Description
Directory traversal vulnerability in SimpleServer:WWW 1.13 and earlier allows remote attackers to execute arbitrary programs via encoded ../ ("%2E%2E%2F%") sequences in a request to the cgi-bin/ directory, a different vulnerability than CVE-2000-0664.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by THRAN · perlremotewindows
https://www.exploit-db.com/exploits/21039
References (5)
Scores
EPSS
0.0350
EPSS Percentile
87.6%
Details
CWE
CWE-22
Status
published
Products (7)
analogx/simpleserver_www
1.0.8
analogx/simpleserver_www
1.01
analogx/simpleserver_www
1.03
analogx/simpleserver_www
1.04
analogx/simpleserver_www
1.05
analogx/simpleserver_www
1.06
analogx/simpleserver_www
< 1.13
Published
Feb 12, 2010
Tracked Since
Feb 18, 2026