CVE-2009-4530 Information

Description

Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by appending ::$DATA to the URI.

Reference

http://packetstormsecurity.org/0910-exploits/mongoose-disclose.txt http://secunia.com/advisories/36934