CVE-2001-0986
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
14/09/2001
Last modified:
03/04/2025
Description
SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to (1) webinfo, (2) extended_fileinfo, (3) extended_webinfo, or (4) fileinfo.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:microsoft:index_server:2.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page