Description
Directory traversal vulnerability in Internet Graphics Server in SAP before 6.40 Patch 11 allows remote attackers to read arbitrary files via ".." sequences in an HTTP GET request.
References (1)
Core 1
Core References
Exploit, Vendor Advisory x_refsource_misc
http://www.corsaire.com/advisories/c050503-001.txt
Scores
EPSS
0.0027
EPSS Percentile
50.7%
Details
Status
published
Products (1)
sap/sap_r_3
< 6.30
Published
Jul 26, 2005
Tracked Since
Feb 18, 2026