CVE-2003-1166 Information

Description

Directory traversal vulnerability in (1) Openfile.aspx and (2) Html.aspx in HTTP Commander 4.0 allows remote attackers to view arbitrary files via a .. (dot dot) in the file parameter.

Reference

http://secunia.com/advisories/10125 http://www.http-com.com/Default.asp?section=Features http://www.osvdb.org/2780 http://www.securityfocus.com/bid/8948 https://exchange.xforce.ibmcloud.com/vulnerabilities/13622