CVE-2010-3743
Visual Synapse HTTP Server <= 0.60 - Path Traversal via URI
Title source: llmDescription
Directory traversal vulnerability in Visual Synapse HTTP Server 1.0 RC1 through RC3, and 0.60 and earlier, allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
References (4)
Core 4
Core References
Various Sources x_refsource_misc
http://www.syhunt.com/advisories/?id=vs-httpd-dirtrav
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/514167/100/0/threaded
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/43830
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/15216
Scores
EPSS
0.0248
EPSS Percentile
82.6%
Details
CWE
CWE-22
Status
published
Products (3)
rene_tegel/visual_synapse
0.50
rene_tegel/visual_synapse
1.0 rc1 (3 CPE variants)
rene_tegel/visual_synapse
< 0.60
Published
Oct 08, 2010
Tracked Since
Feb 18, 2026