cbcvebase.
CVE-2002-1483
published 2003-04-22

CVE-2002-1483: db4web_c and db4web_c.exe programs in DB4Web 3.4 and 3.6 allow remote attackers to read arbitrary files via an HTTP request whose argument is a filename of the…

PriorityP429medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
8.45%
94.3th percentile
db4web_c and db4web_c.exe programs in DB4Web 3.4 and 3.6 allow remote attackers to read arbitrary files via an HTTP request whose argument is a filename of the form (1) C: (drive letter), (2) //absolute/path (double-slash), or (3) .. (dot-dot).

Affected

2 ranges
VendorProductVersion rangeFixed in
db4webdb4web
db4webdb4web
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.