Summary
httpdx is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to view the source code of files in the context of the server process. This may aid in further attacks.
httpdx 1.5 is affected
other versions may be vulnerable as well.
References
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Cherokee Directory Traversal Vulnerability
- HTTP File Server Security Bypass and Denial of Service Vulnerabilities
- Boa Webserver Terminal Escape Sequence in Logs Command Injection Vulnerability
- Apache Tomcat 'sort' and 'orderBy' Parameters Cross Site Scripting Vulnerabilities
- Cross-Site Scripting in Cherokee Error Pages