Scott Parish: Security Vulnerabilities
Directory traversal vulnerability in chuid 1.2 and earlier allows remote attackers to change the ownership of files outside of the upload directory via a .. (dot dot) attack.
CVSS Score
7.5
EPSS Score
0.008
Published
2002-03-25
chuid 1.2 and earlier does not properly verify the ownership of files that will be changed, which allows remote attackers to change files owned by other users, such as root.
CVSS Score
7.5
EPSS Score
0.007
Published
2002-03-25