4 matches found
CVE-2001-0555
ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attacker to read world-readable files via a .. dot dot attack through 1 the SITEWare Editor's Desktop or 2 the template parameter in SWEditServlet...
CVE-2001-0555
ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attacker to read world-readable files via a .. dot dot attack through 1 the SITEWare Editor's Desktop or 2 the template parameter in SWEditServlet...
CVE-2001-0555
ScreamingMedia SITEWare has a directory-traversal vulnerability in SITEWare Editor’s Desktop (versions 2.5–3.1) and in the SWEditServlet template parameter, allowing remote attackers to read world-readable files within the SiteWare web root. The root cause is inadequate input validation that enab...
ScreamingMedia SITEWare source code disclosure vulnerability
FS Advisory ID: FS-061201-18-SMSW Release Date: June 11, 2001 Product: ScreamingMedia SITEWare Vendor: ScreamingMedia Inc. http://www.screamingmedia.com Vendor Advisory: http://www.screamingmedia.com/security/sms1001.php Type: Source code disclosure vulnerability Severity: High Author: Mike Shema...