Vulnerability Details CVE-2003-1137
Charles Steinkuehler sh-httpd 0.3 and 0.4 allows remote attackers to read files or execute arbitrary CGI scripts via a GET request that contains an asterisk (*) wildcard character.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.065
EPSS Ranking 90.8%
CVSS Severity
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/archive/1/342473
- http://www.securityfocus.com/archive/1/342766
- http://www.securityfocus.com/bid/8897
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13519
- http://www.securityfocus.com/archive/1/342473
- http://www.securityfocus.com/archive/1/342766
- http://www.securityfocus.com/bid/8897
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13519
Products affected by CVE-2003-1137
-
cpe:2.3:a:charles_steinkuehler:sh-httpd:0.3
-
cpe:2.3:a:charles_steinkuehler:sh-httpd:0.4