Vulnerabilities > CVE-2002-1087 - Remote Security vulnerability in ezContents
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.php for ezContents 1.41 and earlier do not check credentials, which allows remote attackers to create or delete directories and upload files via a direct HTTP POST request.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |