Vulnerabilities > CVE-2004-0302 - Remote File Disclosure vulnerability in Fools Workshop Owls Workshop 1.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Directory traversal vulnerability in OWLS 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) file parameter in index.php, (2) editfile in glossary.php, or (3) editfile in newmultiplechoice.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description Fool's Workshop Owl's Workshop 1.0 multiplechoice/index.php Arbitrary File Access. CVE-2004-0302. Webapps exploit for php platform id EDB-ID:23722 last seen 2016-02-02 modified 2004-02-18 published 2004-02-18 reporter G00db0y source https://www.exploit-db.com/download/23722/ title Fool's Workshop Owl's Workshop 1.0 - multiplechoice/index.php Arbitrary File Access description Fool's Workshop Owl's Workshop 1.0 newmultiplechoice.php Arbitrary File Access&. CVE-2004-0302. Webapps exploit for php platform id EDB-ID:23724 last seen 2016-02-02 modified 2004-02-18 published 2004-02-18 reporter G00db0y source https://www.exploit-db.com/download/23724/ title Fool's Workshop Owl's Workshop 1.0 newmultiplechoice.php Arbitrary File Access description Fool's Workshop Owl's Workshop 1.0 glossary.php Arbitrary File Access. CVE-2004-0302. Webapps exploit for php platform id EDB-ID:23723 last seen 2016-02-02 modified 2004-02-18 published 2004-02-18 reporter G00db0y source https://www.exploit-db.com/download/23723/ title Fool's Workshop Owl's Workshop 1.0 glossary.php Arbitrary File Access