Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Apache HTTP Server Source Code Disclosure - Vulnerability Database

Apache HTTP Server Source Code Disclosure

Description

Due to a flaw in Apache HTTP Server, an attacker can read the source code of web application by sending a specially crafted request.

Remediation

Upgrade to the latest version of Apache HTTP Server.

References

Apache 0day bug, which still nobody knows of, and which was fixed accidentally

Related Vulnerabilities

Apache 2.x version older than 2.0.43 Medium
Common tags: Source Code Disclosure
CVS Detected Medium
Common tags: Source Code Disclosure
Source Code Disclosure Medium
Common tags: Source Code Disclosure
Configuration file source code disclosure High
Common tags: Source Code Disclosure
Tornado debug mode Medium
Common tags: Source Code Disclosure

Severity

Medium

Classification

CWE-540
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Tags

Source Code Disclosure