CVE-2010-2333
CVE-2010-2333
LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows remote attackers to read the source code of scripts via an HTTP request with a null byte followed by a .txt file extension.
Affected products
n/a · n/apublic PoCs found — 3
githubgithub.com/jmonge12/Home-Network-Vulnerability-Assessment★ 0cve_referencewww.exploit-db.com/exploits/13850unverifiedexploitdbwww.exploit-db.com/exploits/13850unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://osvdb.org/65476http://seclists.org/fulldisclosure/2010/Jun/288http://secunia.com/advisories/40128http://www.exploit-db.com/exploits/13850http://www.litespeedtech.com/latest/litespeed-web-server-4.0.15-released.htmlhttp://www.litespeedtech.com/support/forum/showthread.php?t=4078http://www.securityfocus.com/bid/40815