Full title: Boa Web Server 0.94.13 / 0.94.14 Authentication Bypass Exploit 
Category: web applications
Platform: linux
Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism.

# 0day.today @ http://0day.today/