Vulnerability Database

296,334

Total vulnerabilities in the database

CVE-2007-6404

Directory traversal vulnerability in Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI.

  • Published: Dec 17, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-6404
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
shttp / shttp - 1.38.x