Back to CVE Browser

CVE-2009-3646

MEDIUM

5.0

CVSS Severity Score

EPSS Score0.1930%

EPSS Percentile9.54th

PublishedOct 9, 2009

Last ModifiedApr 23, 2026

Vulnerability Description

InterVations NaviCOPA Web Server 3.01 allows remote attackers to obtain the source code for a web page via an HTTP request with the addition of ::$DATA after the HTML file name.

Affected Platforms (CPE)

📦

Intervations

Navicopa Web Server

= 3.01

References & Advisories

🔗 http://secunia.com/advisories/33766

🔗 http://www.exploit-db.com/exploits/9694

🔗 http://www.osvdb.org/58386

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/53278

🔗 http://secunia.com/advisories/33766

🔗 http://www.exploit-db.com/exploits/9694

🔗 http://www.osvdb.org/58386

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/53278

Related Vulnerabilities

CVE-2007-23367.8

Unspecified vulnerability in InterVations NaviCOPA Web Server 2.01 20070323 allows remote attackers to cause a denial of service (...

CVE-2006-51127.5

Buffer overflow in InterVations NaviCOPA Web Server 2.01 allows remote attackers to execute arbitrary code via a long HTTP GET req...

CVE-2009-45295.0

InterVations NaviCOPA Web Server 3.0.1.2 and earlier allows remote attackers to obtain the source code for a web page via a traili...

CVE-2009-427310.0

stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command...