Directory Traversal Vulnerability in easyNews 1.5 and Earlier: Remote File Modification

Directory Traversal Vulnerability in easyNews 1.5 and Earlier: Remote File Modification

CVE-2001-1525 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote attackers to modify news.dat, template.dat and possibly other files via a ".." in the cid parameter.

Learn more about our Web Application Penetration Testing UK.