CVE-2004-2493 - Tabescent Implements

Description

Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3 and Desktop 5 6 and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter.

Reference

http://www.hitachi-support.com/security_e/vuls_e/HS04-007_e/01-e.html http://www.securityfocus.com/bid/11773 http://www.osvdb.org/12153 http://secunia.com/advisories/13321 https://exchange.xforce.ibmcloud.com/vulnerabilities/18278