Vulnerabilities > CVE-2003-1166 - Directory Traversal vulnerability in Http Commander Http Commander 4.0

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
http-commander
exploit available

Summary

Directory traversal vulnerability in (1) Openfile.aspx and (2) Html.aspx in HTTP Commander 4.0 allows remote attackers to view arbitrary files via a .. (dot dot) in the file parameter.

Vulnerable Configurations

Part Description Count
Application
Http_Commander
1

Exploit-Db

descriptionHTTP Commander 4.0 Directory Traversal Vulnerability. CVE-2003-1166. Webapps exploit for asp platform
idEDB-ID:23326
last seen2016-02-02
modified2003-11-01
published2003-11-01
reporterZero X
sourcehttps://www.exploit-db.com/download/23326/
titlehttp commander 4.0 - Directory Traversal Vulnerability