ASP Source Using %20 Trick Network Vulnerability

Summary

It is possible to get the source code of the remote ASP scripts by appending %20 at the end of the request (like GET /default.asp%20) ASP source code usually contains sensitive information such as logins and passwords.

Solution

install all the latest security patches

Severity

Classification

CVE CVE-2001-1248
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

aeNovo Database Content Disclosure Vulnerability
11in1 Cross Site Request Forgery and Local File Include Vulnerabilities
Apache Tomcat TroubleShooter Servlet Installed
Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities
7Media Web Solutions EduTrac Directory Traversal Vulnerability

ASP source using %20 trick

Take action and discover your vulnerabilities