CVE-2006-2248 Information

Description

Xeneo Web Server 2.2.22.0 allows remote attackers to obtain the source code of script files via crafted requests containing dot space and slash characters in the file extension.

Reference

http://secunia.com/advisories/19325 http://secunia.com/secunia_research/2006-20/advisory/ http://www.osvdb.org/25283 http://www.securityfocus.com/bid/17858 http://www.vupen.com/english/advisories/2006/1682 https://exchange.xforce.ibmcloud.com/vulnerabilities/26294