CVE Vulnerabilities

CVE-2001-1334

Published: May 19, 2002 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with PHPSlash administrator privileges to read arbitrary files by creating a block and specifying the target file as the source URL.

Affected Software

Name Vendor Start Version End Version
Phpslash Phpslash 0.5.3.2 0.5.3.2
Phpslash Phpslash 0.6.1 0.6.1

References