Description

Directory traversal vulnerability in Apache 1.3.29 and earlier, and Apache 2.0.48 and earlier, when running on Cygwin, allows remote attackers to read arbitrary files via a URL containing "..%5C" (dot dot encoded backslash) sequences.

Remediation

References

CVE-2004-0173

Related Vulnerabilities

WordPress Plugin Sermon Browser Multiple Cross-Site Scripting Vulnerabilities (0.45.15)

WordPress Plugin PWG Random Cross-Site Request Forgery (1.11)

MySQL CVE-2019-2584 Vulnerability (CVE-2019-2584)

WordPress Plugin ShiftNav-Responsive Mobile Menu Cross-Site Scripting (1.7.1)

Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-5539)

Severity

Medium

Classification

CVE-2004-0173

Tags

Missing Update Known Vulnerabilities