Lucene search

[email protected]CVE-2001-1138

HistorySep 07, 2001 - 4:00 a.m.

CVE-2001-1138

2001-09-0704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

security breach

vulnerability

remote access

code execution

r.pl

cve-2001-1138

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

87.8%

JSON

Directory traversal vulnerability in r.pl (aka r.cgi) of Randy Parker Power Up HTML 0.8033beta allows remote attackers to read arbitrary files and possibly execute arbitrary code via a … (dot dot) in the FILE parameter.

CPENameOperatorVersion
randy_parker:power_up_htmlrandy parker power up htmleq0.8033_beta

CPE	Name	Operator	Version
randy_parker:power_up_html	randy parker power up html	eq	0.8033_beta

References

www.securityfocus.com/archive/1/212679

www.securityfocus.com/bid/3304

exchange.xforce.ibmcloud.com/vulnerabilities/7092

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

87.8%

JSON

Related for CVE-2001-1138

openvas1