Seanox DevWex Windows Binary 1.2002.520 - File Disclosure
| EKU-ID: 27035 | CVE: CVE-2002-0946;OSVDB-5048 | OSVDB-ID: |
| Author: Kistler Ueli | Published: 2002-06-08 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 27035 | CVE: CVE-2002-0946;OSVDB-5048 | OSVDB-ID: |
| Author: Kistler Ueli | Published: 2002-06-08 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/4978/info The Seanox DevWex Windows binary version is prone to an issue which may cause arbitrary web-readable files to be disclosed to remote attackers. This problem occurs because DevWex does not sufficiently filter '..\' sequences from web requests. GET /..\..\..\..\anyfile