LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows remote attackers to read the source code of scripts via an HTTP request with a null byte followed by a .txt file extension.
Software | From | Fixed in |
---|---|---|
litespeedtech / litespeed_web_server | 4.0 | 4.0.x |
litespeedtech / litespeed_web_server | 4.0.1 | 4.0.1.x |
litespeedtech / litespeed_web_server | 4.0.10 | 4.0.10.x |
litespeedtech / litespeed_web_server | 4.0.11 | 4.0.11.x |
litespeedtech / litespeed_web_server | 4.0.12 | 4.0.12.x |
litespeedtech / litespeed_web_server | 4.0.13 | 4.0.13.x |
litespeedtech / litespeed_web_server | 4.0.14 | 4.0.14.x |
litespeedtech / litespeed_web_server | 4.0.2 | 4.0.2.x |
litespeedtech / litespeed_web_server | 4.0.3 | 4.0.3.x |
litespeedtech / litespeed_web_server | 4.0.4 | 4.0.4.x |
litespeedtech / litespeed_web_server | 4.0.5 | 4.0.5.x |
litespeedtech / litespeed_web_server | 4.0.6 | 4.0.6.x |
litespeedtech / litespeed_web_server | 4.0.7 | 4.0.7.x |
litespeedtech / litespeed_web_server | 4.0.8 | 4.0.8.x |
litespeedtech / litespeed_web_server | 4.0.9 | 4.0.9.x |