Lucene search

[email protected]CVE-2003-1298

HistoryMar 23, 2006 - 11:00 a.m.

CVE-2003-1298

2006-03-2311:00:00

[email protected]

web.nvd.nist.gov

directory traversal

siteman.php3

anyportal(php)

vulnerability

remote attackers

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.4 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.3%

JSON

Multiple directory traversal vulnerabilities in siteman.php3 in AnyPortal(php) 12 MAY 00 allow remote attackers to (1) create, (2) delete, (3) save, and (4) upload files by navigating to the root directory and entering a filename beginning with “./…” (dot slash dot dot).

Affected configurations

NVD

Node

anyportal_phpanyportal_phpMatch0.1

CPENameOperatorVersion
anyportal_php:anyportal_phpanyportal phpeq0.1

CPE	Name	Operator	Version
anyportal_php:anyportal_php	anyportal php	eq	0.1

References

nger.org/anyportal/forum/read.php?f=1&i=152&t=152#reply_152

secunia.com/advisories/19359

www.osvdb.org/23984

www.securityfocus.com/bid/17197

www.vupen.com/english/advisories/2006/1053

exchange.xforce.ibmcloud.com/vulnerabilities/25396

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.4 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.3%

JSON

Related for CVE-2003-1298

nvd1 cvelist1