CyberSec.Space Logo
CVEブラウザに戻る

CVE-2002-1058

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1810%
EPSS Percentile11.46th
Published2002年10月4日
Last Modified2026年4月16日

Vulnerability Description

Directory traversal vulnerability in splashAdmin.php for Cobalt Qube 3.0 allows local users and remote attackers, to gain privileges as the Qube Admin via .. (dot dot) sequences in the sessionId cookie that point to an alternate session file.

Affected Platforms (CPE)

📦
Cobalt

Qube

= 3.0

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2002-07/0261.html
🔗 http://www.iss.net/security_center/static/9669.php
🔗 http://www.securityfocus.com/bid/5297
🔗 http://archives.neohapsis.com/archives/bugtraq/2002-07/0261.html
🔗 http://www.iss.net/security_center/static/9669.php
🔗 http://www.securityfocus.com/bid/5297

関連する脆弱性情報

CVE-2017-167149.8

In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in plaintext in a file that is accessib...

CVE-2017-140267.5

In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users whi...

CVE-2021-369137.5

Unauthenticated Options Change and Content Injection vulnerability in Qube One Redirection for Contact Form 7 plugin <= 2.4.0 at W...

CVE-2021-249167.5

The Qubely WordPress plugin before 1.8.6 allows unauthenticated user to send arbitrary e-mails to arbitrary addresses via the qube...