CyberSec.Space Logo
Back to CVE Browser

CVE-2001-1334

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.1070%
EPSS Percentile6.60th
PublishedMay 19, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with PHPSlash administrator privileges to read arbitrary files by creating a block and specifying the target file as the source URL.

Affected Platforms (CPE)

πŸ“¦
Phpslash

Phpslash

= 0.5.3.2
πŸ“¦
Phpslash

Phpslash

= 0.6.1

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2001-05/0126.html
πŸ”— http://marc.info/?l=phpslash&m=99029398904419&w=2
πŸ”— http://www.iss.net/security_center/static/9990.php
πŸ”— http://www.securityfocus.com/bid/2724
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2001-05/0126.html
πŸ”— http://marc.info/?l=phpslash&m=99029398904419&w=2
πŸ”— http://www.iss.net/security_center/static/9990.php
πŸ”— http://www.securityfocus.com/bid/2724

Related Vulnerabilities

CVE-2005-225710.0

The saveProfile function in PhpSlash 0.8.0 allows remote attackers to modify arbitrary profiles and gain privileges by modifying t...

CVE-2009-051710.0

Eval injection vulnerability in index.php in phpSlash 0.8.1.1 and earlier allows remote attackers to execute arbitrary PHP code vi...

CVE-2005-44797.5

SQL injection vulnerability in article.php in phpSlash 0.8.1 and earlier allows remote attackers to execute arbitrary SQL commands...

CVE-2001-067910.0

A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote attacker to execute arbitrary code by sending a long HELO co...