Directory Traversal Vulnerability in DeWeS Web Server 0.4.2 and Earlier

Directory Traversal Vulnerability in DeWeS Web Server 0.4.2 and Earlier

CVE-2013-4900 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote attackers to read arbitrary files via a ..%5c (dot dot encoded backslash) in a GET request.

Learn more about our Web App Pen Testing.