Vulnerabilities > CVE-2001-1525 - Unspecified vulnerability in Easyscripts Easynews 1.5

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
easyscripts
exploit available
NVD
Published: 2001-12-31
Updated: 2008-09-05

Summary

Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote attackers to modify news.dat, template.dat and possibly other files via a ".." in the cid parameter.

Vulnerable Configurations

Part Description Count
Application
Easyscripts
1

Exploit-Db

descriptionEasyNews 1.5 NewsDatabase/Template Modification Vulnerability. CVE-2001-1525. Webapps exploit for php platform
idEDB-ID:21168
last seen2016-02-02
modified2001-12-01
published2001-12-01
reportermarkus arndt
sourcehttps://www.exploit-db.com/download/21168/
titleEasyNews 1.5 NewsDatabase/Template Modification Vulnerability

References