Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2006-0760

LightTPD 1.4.8 and earlier, when the web root is on a case-insensitive filesystem, allows remote attackers to bypass URL checks and obtain sensitive information via file extensions with unexpected capitalization, as demonstrated by a request for index.PHP when the configuration invokes the PHP interpreter only for ".php" names.

  • Published: Feb 18, 2006
  • Updated: Apr 13, 2023
  • CVE: CVE-2006-0760
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 2.6
  • AV:N/AC:H/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
lighttpd / lighttpd 1.4.3 1.4.3.x
lighttpd / lighttpd 1.2.3 1.2.3.x
lighttpd / lighttpd 1.2.5 1.2.5.x
lighttpd / lighttpd 1.3.6 1.3.6.x
lighttpd / lighttpd 1.3.12 1.3.12.x
lighttpd / lighttpd 1.3.15 1.3.15.x
lighttpd / lighttpd 1.4.1 1.4.1.x
lighttpd / lighttpd 1.2.2 1.2.2.x
lighttpd / lighttpd 1.3.0 1.3.0.x
lighttpd / lighttpd 1.0.3 1.0.3.x
lighttpd / lighttpd 1.4.8 1.4.8.x
lighttpd / lighttpd 1.1.6 1.1.6.x
lighttpd / lighttpd 1.4.4 1.4.4.x
lighttpd / lighttpd 1.1.5 1.1.5.x
lighttpd / lighttpd 1.3.9 1.3.9.x
lighttpd / lighttpd 1.2.4 1.2.4.x
lighttpd / lighttpd 1.3.5 1.3.5.x
lighttpd / lighttpd 1.1.1 1.1.1.x
lighttpd / lighttpd 1.2.8 1.2.8.x
lighttpd / lighttpd 1.3.13 1.3.13.x
lighttpd / lighttpd 1.2.6 1.2.6.x
lighttpd / lighttpd 1.3.4 1.3.4.x
lighttpd / lighttpd 1.4.2 1.4.2.x
lighttpd / lighttpd 1.2.1 1.2.1.x
lighttpd / lighttpd 1.3.14 1.3.14.x
lighttpd / lighttpd 1.1.4 1.1.4.x
lighttpd / lighttpd 1.1.9 1.1.9.x
lighttpd / lighttpd 1.1.3 1.1.3.x
lighttpd / lighttpd 1.4.5 1.4.5.x
lighttpd / lighttpd 1.1.0 1.1.0.x
lighttpd / lighttpd 1.3.3 1.3.3.x
lighttpd / lighttpd 1.3.8 1.3.8.x
lighttpd / lighttpd 1.0.2 1.0.2.x
lighttpd / lighttpd 1.1.7 1.1.7.x
lighttpd / lighttpd 1.2.0 1.2.0.x
lighttpd / lighttpd 1.1.8 1.1.8.x
lighttpd / lighttpd 1.3.11 1.3.11.x
lighttpd / lighttpd 1.3.16 1.3.16.x
lighttpd / lighttpd 1.3.1 1.3.1.x
lighttpd / lighttpd 1.3.10 1.3.10.x
lighttpd / lighttpd 1.1.2 1.1.2.x
lighttpd / lighttpd 1.4.7 1.4.7.x
lighttpd / lighttpd 1.4.6 1.4.6.x
lighttpd / lighttpd 1.2.7 1.2.7.x
lighttpd / lighttpd 1.3.7 1.3.7.x
lighttpd / lighttpd 1.3.2 1.3.2.x
lighttpd / lighttpd 1.4.0 1.4.0.x