V
Scaner-VS
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
CVE-2004-2121
CVE
MediumConfirmedExploit available

Multiple directory traversal vulnerabilities in Borland Web Server (BWS) 1.0b3 and earlier allow remote attackers to read and download arbi…

CVSS
5.0
Medium
EPSS
0.03
p85
Published
2004-01-01
Updated
2004-01-01
Description

Multiple directory traversal vulnerabilities in Borland Web Server (BWS) 1.0b3 and earlier allow remote attackers to read and download arbitrary files via (1) multi-dot "......" sequences, or (2) "%5c%2e%2e" (encoded "\..") sequences, in the URL.

Affected products
Web_server_for_corel_paradox ≤ 1.0_b3
CVSS vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Timeline
2004-01-01
Published
2004-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Authentication
Au: N
None (N)
Confidentiality Impact
C: P
Partial
Integrity Impact
I: N
None (N)
Availability Impact
A: N
None (N)
Exploit indicators
EPSS
0.031 · p85
Known exploited (KEV)
No
Known exploits — Сканер-ВС
23597
exploitdb · https://www.exploit-db.com/exploits/23597
Enterprise
Affected products
ProductVendorStatus
web_server_for_corel_paradox*Tracked
Source databases
CVE