Sign in Get started

← All advisories

Unrated severityNVD Advisory· Published Dec 31, 2009· Updated Apr 23, 2026

CVE-2009-4531

CVE-2009-4531

Description

httpdx 1.4.4 and earlier allows remote attackers to obtain the source code for a web page by appending a . (dot) character to the URI.

Affected products

3

Jasper/Httpdx3 versions
cpe:2.3:a:jasper:httpdx:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:jasper:httpdx:*:*:*:*:*:*:*:*range: <=1.4.4
- cpe:2.3:a:jasper:httpdx:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:jasper:httpdx:1.4.3:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

freetexthost.com/eiyfyt0km5nvdExploitURL Repurposed
packetstormsecurity.org/0910-exploits/httpdx-disclose.txtnvdExploit
pocoftheday.blogspot.com/2009/10/httpdx-144-remote-arbitrary-source.htmlnvdExploit
secunia.com/advisories/37013nvdVendor Advisory
www.osvdb.org/58857nvd
exchange.xforce.ibmcloud.com/vulnerabilities/53733nvd

News mentions

0

No linked articles in our index yet.