CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2009-4530
https://notcve.org/view.php?id=CVE-2009-4530
31 Dec 2009 — Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by appending ::$DATA to the URI. Mongoose v2.8.0 y anteriores permite a atacantes remotos obtener el código fuente de una página web añadiendo ::$DATA a la URI. • http://packetstormsecurity.org/0910-exploits/mongoose-disclose.txt • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 4CVE-2009-4535 – Mongoose Web Server 2.8 - Source Disclosure
https://notcve.org/view.php?id=CVE-2009-4535
31 Dec 2009 — Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by appending a / (slash) character to the URI. Mongoose v2.8.0 y anteriores permite a atacantes remotos obtener el código fuente de una página web añadiendo un carácter / (barra) a la URI. • https://www.exploit-db.com/exploits/9897 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 2CVE-2009-1354 – MonGoose 2.4 (Windows) - WebServer Directory Traversal
https://notcve.org/view.php?id=CVE-2009-1354
21 Apr 2009 — Directory traversal vulnerability in Mongoose 2.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. Vulnerabilidad de salto de directorio en Mongoose v2.4 permite a atacantes remotos leer ficheros de forma arbitraria a través de .. (punto punto) en el URI. • https://www.exploit-db.com/exploits/8428 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •