Vulnerabilities > CVE-2002-1837 - Unspecified vulnerability in IDS 0.8.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The getAlbumToDisplay function in idsShared.pm for Image Display System (IDS) 0.81 allows remote attackers to determine the existence of arbitrary directories via ".." sequences in the album parameter, which generates different error messages depending on whether the directory exists or not.
Exploit-Db
description | Image Display System 0.8.1 Directory Existence Disclosure Vulnerability. CVE-2002-1837. Webapps exploit for cgi platform |
id | EDB-ID:21487 |
last seen | 2016-02-02 |
modified | 2002-05-28 |
published | 2002-05-28 |
reporter | isox |
source | https://www.exploit-db.com/download/21487/ |
title | Image Display System 0.8.1 - Directory Existence Disclosure Vulnerability |