VULHUB ™

It has been reported that version 1.0.2 of KF Web Server discloses the contents of directories when a certain character is present in the URL. If a remote attacker appends the "%00" character, it will cause the web server to display the contents of the current directory.

It has been reported that version 1.0.2 of KF Web Server discloses the contents of directories when a certain character is present in the URL. If a remote attacker appends the "%00" character, it will cause the web server to display the contents of the current directory.