CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-2253

Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers to read arbitrary files via a .. in the page parameter of the show command.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.043

EPSS Ranking 88.4%

CVSS Severity

CVSS v2 Score 5.0

References

http://members.lycos.co.uk/r34ct/main/SurgeLDAP%201.0g.txt
http://secunia.com/advisories/11343
http://www.securityfocus.com/bid/10103
https://exchange.xforce.ibmcloud.com/vulnerabilities/15851
http://members.lycos.co.uk/r34ct/main/SurgeLDAP%201.0g.txt
http://secunia.com/advisories/11343
http://www.securityfocus.com/bid/10103
https://exchange.xforce.ibmcloud.com/vulnerabilities/15851

Products affected by CVE-2004-2253

Netwin » Surgeldap » Version: 1.0d

cpe:2.3:a:netwin:surgeldap:1.0d
Netwin » Surgeldap » Version: 1.0e

cpe:2.3:a:netwin:surgeldap:1.0e
Netwin » Surgeldap » Version: 1.0g

cpe:2.3:a:netwin:surgeldap:1.0g

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2253

Products

Pricing

Contact Us