CVE-2003-1463
Alt-N WebAdmin 2.0.0-2.0.2 - Authenticated Absolute Path Traversal via Name Parameter
Title source: llmExploitation Summary
EIP tracks 2 public exploits for CVE-2003-1463. PoCs published by [email protected].
AI-analyzed exploit summary This exploit leverages a path traversal vulnerability in Alt-N WebAdmin to read arbitrary files on the system. The attacker must have administrative privileges in WebAdmin to execute the attack.
Description
Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter.
Exploits (2)
This exploit leverages a path traversal vulnerability in Alt-N WebAdmin to read arbitrary files on the system. The attacker must have administrative privileges in WebAdmin to execute the attack.
This is a writeup describing an information disclosure vulnerability in WebAdmin.dll, allowing remote users to discover the installation directory of MDaemon software via a crafted HTTP request.