Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbDr_insaneEDB-ID:23987
HistoryApr 12, 2004 - 12:00 a.m.

SurgeLDAP 1.0 - 'User.cgi' Directory Traversal

2004-04-1200:00:00
dr_insane
www.exploit-db.com
31

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/10103/info

SurgeLDAP is prone to a directory traversal vulnerability in one of the scripts included with the built-in web administrative server, potentially resulting in disclosure of files. 

A remote attacker could exploit this issue to gain access to system files outside of the web root directory of the built-in web server. Files that are readable by the web server could be disclosed via this issue.

http://www.example.com:6680/user.cgi?cmd=show&page=/../../../boot.ini

Related

openvas 1
cvelist 1
nvd 1
cve 1
openvas
openvas
File Disclosure in SurgeLDAP
2005-11-03 00:00:00
cvelist
cvelist
CVE-2004-2253
2005-07-17 04:00:00
nvd
nvd
CVE-2004-2253
2004-12-31 05:00:00
cve
cve
CVE-2004-2253
2005-07-17 04:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:23987
openvas1cvelist1nvd1cve1