CVE-2003-0940

2022-10-0316:15:46

mitre

www.cve.org

vulnerability

sap db

web-tools

directory traversal

remote attackers

arbitrary files

url

6.7 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.6%

JSON

Directory traversal vulnerability in sqlfopenc for web-tools in SAP DB before 7.4.03.30 allows remote attackers to read arbitrary files via … (dot dot) sequences in a URL.

References

www.atstake.com/research/advisories/2003/a111703-2.txt