Description
Directory traversal vulnerability in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allows remote attackers to read and execute arbitrary files via .. (dot dot) sequences in HTTP GET or POST requests.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by dong-h0un U · textremotelinux
https://www.exploit-db.com/exploits/22623
References (2)
Core 2
Core References
Exploit, Vendor Advisory mailing-list
x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0077.html
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=105353168619211&w=2
Scores
EPSS
0.0668
EPSS Percentile
91.3%
Details
Status
published
Products (10)
wsmp3/wsmp3_daemon
0.0.8
wsmp3/wsmp3_daemon
0.0.9
wsmp3/wsmp3_daemon
0.0.10
wsmp3/wsmp3_web_server
0.0.1
wsmp3/wsmp3_web_server
0.0.2
wsmp3/wsmp3_web_server
0.0.3
wsmp3/wsmp3_web_server
0.0.4
wsmp3/wsmp3_web_server
0.0.5
wsmp3/wsmp3_web_server
0.0.6
wsmp3/wsmp3_web_server
0.0.7
Published
May 21, 2003
Tracked Since
Feb 18, 2026