exploitDog

CVE-2001-1138

Опубликовано: 07 сент. 2001

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Directory traversal vulnerability in r.pl (aka r.cgi) of Randy Parker Power Up HTML 0.8033beta allows remote attackers to read arbitrary files and possibly execute arbitrary code via a .. (dot dot) in the FILE parameter.

Ссылки

http://www.securityfocus.com/archive/1/212679
Vendor Advisory
http://www.securityfocus.com/bid/3304
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7092
http://www.securityfocus.com/archive/1/212679
Vendor Advisory
http://www.securityfocus.com/bid/3304
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7092

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:randy_parker:power_up_html:0.8033_beta:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.05461

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-37mh-6cwh-pwc5

github

больше 3 лет назад

Directory traversal vulnerability in r.pl (aka r.cgi) of Randy Parker Power Up HTML 0.8033beta allows remote attackers to read arbitrary files and possibly execute arbitrary code via a .. (dot dot) in the FILE parameter.

EPSS

Процентиль: 90%

0.05461

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other