CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-1952

Directory traversal vulnerability in Pico Server (pServ) 3.3 allows remote attackers to read arbitrary files and execute arbitrary commands via a /./ (slash dot slash) before each .. (dot dot) sequence in the URL, which results in an incorrect directory depth count.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.017

EPSS Ranking 81.8%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=111852830111316&w=2
http://secunia.com/advisories/15663
http://sourceforge.net/project/shownotes.php?group_id=59378&release_id=334036
http://marc.info/?l=bugtraq&m=111852830111316&w=2
http://secunia.com/advisories/15663
http://sourceforge.net/project/shownotes.php?group_id=59378&release_id=334036

Products affected by CVE-2005-1952

Pico Server » Pico Server » Version: 3.3

cpe:2.3:a:pico_server:pico_server:3.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-1952

Products

Pricing

Contact Us