Unrated severityNVD Advisory· Published Oct 20, 2003· Updated Jun 16, 2026
CVE-2003-0748
CVE-2003-0748
Description
Directory traversal vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the ~theme parameter and a ~template parameter with a filename followed by space characters, which can prevent SAP from effectively adding a .html extension to the filename.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:sap:internet_transaction_server:4620.2.0.323011:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:sap:internet_transaction_server:4620.2.0.323011:*:*:*:*:*:*:*
- (no CPE)range: =4620.2.0.323011
Patches
Vulnerability mechanics
References
3- archives.neohapsis.com/archives/bugtraq/2003-08/0361.htmlnvdExploitVendor Advisory
- www.securityfocus.com/bid/8516nvdExploitVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/13066nvd
News mentions
0No linked articles in our index yet.