Search for vulnerabilities
| Vulnerability ID | VCID-w5q8-zw8t-t3he |
| Aliases |
CVE-2010-2263
|
| Summary | nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI. |
| Status | Published |
| Exploitability | None |
| Weighted Severity | None |
| Risk | None |
| Affected and Fixed Packages | Package Details |
| There are no known CWE. |
| System | Score | Found at |
|---|---|---|
| epss | 0.44217 | https://api.first.org/data/v1/epss?cve=CVE-2010-2263 |
| Reference id | Reference type | URL |
|---|---|---|
| https://api.first.org/data/v1/epss?cve=CVE-2010-2263 | ||
| CVE-2010-2263 | https://nvd.nist.gov/vuln/detail/CVE-2010-2263 | |
| CVE-2010-2263;OSVDB-65531 | Exploit | https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13822.txt |
| CVE-2010-2266;CVE-2010-2263;OSVDB-65531;OSVDB-65530 | Exploit | https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13818.txt |
| Data source | Exploit-DB |
|---|---|
| Date added | June 10, 2010 |
| Description | Nginx 0.8.36 - Source Disclosure / Denial of Service |
| Ransomware campaign use | Known |
| Source publication date | June 11, 2010 |
| Exploit type | remote |
| Platform | windows |
| Percentile | 0.97609 |
| EPSS Score | 0.44217 |
| Published At | May 29, 2026, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2026-05-29T17:10:35.212389+00:00 | Debian Importer | Import | https://security-tracker.debian.org/tracker/data/json | 38.6.0 |