Vulnerabilities > CVE-2002-1627 - Unspecified vulnerability in Mike Spice Quiz ME 0.5

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

mike-spice

NVD

Published: 2002-12-31

Updated: 2017-07-11

Summary

Directory traversal vulnerability in quiz.cgi for Mike Spice Quiz Me! before 0.6 allows remote attackers to write arbitrary files via .. (dot dot) sequences in the quiz parameter.

Vulnerable Configurations

Part	Description	Count
Application	Mike_Spice Mike Spice Quiz ME 0.5	1

References

http://securitytracker.com/id?1003254
http://www.kb.cert.org/vuls/id/318835
http://www.securityfocus.com/bid/3857
https://exchange.xforce.ibmcloud.com/vulnerabilities/7970