Vulnerability Details CVE-2004-1548
Directory traversal vulnerability in the file server in ActivePost Standard 3.1 allows remote authenticated users to upload arbitrary files via a .. (dot dot) in the filename.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.024
EPSS Ranking 84.3%
CVSS Severity
CVSS v2 Score 5.0
References
- http://aluigi.altervista.org/adv/actp-adv.txt
- http://marc.info/?l=bugtraq&m=109597139011373&w=2
- http://secunia.com/advisories/12642/
- http://securitytracker.com/id?1011406
- http://www.securityfocus.com/bid/11244
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17488
- http://aluigi.altervista.org/adv/actp-adv.txt
- http://marc.info/?l=bugtraq&m=109597139011373&w=2
- http://secunia.com/advisories/12642/
- http://securitytracker.com/id?1011406
- http://www.securityfocus.com/bid/11244
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17488
Products affected by CVE-2004-1548
-
cpe:2.3:a:onnuri_infotek:activepost_standard:3.1