This script is Copyright (C) 2002-2016 David Kyger
affected by an information disclosure vulnerability.
The installed version of Nombas ScriptEase Web Server Edition for
NetWare on the remote host fails to sanitize input to the 'sewse.nlm'
page and associated 'viewcode.jse' script before using it to display
the source code of a file.
By passing in a specially crafted URL argument, an attacker can view
the contents of files, even files outside the web root. This can lead
to disclosure of sensitive information from the affected host, such as
the RCONSOLE password located in AUTOEXEC.NCF.
See also :
Remove all sample scripts from the web server.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : true