CyberSec.Space Logo
Back to CVE Browser

CVE-2001-0555

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0750%
EPSS Percentile23.87th
PublishedAug 14, 2001
Last ModifiedApr 16, 2026

Vulnerability Description

ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attacker to read world-readable files via a .. (dot dot) attack through (1) the SITEWare Editor's Desktop or (2) the template parameter in SWEditServlet.

Affected Platforms (CPE)

πŸ“¦
Screaming Media

Siteware

<= 3.1

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2001-06/0165.html
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2001-06/0166.html
πŸ”— http://www.kb.cert.org/vuls/id/795707
πŸ”— http://www.osvdb.org/13887
πŸ”— http://www.securityfocus.com/bid/2869
πŸ”— http://www01.screamingmedia.com/en/security/sms1001.php
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/6689
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2001-06/0165.html

Related Vulnerabilities

CVE-2007-00537.5

SQL injection vulnerability in detail.asp in ASP SiteWare autoDealer 2.0 and earlier allows remote attackers to execute arbitrary ...

CVE-2008-68747.5

Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 and 2 allow remote attackers to execute arbitrary SQL commands...

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...