VULHUB ™

Nombas ScriptEase:Webserver Edition is designed to allow the development of web based applications in Javascript. It includes the ability to execute Javascript code in response to CGI requests, and support for developer features such as remote debugging. Default scripts included with ScriptEase:Webserver Edition allows remote users to disclose arbitrary files residing on a host. The file to view is passed as a parameter in a specially crafted URL. Additionally, ../ directory traversal allows an attacker to view any file on the web server. Currently 'viewcode.jse' and 'comment2.jse' have been known to exploit this issue.

Nombas ScriptEase:Webserver Edition is designed to allow the development of web based applications in Javascript. It includes the ability to execute Javascript code in response to CGI requests, and support for developer features such as remote debugging. Default scripts included with ScriptEase:Webserver Edition allows remote users to disclose arbitrary files residing on a host. The file to view is passed as a parameter in a specially crafted URL. Additionally, ../ directory traversal allows an attacker to view any file on the web server. Currently 'viewcode.jse' and 'comment2.jse' have been known to exploit this issue.