Description
iCon administrative web server for Critical Path inJoin Directory Server 4.0 allows authenticated inJoin administrators to read arbitrary files by specifying the target file in the LOG parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Nomad Mobile Research Centre · textremotemultiple
https://www.exploit-db.com/exploits/21445
References (3)
Core 3
Core References
Patch, Vendor Advisory mailing-list
x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0068.html
Patch, Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/9054.php
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4718
Scores
EPSS
0.1106
EPSS Percentile
93.5%
Details
Status
published
Products (1)
critical_path/injoin_directory_server
4.0
Published
Aug 12, 2002
Tracked Since
Feb 18, 2026