CVE-2010-2079

DataTrack System 3.5 - Arbitrary File Read via Trailing Backslash in URI

Title source: llm
STIX 2.1

Description

DataTrack System 3.5 allows remote attackers to bypass intended restrictions on file extensions, and read arbitrary files, via a trailing backslash in a URI, as demonstrated by (1) web.config\ and (2) .ascx\ files.

References (3)

Core 3

Scores

EPSS 0.0140
EPSS Percentile 69.2%

Details

CWE
CWE-20
Status published
Products (1)
magnoware/datatrack_system 3.5
Published May 25, 2010
Tracked Since Feb 18, 2026