BSR Webweaver 1.33
Author : Usman Saeed , Exploit @ Xc0re Security Research Group.
[*] Date: 15/09/09
[*] http://www.brswebweaver.com/downloads.html
[*] Attack type : Remote
[*] Patch Status : Unpatched
[*] Description : In ISAPI/CGI path is [%installdirectory%/scripts] and through HTTP the alias is [http://[host]/scripts] ,The access security check is that if the attacker tries to access /scripts a 404 Error response occurs ! Now to bypass and check the directory listing [That is if Directory Browsing is allowed in the server Configuration !] just copy and paste the exploit url !.
This is the reason this exploit is not called a Directory Listing Exploit !
[*] Exploitation :
[+] http://[host]/scripts/%bg%ae%bg%ae/.exe