CVE-2001-0555

ScreamingMedia SITEWare has a directory-traversal vulnerability in SITEWare Editor’s Desktop (versions 2.5–3.1) and in the SWEditServlet template parameter, allowing remote attackers to read world-readable files within the SiteWare web root. The root cause is inadequate input validation that enab...

CVE-2001-0555

ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attacker to read world-readable files via a .. dot dot attack through 1 the SITEWare Editor's Desktop or 2 the template parameter in SWEditServlet...

CVE-2001-0982

Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Director 3.01 through 3.7.1 allows remote attackers to read arbitrary files or directories via encoded .. dot dot sequences containing "%2e" strings...

CVE-2001-1045

Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1.0.3beta and earlier allows remote attackers to read arbitrary files via a .. dot dot in the requestidDUMMY parameter...

CVE-2001-1042

Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk link file that points to the target file...

CVE-2001-0245

Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in Windows 2000, allows remote attackers to read server-side include files via a malformed search request, aka a new variant of the "Malformed Hit-Highlighting" vulnerability...

CVE-2001-0246

Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain, aka a variant of the "Frame Domain...

CVE-2001-0480

Directory traversal vulnerability in Alex's FTP Server 0.7 allows remote attackers to read arbitrary files via a ... modified dot dot in the 1 GET or 2 CD commands...

CVE-2001-0466

Directory traversal vulnerability in ustorekeeper 1.61 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...

Sean MacGuire Big Brother 1.01.31.4 - CGI File Creation

Sean MacGuire Big Brother 1.01.31.4 - CGI File Creation source: https://www.securityfocus.com/bid/1494/info A vulnerability in Big Brother exists which would allow a user to remotely create CGI scripts which could be requested from the Web Server. These could be used to read files and possibly...

Sean MacGuire Big Brother 1.0/1.3/1.4 - CGI File Creation

source: https://www.securityfocus.com/bid/1494/info A vulnerability in Big Brother exists which would allow a user to remotely create CGI scripts which could be requested from the Web Server. These could be used to read files and possibly execute commands on the web server machine. ./bb 1.2.3.4...

CVE-2001-0253

Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek 2000 allows remote attackers to read arbitrary files and directories via a .. dot dot attack in the show parameter...

CVE-2001-0211

Directory traversal vulnerability in WebSPIRS 3.1 allows remote attackers to read arbitrary files via a .. dot dot attack on the sp.nextform parameter...

CVE-2001-0206

Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows remote attackers to read arbitrary files by inserting a .. dot dot or ... into the requested pathname of an HTTP GET request...

Directory Pro Traversal Arbitrary File Access

The CGI 'directorypro.cgi' is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the HTTP daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...

CVE-2001-1335

Directory traversal vulnerability in CesarFTP 0.98b and earlier allows remote authenticated users such as anonymous to read arbitrary files via a GET with a filename that contains a ...%5c modified dot dot...

CVE-2001-0360

Directory traversal vulnerability in help.cgi in Ikonboard 2.1.7b and earlier allows a remote attacker to read arbitrary files via a .. dot dot attack in the helpon parameter...

CVE-2001-0454

Directory traversal vulnerability in SlimServe HTTPd 1.1a allows remote attackers to read arbitrary files via a ... modified dot dot in the HTTP request...

CVE-2001-0466

Directory traversal vulnerability in ustorekeeper 1.61 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...

CVE-2000-0726

CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote attackers to read arbitrary files by specifying the file in the $Attach$ hidden form variable...