GoAheaad WebServer - Source Code Disclosure
This is a writeup describing a source code disclosure vulnerability in GoAhead WebServer 2.18 and earlier on Windows. The vulnerability allows an attacker to append a '.' or '%20' to a URL to disclose the source code of requested files.