CVE-2002-1483 — MEDIUM severity vulnerability (db4web_c and db4web_c.exe programs in DB4Web 3.4 and 3.6 all)
db4web_c and db4web_c.exe programs in DB4Web 3.4 and 3.6 allow remote attackers to read arbitrary files via an HTTP request whose argument is a filename of the form (1) C: (drive letter), (2) //absolute/path (double-slash), or (3) .. (dot-dot).
| CVE ID | CVE-2002-1483 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 5.0 |
| CVSS vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2003-04-22 |
| Last modified | 2026-04-16 |
| Description | db4web_c and db4web_c.exe programs in DB4Web 3.4 and 3.6 allow remote attackers to read arbitrary files via an HTTP request whose argument is a filename of the form (1) C: (drive letter), (2) //absolute/path (double-slash), or (3) .. (dot-dot). |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →