahead webserver 2.1.2 |
||
goahead software goahead webserver 2.1.3 |
||
goahead software goahead webserver 2.0 |
||
goahead software goahead webserver 2.1.6 |
||
goahead software goahead webserver 2.1.7 |
||
goahead software goahead webserver 2.1 |
||
goahead software goahead webserver 2.1.1 |
||
goahead software goahead webserver 2.1.4 |
||
goahead software goahead webserver 2.1.5 |