Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2001-0561

Published: 14/08/2001 Updated: 19/12/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 765
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to A1stats

Vulnerability Summary

Directory traversal vulnerability in Drummond Miles A1Stats before 1.6 allows a remote malicious user to read arbitrary files via a '..' (dot dot) attack in (1) a1disp2.cgi, (2) a1disp3.cgi, or (3) a1disp4.cgi.

Vulnerable Product Search on Vulmon Subscribe to Product

drummond miles a1stats

drummond miles a1stats 1.0

Exploits

Exploit DB: Drummond Miles A1Stats 1.0 - 'a1disp4.cgi' Traversal Arbitrary File Read
source: wwwsecurityfocuscom/bid/2705/info A1Stats is a CGI product by Drummon Miles used to report on a website's visitor traffic Versions of this product fail to properly validate user-supplied input submitted as querystrings to the A1Stats script An attacker can compose a long path including '//' sequences, and submit it as ...
Exploit DB: Drummond Miles A1Stats 1.0 - 'a1disp2.cgi' Traversal Arbitrary File Read
source: wwwsecurityfocuscom/bid/2705/info A1Stats is a CGI product by Drummon Miles used to report on a website's visitor traffic Versions of this product fail to properly validate user-supplied input submitted as querystrings to the A1Stats script An attacker can compose a long path including '//' sequences, and submit it as a file ...
Exploit DB: Drummond Miles A1Stats 1.0 - 'a1disp3.cgi' Traversal Arbitrary File Read
source: wwwsecurityfocuscom/bid/2705/info A1Stats is a CGI product by Drummon Miles used to report on a website's visitor traffic Versions of this product fail to properly validate user-supplied input submitted as querystrings to the A1Stats script An attacker can compose a long path including '//' sequences, and submit it as a f ...

Github Repositories

https://github.com/jubram/es_tpf

Trabalho Prático Final de Engenharia de Segurança

Engenharia de Segurança Vulnerabilities Mapping Raphael Jubram Sawaia Pinheiro (pg37160@alunosuminhopt) Gestão de Vulnerabilidades Uma das principais atividades de equipes de Segurança da Informação é fazer a Gestão de Vulnerabilidades Nesse trabalho, os analistas de segurança precisam identificar vulnerabilidades nos s

References

NVD-CWE-Otherhttp://archives.neohapsis.com/archives/bugtraq/2001-05/0047.htmlhttp://www.securityfocus.com/bid/2705http://www.kb.cert.org/vuls/id/471691https://exchange.xforce.ibmcloud.com/vulnerabilities/6503https://nvd.nist.govhttps://github.com/jubram/es_tpfhttps://www.exploit-db.com/exploits/20833/https://www.kb.cert.org/vuls/id/471691
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925CVE-2023-41826LFICVE-2022-22364CVE-2024-2887command injectionremote code executionCVE-2024-34446CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook