Vulnerabilities > CVE-2001-1334 - Unspecified vulnerability in PHPslash 0.5.3.2/0.6.1

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
phpslash
exploit available
NVD
Published: 2002-05-19
Updated: 2016-10-18

Summary

Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with PHPSlash administrator privileges to read arbitrary files by creating a block and specifying the target file as the source URL.

Vulnerable Configurations

Part Description Count
Application
Phpslash
2

Exploit-Db

descriptionPHPSlash 0.5.3 2/0.6.1 URL Block Arbitrary File Disclosure Vulnerability. CVE-2001-1334 . Webapps exploit for php platform
idEDB-ID:20848
last seen2016-02-02
modified2001-04-15
published2001-04-15
reportertobozo tagada
sourcehttps://www.exploit-db.com/download/20848/
titlePHPSlash 0.5.3 2/0.6.1 URL Block Arbitrary File Disclosure Vulnerability

References