QwikSec

Security Database

CVE

CWE

Training

CVE-2002-0464

Published: Apr 2, 2003

Modified: Aug 8, 2024

PUBLISHED

Description

Directory traversal vulnerability in Hosting Controller 1.4.1 and earlier allows remote attackers to read and modify arbitrary files and directories via a .. (dot dot) in arguments to (1) file_editor.asp, (2) folderactions.asp, or (3) editoractions.asp.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_BID

20020318 Hosting Directory Traversal madness...

mailing-list

x_refsource_BUGTRAQ

http://www.hostingcontroller.com/english/patches/ForAll/download/dot-slash.zip

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.