cbcvebase.
CVE-2002-1837
published 2002-12-31

CVE-2002-1837: The getAlbumToDisplay function in idsShared.pm for Image Display System (IDS) 0.81 allows remote attackers to determine the existence of arbitrary directories…

PriorityP420medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
2.94%
85.4th percentile
The getAlbumToDisplay function in idsShared.pm for Image Display System (IDS) 0.81 allows remote attackers to determine the existence of arbitrary directories via ".." sequences in the album parameter, which generates different error messages depending on whether the directory exists or not.

Affected

1 ranges
VendorProductVersion rangeFixed in
idsids
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.