Vulnerability Details CVE-2002-1449
eUpload 1.0 stores the password.txt password file in plaintext under the web document root, which allows remote attackers to overwrite arbitrary files by reading password.txt.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0412.html
- http://www.iss.net/security_center/static/9733.php
- http://www.securityfocus.com/bid/5369
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0412.html
- http://www.iss.net/security_center/static/9733.php
- http://www.securityfocus.com/bid/5369
Products affected by CVE-2002-1449
-
cpe:2.3:a:frederic_tyndiuk:eupload:1.0