Directory traversal vulnerability in AspUpload 2.1, in certain configurations, allows remote attackers to upload and read arbitrary files, and list arbitrary directories, via a .. (dot dot) in the Filename parameter in (1) UploadScript11.asp or (2) DirectoryListing.asp.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2002-02-02T05:00:00
Updated: 2016-10-17T13:57:01
Reserved: 2002-01-31T00:00:00
Link: CVE-2001-0938
JSON object: View
NVD Information
Status : Modified
Published: 2001-11-30T05:00:00.000
Modified: 2016-10-18T02:13:37.753
Link: CVE-2001-0938
JSON object: View
Redhat Information
No data.
CWE