PT-2002-1733 · Unknown · Sendform.Cgi
Published
2002-08-12
·
Updated
2016-10-18
·
CVE-2002-0710
CVSS v2.0
6.4
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
sendform.cgi versions 1.44 and earlier
Description
A directory traversal issue allows remote attackers to read arbitrary files by specifying the desired files in the
BlurbFilePath parameter.Recommendations
For versions 1.44 and earlier, consider restricting access to the
sendform.cgi script until a patch is available. As a temporary workaround, avoid using the BlurbFilePath parameter in the affected script to minimize the risk of exploitation.Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Sendform.Cgi