Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbTamer SahinEDB-ID:21475
HistoryMay 24, 2002 - 12:00 a.m.

LocalWEB2000 2.1.0 Standard - File Disclosure

2002-05-2400:00:00
Tamer Sahin
www.exploit-db.com
15

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/4820/info

A vulnerability exists in LocalWEB2000 related to content password protection. It is possible to have LocalWEB2000 treat files as unprotected by requesting them as files within the '.' (current) directory. If the file http://server/file.txt is set to be password protected, the protection will be bypassed if a request is made for http://server/./file.txt. This is likely due to a design error in the protection component.

This vulnerability was reported for LocalWEB2000 Standard Version 2.1.0. Other versions (such as the Professional Edition) may also be affected by this issue. 

http://target/./protectedfolder/protectedfile.htm

Related

nvd 1
cve 1
cvelist 1
nessus 1
openvas 1
nvd
nvd
CVE-2002-0897
2002-10-04 04:00:00
cve
cve
CVE-2002-0897
2003-04-02 05:00:00
cvelist
cvelist
CVE-2002-0897
2003-04-02 05:00:00
nessus
nessus
LocalWeb2000 2.1.0 Multiple Remote Vulnerabilities
2002-06-05 00:00:00
openvas
openvas
LocalWeb2000 <= 2.1.0 Multiple Vulnerabilities
2005-11-03 00:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:21475
nvd1cve1cvelist1nessus1openvas1