CVE-2009-3646

Intervations Navicopa Web Server - Information Disclosure

Title source: rule

Description

InterVations NaviCOPA Web Server 3.01 allows remote attackers to obtain the source code for a web page via an HTTP request with the addition of ::$DATA after the HTML file name.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Dr_IDE · textremotewindows

https://www.exploit-db.com/exploits/9694

View Code ZIP pw:eip

References (4)

[Vendor Advisory] http://secunia.com/advisories/33766

[Exploit] http://www.osvdb.org/58386

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/53278

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/9694

Scores

EPSS 0.0329

EPSS Percentile 87.0%

Classification

CWE

CWE-200

Status draft

Affected Products (1)

intervations/navicopa_web_server

Timeline

Published Oct 09, 2009

Tracked Since Feb 18, 2026