Description In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. Remediation References CVE-1999-0278 Related Vulnerabilities CKEditor Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-26272) ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-1501) PHP Out-of-bounds Read Vulnerability (CVE-2020-7064) Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8902) Joomla! Core Multiple Vulnerabilities (1.5.0 - 3.7.2) Severity Medium Classification CVE-1999-0278 Tags Missing Update Known Vulnerabilities