Vulnerability Details CVE-2003-1166
Directory traversal vulnerability in (1) Openfile.aspx and (2) Html.aspx in HTTP Commander 4.0 allows remote attackers to view arbitrary files via a .. (dot dot) in the file parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.048
EPSS Ranking 89.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/10125
- http://www.http-com.com/Default.asp?section=Features
- http://www.osvdb.org/2780
- http://www.securityfocus.com/bid/8948
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13622
- http://secunia.com/advisories/10125
- http://www.http-com.com/Default.asp?section=Features
- http://www.osvdb.org/2780
- http://www.securityfocus.com/bid/8948
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13622
Products affected by CVE-2003-1166
-
cpe:2.3:a:http_commander:http_commander:4.0