2 matches found
CVE-2003-1166
CVE-2003-1166 describes a directory traversal vulnerability in HTTP Commander 4.0. The flaw affects the Openfile.aspx and Html.aspx components, where a .. (dot dot) in the file parameter can be used to view arbitrary files (remote access). Root cause: insufficient validation of the file parameter...
CVE-2003-1166
Directory traversal vulnerability in 1 Openfile.aspx and 2 Html.aspx in HTTP Commander 4.0 allows remote attackers to view arbitrary files via a .. dot dot in the file parameter...