Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1334

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2001-1334
Last Modified 10 Sep 2008 03:10:18
Published 19 May 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1334

Summary

Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with PHPSlash administrator privileges to read arbitrary files by creating a block and specifying the target file as the source URL.

Vulnerable Systems

Application

  • Phpslash 0.5.3.2

  • Phpslash 0.6.1


References

CONFIRM - http://marc.theaimsgroup.com/?l=phpslash&m=99029398904419&w=2

BID - 2724

XF - phpslash-block-read-files(9990)

BUGTRAQ - 20010515 PHPSlash : potential vulnerability in URL blocks


Last Updated: 27 May 2016 10:36:38