CVE-2009-5114

NUCLEI

Iwork Webglimpse < 2.18.7 - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the DOC parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by MustLive · textwebappscgi

https://www.exploit-db.com/exploits/36994

View Code ZIP pw:eip

Nuclei Templates (1)

WebGlimpse 2.18.7 - Directory Traversal

MEDIUMby daffainfo

References (2)

[Exploit] http://websecurity.com.ua/2628/

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/74321

Scores

EPSS 0.0553

EPSS Percentile 90.3%

Details

CWE

CWE-22

Status published

Products (48)

iwork/webglimpse 1.7.6

iwork/webglimpse 1.7.9

iwork/webglimpse 2.0.03

iwork/webglimpse 2.0.04

iwork/webglimpse 2.0.07

iwork/webglimpse 2.0.10

iwork/webglimpse 2.1.01

iwork/webglimpse 2.1.04

iwork/webglimpse 2.2.0

iwork/webglimpse 2.2.2

... and 38 more

Published Mar 19, 2012

Tracked Since Feb 18, 2026