Vulnerability Details CVE-2009-3646
InterVations NaviCOPA Web Server 3.01 allows remote attackers to obtain the source code for a web page via an HTTP request with the addition of ::$DATA after the HTML file name.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.033
EPSS Ranking 86.7%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/33766
- http://www.exploit-db.com/exploits/9694
- http://www.osvdb.org/58386
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53278
- http://secunia.com/advisories/33766
- http://www.exploit-db.com/exploits/9694
- http://www.osvdb.org/58386
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53278
Products affected by CVE-2009-3646
-
cpe:2.3:a:intervations:navicopa_web_server:3.01