Exploitation Summary
EIP tracks 1 public exploit for CVE-2002-0544. PoCs published by Jeremy Roberts.
AI-analyzed exploit summary The exploit describes a directory traversal vulnerability in Abyss Web Server allowing remote attackers to read arbitrary files via encoded dot-dot-slash sequences. The example URL demonstrates accessing the administrative configuration file.
Description
Aprelium Abyss Web Server (abyssws) before 1.0.3 stores the administrative console password in plaintext in the abyss.conf file, which allows local users with access to the file to gain privileges.
Exploits (1)
The exploit describes a directory traversal vulnerability in Abyss Web Server allowing remote attackers to read arbitrary files via encoded dot-dot-slash sequences. The example URL demonstrates accessing the administrative configuration file.