Pico Server (pServ) 3.2 and earlier allows remote attackers to obtain the source code for CGI scripts via "dirname/../cgi-bin" in a URL.
Software | From | Fixed in |
---|---|---|
pico_server / pico_server | 3.0 | 3.0.x |
pico_server / pico_server | 3.0_beta_3 | 3.0_beta_3.x |
pico_server / pico_server | 3.1 | 3.1.x |
pico_server / pico_server | 3.2 | 3.2.x |