Sensitive Server Environment Information Disclosure in BRW WebWeaver 1.03

Sensitive Server Environment Information Disclosure in BRW WebWeaver 1.03

CVE-2003-1235 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

BRW WebWeaver 1.03 allows remote attackers to obtain sensitive server environment information via a URL request for testcgi.exe, which lists the values of environment variables and the current working directory.

Learn more about our Web App Pen Testing.