An: >> An-Httpd >> 1.2b Security Vulnerabilities
AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with (1) dot and (2) space characters in the file extension.
CVSS Score
7.8
EPSS Score
0.008
Published
2006-04-03
AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters.
CVSS Score
7.5
EPSS Score
0.054
Published
1999-11-02