2 matches found
CVE-2003-1168
CVE-2003-1168 affects HTTP Commander 4.0. A remote attacker can cause an error message to disclose the installation path by supplying a dot (.) in the file parameter, resulting in partial confidentiality impact. The description and linked sources indicate an information-disclosure vulnerability t...
CVE-2003-1168
HTTP Commander 4.0 allows remote attackers to obtain sensitive information via an HTTP request that contains a . dot in the file parameter, which reveals the installation path in an error message...