RSS   Vulnerabilities for 'Siteware'   RSS

2001-08-14
 
CVE-2001-0555

 

 
ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attacker to read world-readable files via a .. (dot dot) attack through (1) the SITEWare Editor's Desktop or (2) the template parameter in SWEditServlet.

 


Copyright 2024, cxsecurity.com

 

Back to Top