CVE-2004-1221
published 2005-01-10CVE-2004-1221: Directory traversal vulnerability in weblibs.pl in WebLibs 1.0 allows remote attackers to read arbitrary files via .. sequences in the TextFile parameter.
PriorityP429medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
3.12%
86.2th percentile
Directory traversal vulnerability in weblibs.pl in WebLibs 1.0 allows remote attackers to read arbitrary files via .. sequences in the TextFile parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| darryl_burgdorf | weblibs | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Software602 602 Lan Suite 2004 2004.0.04.1221 - Arbitrary File Upload
exploitdb·2005-02-08
CVE-2005-0344 Software602 602 Lan Suite 2004 2004.0.04.1221 - Arbitrary File Upload
Software602 602 Lan Suite 2004 2004.0.04.1221 - Arbitrary File Upload
---
source: https://www.securityfocus.com/bid/12495/info
602 Lan Suite 2004 is reportedly affected by a vulnerability regarding the uploading of file attachments. This issue is due to the application failing to properly sanitize the names of file attachments before upload. A malicious user could exploit this vulnerability using directory traversal attacks to upload a file to an arbitrary location accessible by the affected server.
This vulnerability could lead to the execution of a malicious file on the server hosting the application.
602 Lan Suite 2004 version 2004.0.04.1221 is reportedly vulnerable; other versions may also be affected.
POST /mail HTTP/1.0
Host: localhost
Content-Type: multipart/form-data; boundar
Exploit-DB
darryl burgdorf weblibs 1.0 - Directory Traversal
exploitdb·2004-12-07
CVE-2004-1221 darryl burgdorf weblibs 1.0 - Directory Traversal
darryl burgdorf weblibs 1.0 - Directory Traversal
---
source: https://www.securityfocus.com/bid/11848/info
It is reported that WebLibs is prone to a remote directory traversal vulnerability. This issue is due to a failure of the application to properly filter user-supplied input.
WebLibs 1.0 is affected by this vulnerability.
The following proof of concept is available:
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=110245395510945&w=2http://secunia.com/advisories/13400/http://www.securityfocus.com/bid/11848https://exchange.xforce.ibmcloud.com/vulnerabilities/18399http://marc.info/?l=bugtraq&m=110245395510945&w=2http://secunia.com/advisories/13400/http://www.securityfocus.com/bid/11848https://exchange.xforce.ibmcloud.com/vulnerabilities/18399
2005-01-10
Published