Directory Traversal Vulnerability in Groupmax World Wide Web and Desktop Products
CVE-2004-2493

Currently unrated

Key Information:

Vendor: Hitachi
Status: Groupmax World Wide Web Desktop; Groupmax World Wide Web
Vendor: CVE Published:; 31 December 2004

Summary

This vulnerability allows remote authenticated users to exploit the template name parameter, enabling them to read arbitrary .html files from the server. Such exposure could lead to the disclosure of sensitive information and severely compromise the integrity of the affected systems.

References

http://www.hitachi-support.com/security_e/vuls_e/HS04-007...

x_refsource_CONFIRM

http://www.osvdb.org/12153

vdb-entryx_refsource_OSVDB

https://exchange.xforce.ibmcloud.com/vulnerabilities/18278

vdb-entryx_refsource_XF

Timeline

Vulnerability Reserved
Oct 25, 2005
Vulnerability published
Dec 31, 2004