|
Description
|
|
Special characters in URL might be encoded using the %xx encoding. Some attacks use a double encoding to evade signature protection.
This alarm might also be raised in case an URL is passed as a parameter twice, and encoded each time.
|
|
|
|
|
Default
configuration
|
|
|
Profiles
|
High
|
Medium
|
Low
|
Internet
|
|
Action
|
Block
|
Pass
|
Pass
|
Pass
|
|
Alarm Level
|
Minor
|
Minor
|
Ignore
|
Ignore
|
|
|
|
|
|
|
References
|
|
CVE:
CVE-2001-0333
Secunia:
13239
|
|
|
|
|
|
Available since
|
|
ASQ v3.2.0
|
|
|
|
|
|
Protects
|
|
Datalife Engine "dle_config_api" Parameter File Inclusion Vulnerability
|
|
100 last CVE
|
|
CVE-2009-3055
|
