CVE-2002-1081

The Administration console for Abyss Web Server 1.0.3 allows remote attackers to read files without providing login credentials via an HTTP request to a target file that ends in a "+" character.

Date published : 2003-04-02

http://www.securityfocus.com/bid/5549

http://archives.neohapsis.com/archives/bugtraq/2002-08/0229.html