Directory Traversal Vulnerability in Randy Parker Power Up HTML 0.8033beta's r.pl (aka r.cgi) Allows Remote File Read and Possible Code Execution

Directory Traversal Vulnerability in Randy Parker Power Up HTML 0.8033beta's r.pl (aka r.cgi) Allows Remote File Read and Possible Code Execution

CVE-2001-1138 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Directory traversal vulnerability in r.pl (aka r.cgi) of Randy Parker Power Up HTML 0.8033beta allows remote attackers to read arbitrary files and possibly execute arbitrary code via a .. (dot dot) in the FILE parameter.

Learn more about our Web Application Penetration Testing UK.