CVE-2001-0495

Name of the Vulnerable Software and Affected Versions: DataWizard WebXQ server version 1.204

Description: The issue allows remote attackers to view files outside of the web root via a .. (dot dot) attack, which is a type of directory traversal attack. This attack takes advantage of the fact that the .. notation can be used to access parent directories, potentially allowing access to sensitive files.

Recommendations: For DataWizard WebXQ server version 1.204, consider implementing proper input validation and sanitization to prevent directory traversal attacks, such as restricting access to files outside of the web root and limiting the use of the .. notation.