CVE-2001-0760

Citrix Nfuse 1.51 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0760. PoCs published by sween.

AI-analyzed exploit summary The exploit describes an information leakage vulnerability in Citrix Nfuse where an attacker can discover the webroot by submitting a malformed request to the launcher application. The vulnerability is noted to be unreliable in replication.

Description

Citrix Nfuse 1.51 allows remote attackers to obtain the absolute path of the web root via a malformed request to launch.asp that does not provide the session field.

Exploits (1)

exploitdb WRITEUP VERIFIED
by sween · textwebappsasp
https://www.exploit-db.com/exploits/20987

The exploit describes an information leakage vulnerability in Citrix Nfuse where an attacker can discover the webroot by submitting a malformed request to the launcher application. The vulnerability is noted to be unreliable in replication.

Classification
Writeup 80%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: Citrix Nfuse (version not specified)
No auth needed
Prerequisites: Access to the target web server hosting Citrix Nfuse
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/2956
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/6786
Vendor Advisory mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/194449
Vendor Advisory mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/194522

Scores

EPSS 0.0360
EPSS Percentile 88.1%

Details

Status published
Products (1)
citrix/nfuse 1.51
Published Oct 18, 2001
Tracked Since Feb 18, 2026