Vulnerability Description
Multiple directory traversal vulnerabilities in siteman.php3 in AnyPortal(php) 12 MAY 00 allow remote attackers to (1) create, (2) delete, (3) save, and (4) upload files by navigating to the root directory and entering a filename beginning with "./.." (dot slash dot dot).
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Anyportal Php | Anyportal Php | 0.1 |
References
- http://nger.org/anyportal/forum/read.php?f=1&i=152&t=152#reply_152Exploit
- http://secunia.com/advisories/19359Vendor Advisory
- http://www.osvdb.org/23984Exploit
- http://www.securityfocus.com/bid/17197
- http://www.vupen.com/english/advisories/2006/1053
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25396
- http://nger.org/anyportal/forum/read.php?f=1&i=152&t=152#reply_152Exploit
- http://secunia.com/advisories/19359Vendor Advisory
- http://www.osvdb.org/23984Exploit
- http://www.securityfocus.com/bid/17197
- http://www.vupen.com/english/advisories/2006/1053
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25396
FAQ
What is CVE-2003-1298?
CVE-2003-1298 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Multiple directory traversal vulnerabilities in siteman.php3 in AnyPortal(php) 12 MAY 00 allow remote attackers to (1) create, (2) delete, (3) save, and (4) upload files by navigating to the root dire...
How severe is CVE-2003-1298?
CVE-2003-1298 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-1298?
Check the references section above for vendor advisories and patch information. Affected products include: Anyportal Php Anyportal Php.