Pico Server (pServ) 3.2 and earlier allows remote attackers to obtain the source code for CGI scripts via "dirname/../cgi-bin" in a URL.
Threat-Mapped Scoring
Score: 1.8
Priority: P4 - Informational (Low)
-
S9 – Sabotage of System/App
EPSS
Score: 0.04734
Percentile:
0.88955
CVSS Scoring
CVSS v2 Score: 7.5
Severity:
Affected Products
- cpe:2.3:a:pico_server:pico_server:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:pico_server:pico_server:3.0_beta_3:*:*:*:*:*:*:*
- cpe:2.3:a:pico_server:pico_server:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:pico_server:pico_server:3.2:*:*:*:*:*:*:*
← Back to Home