Vulnerability Details CVE-2006-2248
Xeneo Web Server 2.2.22.0 allows remote attackers to obtain the source code of script files via crafted requests containing dot, space, and slash characters in the file extension.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.7%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/19325
- http://secunia.com/secunia_research/2006-20/advisory/
- http://www.osvdb.org/25283
- http://www.securityfocus.com/bid/17858
- http://www.vupen.com/english/advisories/2006/1682
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26294
- http://secunia.com/advisories/19325
- http://secunia.com/secunia_research/2006-20/advisory/
- http://www.osvdb.org/25283
- http://www.securityfocus.com/bid/17858
- http://www.vupen.com/english/advisories/2006/1682
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26294
Products affected by CVE-2006-2248
-
cpe:2.3:a:northern_solutions:xeneo_web_server:2.2.22.0