Описание
Directory traversal vulnerability in jretest.html in WebConnect 6.5 and 6.4.4, and possibly earlier versions, allows remote attackers to read keys within arbitrary INI formatted files via "..//" sequences in the WCP_USER parameter.
Directory traversal vulnerability in jretest.html in WebConnect 6.5 and 6.4.4, and possibly earlier versions, allows remote attackers to read keys within arbitrary INI formatted files via "..//" sequences in the WCP_USER parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-0465
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19394
- http://marc.info/?l=bugtraq&m=110910838600145&w=2
- http://secunia.com/advisories/14006
- http://www.cirt.dk/advisories/cirt-29-advisory.pdf
- http://www.kb.cert.org/vuls/id/628411
- http://www.kb.cert.org/vuls/id/JSHA-69HVPK
EPSS
Процентиль: 96%
0.22387
Средний
CVE ID
Связанные уязвимости
nvd
больше 20 лет назад
Directory traversal vulnerability in jretest.html in WebConnect 6.5 and 6.4.4, and possibly earlier versions, allows remote attackers to read keys within arbitrary INI formatted files via "..//" sequences in the WCP_USER parameter.
EPSS
Процентиль: 96%
0.22387
Средний