Hyperseek 2000 hsx.cgi does not adequately filter user input disclosing directory listings and file contents

Overview iWeb Systems Hyperseek search engine may allow malformed URL requests to access files outside the document root of a vulnerable system. Description A specially crafted URL can disclose the directory listing and files of the target system with read permissions. --- Impact Remote attackers...

CVE-2001-0253

Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek 2000 allows remote attackers to read arbitrary files and directories via a .. dot dot attack in the show parameter...

CVE-2001-0253

Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek 2000 allows remote attackers to read arbitrary files and directories via a .. dot dot attack in the show parameter...

CVE-2001-0253

CVE-2001-0253 : A directory traversal vulnerability exists in the iWeb Hyperseek 2000 hsx.cgi show parameter, allowing remote attackers to read arbitrary files and directories via a .. path. The affected component is the hsx.cgi CGI in iWeb Hyperseek 2000. The underlying issue is insufficient inp...