Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| nombas | scriptease_webserver | 4.30d |
| novell | netware | 5.1 |
| nombas | scriptease_webserver | 4.30b |
Buffer overflow in ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long URL in an HTTP request.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| nombas | scriptease_webserver | 0.95 |
ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a denial of service (crash) via certain HTTP GET requests containing (1) a %2e%2e (encoded dot-dot), (2) several /../ (dot dot) sequences, (3) a missing URI, or (4) several ../ in a URI that does not begin with a / (slash) character.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| nombas | scriptease_webserver | 0.95 |
comment2.jse in ScriptEase:WebServer allows remote attackers to read arbitrary files by specifying the target file as an argument in the URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| nombas | scriptease_webserver | * |