CVE-2001-1580Path Traversal in Scriptease Webserver

4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
4.1%
top 11.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nombas Scriptease WebserverNovell Netware
Timeline
PublishedDec 31
Latest updateApr 30

Description

Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDnombas/scriptease_webserver4.30b, 4.30d+1

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

3
GHSA
GHSA-65hm-ggmp-3f93: Directory traversal vulnerability in ScriptEase viewcode2022-04-30
CVEList
CVE-2001-1580: Directory traversal vulnerability in ScriptEase viewcode2005-08-05
VulnCheck
nombas scriptease_webserver Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')2001
CVE-2001-1580 — Path Traversal in Scriptease Webserver | cvebase