Vulnerabilities > CVE-2007-2048 - Directory Traversal vulnerability in webMethods Glue Console

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
webmethods
exploit available

Summary

Directory traversal vulnerability in /console in the Management Console in webMethods Glue 6.5.1 and earlier allows remote attackers to read arbitrary system files via a .. (dot dot) in the resource parameter.

Vulnerable Configurations

Part Description Count
Application
Webmethods
3

Exploit-Db

descriptionwebMethods Glue 6.5.1 Console Directory Traversal Vulnerability. CVE-2007-2048. Remote exploit for windows platform
idEDB-ID:29843
last seen2016-02-03
modified2007-04-11
published2007-04-11
reporterPatrick Webster
sourcehttps://www.exploit-db.com/download/29843/
titlewebMethods Glue <= 6.5.1 Console Directory Traversal Vulnerability