CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2001-0555

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0750%
EPSS Percentile23.87th
Published2001年8月14日
Last Modified2026年4月16日

Vulnerability Description

ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attacker to read world-readable files via a .. (dot dot) attack through (1) the SITEWare Editor's Desktop or (2) the template parameter in SWEditServlet.

Affected Platforms (CPE)

📦
Screaming Media

Siteware

<= 3.1

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2001-06/0165.html
🔗 http://archives.neohapsis.com/archives/bugtraq/2001-06/0166.html
🔗 http://www.kb.cert.org/vuls/id/795707
🔗 http://www.osvdb.org/13887
🔗 http://www.securityfocus.com/bid/2869
🔗 http://www01.screamingmedia.com/en/security/sms1001.php
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/6689
🔗 http://archives.neohapsis.com/archives/bugtraq/2001-06/0165.html

相關漏洞威脅

CVE-2007-00537.5

SQL injection vulnerability in detail.asp in ASP SiteWare autoDealer 2.0 and earlier allows remote attackers to execute arbitrary ...

CVE-2008-68747.5

Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 and 2 allow remote attackers to execute arbitrary SQL commands...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...