CVE-2004-0059

Name of the Vulnerable Software and Affected Versions WWW File Share Pro versions 2.42 and earlier

Description A directory traversal issue exists in the upload capability, allowing remote attackers to overwrite arbitrary files by using .. (dot dot) sequences in the filename parameter of a Content-Disposition: header.

Recommendations For versions 2.42 and earlier, consider restricting access to the upload capability until a fix is available. As a temporary workaround, avoid using the filename parameter in the Content-Disposition: header to minimize the risk of exploitation.