CVE-2003-0748

SAP ITS 4620.2.0.323011 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0748. PoCs published by Martin Eiszner.

AI-analyzed exploit summary This is a writeup describing a directory traversal vulnerability in SAP. The vulnerability allows attackers to access sensitive files outside the intended directory by manipulating the '~theme' and '~template' parameters with traversal sequences.

Description

Directory traversal vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the ~theme parameter and a ~template parameter with a filename followed by space characters, which can prevent SAP from effectively adding a .html extension to the filename.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Martin Eiszner · textremotemultiple
https://www.exploit-db.com/exploits/23070

This is a writeup describing a directory traversal vulnerability in SAP. The vulnerability allows attackers to access sensitive files outside the intended directory by manipulating the '~theme' and '~template' parameters with traversal sequences.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: SAP (version not specified)
No auth needed
Prerequisites: Access to the SAP web interface
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Vendor Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2003-08/0361.html
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/8516
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/13066

Scores

EPSS 0.0728
EPSS Percentile 93.6%

Details

Status published
Products (1)
sap/internet_transaction_server 4620.2.0.323011
Published Oct 20, 2003
Tracked Since Feb 18, 2026