CVE-2004-0303 in PassWDinfo

Summary

OWLS 1.0 allows remote attackers to retrieve arbitrary files via absolute pathnames in (1) the file parameter in /glossaries/index.php, (2) the filename parameter in /readings/index.php, or (3) the filename parameter in /multiplechoice/resultsignore.php, as demonstrated using /etc/passwd.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Disclosure

11/23/2004

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-200

Exploit

Download

CVSS

5.3

EPSS

0.08931

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-0303
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0303
CVE Details	https://www.cvedetails.com/cve/CVE-2004-0303/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!