Vulnerabilities > CVE-2004-2132 - Directory Traversal vulnerability in PJ CGI Neo Review
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Directory traversal vulnerability in PJreview_Neo.cgi in PJ CGI Neo review allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | PJ CGI Neo Review Directory Traversal Vulnerability. CVE-2004-2132. Webapps exploit for cgi platform |
id | EDB-ID:23615 |
last seen | 2016-02-02 |
modified | 2004-01-29 |
published | 2004-01-29 |
reporter | Zone-h Security Team |
source | https://www.exploit-db.com/download/23615/ |
title | PJ CGI Neo Review Directory Traversal Vulnerability |
Nessus
NASL family | CGI abuses |
NASL id | PJREVIEW_NEO_FILE_READING.NASL |
description | The remote host is running PJreview_neo.cgi - a web-based software. There is a bug in this software which may allow an attacker to read arbitrary files on the remote web server with the privileges of the web user. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 12035 |
published | 2004-02-02 |
reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/12035 |
title | PJ CGI Neo PJreview_Neo.cgi p Parameter Traversal Arbitrary File Access |
code |
|