RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to view the PHP source code via an HTTP GET request for a filename with a trailing (1) . (dot) or (2) space.

Threat-Mapped Scoring

Score: 1.8

Priority: P4 - Informational (Low)

• S9 – Sabotage of System/App

EPSS

Score: 0.00501
Percentile: 0.64972

CVSS Scoring

Affected Products

• cpe:2.3:a:raidenhttpd:raidenhttpd:1.1.32:*:*:*:*:*:*:*

← Back to Home