CVE-2004-0072
Accipiter Direct Server 6.0 - Directory Traversal via Encoded Backslash Sequences
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2004-0072. PoCs published by Mark Bassett.
AI-analyzed exploit summary This is a writeup describing a directory traversal vulnerability in an unspecified Windows-based web server software. The vulnerability allows attackers to access files outside the web root directory using URL-encoded directory traversal sequences.
Description
Directory traversal vulnerability in Accipiter Direct Server 6.0 allows remote attackers to read arbitrary files via encoded \.. (backslash .., "%5c%2e%2e") sequences in an HTTP request.
Exploits (1)
This is a writeup describing a directory traversal vulnerability in an unspecified Windows-based web server software. The vulnerability allows attackers to access files outside the web root directory using URL-encoded directory traversal sequences.