header-logo
Suggest Exploit
vendor:
Yaws
by:
SecurityFocus
7.5
CVSS
HIGH
Script Source Disclosure
200
CWE
Product Name: Yaws
Affected Version From: 1.55
Affected Version To: Prior Versions
Patch Exists: YES
Related CWE: N/A
CPE: yaws
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

Yaws Script Source Disclosure Vulnerability

A vulnerability has been reported in Yaws that may result in the disclosure of script files' source code. Information obtained in this manner may be used by the attacker to launch further attacks against a vulnerable system.

Mitigation:

Upgrade to the latest version of Yaws.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/13981/info

A vulnerability has been reported in Yaws that may result in the disclosure of script files' source code.

Information obtained in this manner may be used by the attacker to launch further attacks against a vulnerable system.

Yaws 1.55 and prior versions are affected. 

http://www.example.com/dynamic.yaws%00

Navigation

Suggest Exploit

Services By CQR