Exploitation Summary
EIP tracks 1 public exploit for CVE-2004-1742. PoCs published by Jerome Athias.
AI-analyzed exploit summary This is a writeup describing a directory traversal vulnerability in WebAPP. The vulnerability allows an attacker to retrieve arbitrary files from the server by manipulating the 'viewcat' parameter in the URL.
Description
Directory traversal vulnerability in WebAPP 0.9.9 allows remote attackers to view arbitrary files via a .. (dot dot) in the viewcat parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Jerome Athias · textwebappscgi
https://www.exploit-db.com/exploits/24408
This is a writeup describing a directory traversal vulnerability in WebAPP. The vulnerability allows an attacker to retrieve arbitrary files from the server by manipulating the 'viewcat' parameter in the URL.
Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
WebAPP (version not specified)
No auth needed
Prerequisites:
Access to the vulnerable WebAPP instance
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (5)
Core 5
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=109336268002879&w=2
Various Sources x_refsource_confirm
http://cornerstone.web-app.org/cgi-bin/index.cgi?action=downloadinfo&cat=updates&id=1
Exploit, Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/12373
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11028
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17100
Scores
EPSS
0.0718
EPSS Percentile
93.5%
Details
Status
published
Products (1)
web-app.org/webapp
0.9.9
Published
Aug 24, 2004
Tracked Since
Feb 18, 2026