CVE-2001-1525

Medium

5/10

Summary

Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote attackers to modify news.dat, template.dat and possibly other files via a ".." in the cid parameter.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: NONE
Availability Impact: NONE

References

Advisory Timeline

Published Dec 31, 2001

CVE-2001-1525

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS