ID CVE-2003-1298
Summary Multiple directory traversal vulnerabilities in siteman.php3 in AnyPortal(php) 12 MAY 00 allow remote attackers to (1) create, (2) delete, (3) save, and (4) upload files by navigating to the root directory and entering a filename beginning with "./.." (dot slash dot dot).
References
Vulnerable Configurations
  • cpe:2.3:a:anyportal_php:anyportal_php:0.1:*:*:*:*:*:*:*
    cpe:2.3:a:anyportal_php:anyportal_php:0.1:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 20-07-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 17197
misc http://nger.org/anyportal/forum/read.php?f=1&i=152&t=152#reply_152
osvdb 23984
secunia 19359
vupen ADV-2006-1053
xf anyportalphp-siteman-directory-traversal(25396)
Last major update 20-07-2017 - 01:29
Published 31-12-2003 - 05:00
Back to Top