Multiple directory traversal vulnerabilities in Borland Web Server (BWS) 1.0b3 and earlier allow remote attackers to read and download arbitrary files via (1) multi-dot "......" sequences, or (2) "%5c%2e%2e" (encoded "\..") sequences, in the URL.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.03573
Percentile: 0.8725

CVSS Scoring

Affected Products

• cpe:2.3:a:borland_software:web_server_for_corel_paradox:*:*:*:*:*:*:*:*

← Back to Home