2 matches found
CVE-2004-1678
CVE-2004-1678 describes a directory traversal vulnerability in PerlDesk’s pdesk.cgi. A remote attacker can read portions of arbitrary files (and possibly trigger execution of Perl modules) by crafting lang parameters with ‘..’ sequences terminated by a NULL character (%00), potentially leaking fi...
CVE-2004-1678
Directory traversal vulnerability in pdesk.cgi in PerlDesk allows remote attackers to read portions of arbitrary files and possibly execute arbitrary Perl modules via ".." sequences terminated by a %00 null character in the lang parameter, which can leak portions of the requested files if a...