2007-12-17 23:00:00
mitre
PUBLISHED
Directory traversal vulnerability in Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to read arbitrary files via a .. (dot dot backslash) in the URI.