CVE-2008-0410
HTTP File Server (HFS) before 2.2c allows remote attackers to obtain configuration and usage details by using an id element such as <id>%version%</id> in HTTP Basic Authentication instead of a username and password, as demonstrated by placing this id element in the userinfo subcomponent of a URL.Enginsight
Vendor | Product | Version |
---|---|---|
hfs | http_file_server | 𝑥 ≤ 2.2b |
Common Weakness Enumeration