Back to search
CVE-2003-0748
Published: Sep 6, 2003
Modified: Aug 8, 2024
PUBLISHED
Description
Directory traversal vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the ~theme parameter and a ~template parameter with a filename followed by space characters, which can prevent SAP from effectively adding a .html extension to the filename.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20030830 SAP Internet Transaction Server
mailing-list
x_refsource_BUGTRAQ
8516
vdb-entry
x_refsource_BID
its-wgatedll-directory-traversal(13066)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now