source: https://www.securityfocus.com/bid/39544/info HTTP File Server is prone to multiple vulnerabilities including a security-bypass issue and a denial-of-service issue. Exploiting these issues will allow an attacker to download files from restricted directories within the context of the application or cause denial-of-service conditions. http://www.example.com/protected_folder/secret_file.txt%00 http://www.example.com/?search=%25%25