CVE: CVE-2002-1603

Export to Word

GoAhead Web Server 2.1.7 and earlier allows remote attackers to obtain the source code of ASP files via a URL terminated with a /, \, %2f (encoded /), %20 (encoded space), or %00 (encoded null) character, which returns the ASP source code unparsed.

Threat-Mapped Scoring

Score: 1.8

Priority: P4 - Informational (Low)

S9 – Sabotage of System/App

EPSS

Score: 0.31103
Percentile: 0.96536

CVSS Scoring

CVSS v2 Score: 5.0

Severity:

Affected Products

cpe:2.3:a:goahead_software:goahead_webserver:2.0:*:*:*:*:*:*:*
cpe:2.3:a:goahead_software:goahead_webserver:2.1:*:*:*:*:*:*:*
cpe:2.3:a:goahead_software:goahead_webserver:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:goahead_software:goahead_webserver:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:goahead_software:goahead_webserver:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:goahead_software:goahead_webserver:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:goahead_software:goahead_webserver:2.1.5:*:*:*:*:*:*:*
cpe:2.3:a:goahead_software:goahead_webserver:2.1.6:*:*:*:*:*:*:*
cpe:2.3:a:goahead_software:goahead_webserver:2.1.7:*:*:*:*:*:*:*

← Back to Home